A race condition was found between mmget_not_zero()/get_task_mm() when core dumping tasks. A local attacker is able to exploit race condition where locking of semaphore would allow an attacker to leak kernel memory to userspace.

References

bugzilla.redhat.com/show_bug.cgi?id=1696015

nvd.nist.gov/vuln/detail/CVE-2019-3892

www.cve.org/CVERecord?id=CVE-2019-3892

cve 3

f5 2

nessus 71

debiancve 2

veracode 2

prion 2

redhatcve 2

ubuntucve 2

ibm 4

packetstorm 1

zdt 1

slackware 1

redhat 12

amazon 2

openvas 20

ubuntu 6

mageia 3

photon 6

centos 3

suse 2

cloudfoundry 3

osv 3

debian 5

oraclelinux 3

androidsecurity 1

lenovo 1

oracle 1

cve

CVE-2019-3892

2019-04-30 07:15:00

CVE-2019-11599

2019-04-29 18:29:00

CVE-2019-14898

2020-05-08 14:15:00

K51674118 : Linux kernel vulnerability CVE-2019-11599

2019-07-15 00:00:00

K50315101 : Linux kernel vulnerability CVE-2019-14898

2020-07-06 00:00:00

nessus

Photon OS 1.0: Linux PHSA-2019-1.0-0235

2019-05-28 00:00:00

F5 Networks BIG-IP : Linux kernel vulnerability (K51674118)

2021-06-10 00:00:00

Slackware 14.2 : Slackware 14.2 kernel (SSA:2019-202-01)

2019-07-22 00:00:00

debiancve

CVE-2019-11599

2019-04-29 18:29:00

CVE-2019-14898

2020-05-08 14:15:00

veracode

Denial Of Service (DoS)

2019-08-08 00:07:20

Denial Of Service (DoS)

2020-02-07 00:25:27

prion

Race condition

2019-04-29 18:29:00

Race condition

2020-05-08 14:15:00

redhatcve

CVE-2019-11599

2020-04-04 23:09:31

CVE-2019-14898

2021-10-13 17:07:29

ubuntucve

CVE-2019-11599

2019-04-29 00:00:00

CVE-2019-14898

2020-05-08 00:00:00

ibm

Security Bulletin: IBM Security Guardium is affected by a kernel vulnerability

2020-10-07 16:05:48

Security Bulletin: WebSphere Cast Iron and App Connect Professional are affected by vulnerabilities in Pacemaker, ImageMagick, gd-libgd, libxslt, cURL libcurl , Ghostscript.

2022-02-21 04:39:05

Security Bulletin: Vyatta 5600 vRouter Software Patches - Release 1801-za

2019-07-25 15:25:01

packetstorm

Linux Missing Lockdown

2019-04-29 00:00:00

zdt

Linux Missing Lockdown Exploit

2019-04-30 00:00:00

slackware

[slackware-security] Slackware 14.2 kernel

2019-07-22 04:08:19

redhat

(RHSA-2020:0179) Moderate: kernel security and bug fix update

2020-01-21 15:14:53

(RHSA-2020:0100) Important: kernel-rt security and bug fix update

2020-01-14 07:45:36

(RHSA-2020:0103) Important: kernel security and bug fix update

2020-01-14 10:21:15

amazon

Important: kernel

2019-07-18 17:16:00

Important: kernel

2019-07-17 23:18:00

openvas

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1612)

2020-01-23 00:00:00

Ubuntu Update for linux USN-4069-1

2019-07-24 00:00:00

Ubuntu Update for linux-hwe USN-4069-2

2019-08-02 00:00:00

ubuntu

Linux kernel (HWE) vulnerabilities

2019-08-01 00:00:00

Linux kernel vulnerabilities

2019-07-23 00:00:00

Linux kernel vulnerabilities

2019-08-13 00:00:00

mageia

Updated kernel packages fixes security vulnerabilities

2019-05-12 23:58:05

Updated kernel-linus packages fixes security vulnerabilities

2019-05-16 11:25:22

Updated kernel-tmb packages fixes security vulnerabilities

2019-05-16 11:25:22

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-1.0-0235

2019-05-23 00:00:00

Important Photon OS Security Update - PHSA-2019-0235

2019-05-23 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0160

2019-05-23 00:00:00

centos

bpftool, kernel, perf, python security update

2020-02-06 00:10:13

bpftool, kernel, perf, python security update

2020-02-26 17:10:16

bpftool, kernel, perf, python security update

2019-09-10 16:26:50

suse

Security update for the Linux Kernel (important)

2019-07-19 00:00:00

Security update for the Linux Kernel (important)

2019-07-20 00:00:00

cloudfoundry

USN-4095-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

2019-08-29 00:00:00

USN-4115-1: Linux kernel vulnerabilities | Cloud Foundry

2019-09-30 00:00:00

USN-4115-2: Linux kernel regression | Cloud Foundry

2019-09-30 00:00:00

osv

linux - security update

2019-06-17 00:00:00

linux-4.9 - security update

2019-06-17 00:00:00

linux - security update

2019-05-23 00:00:00

debian

[SECURITY] [DSA 4465-1] linux security update

2019-06-17 18:00:31

[SECURITY] [DSA 4465-1] linux security update

2019-06-17 18:00:31

[SECURITY] [DLA 1824-1] linux-4.9 security update

2019-06-18 10:23:55

oraclelinux

Unbreakable Enterprise kernel security update

2020-06-09 00:00:00

kernel security, bug fix, and enhancement update

2019-11-14 00:00:00

kernel security, bug fix, and enhancement update

2019-08-13 00:00:00

androidsecurity

Android Security Bulletin—February 2020

2020-02-03 00:00:00

lenovo

AMI MegaRAC SP-X BMC Vulnerabilities - Lenovo Support US

2020-04-13 19:22:04

oracle

Oracle Critical Patch Update Advisory - April 2021

2021-04-20 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

6.9 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:L/AC:M/Au:N/C:C/I:C/A:C

0.0004 Low

EPSS

Percentile

0.4%

JSON

Related for RH:CVE-2019-3892