Vulnerability Details : CVE-2019-11599
Potential exploit
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c.
Vulnerability category: Denial of service
Products affected by CVE-2019-11599
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-11599
0.12%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 47 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-11599
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.9
|
MEDIUM | AV:L/AC:M/Au:N/C:C/I:C/A:C |
3.4
|
10.0
|
NIST | |
7.0
|
HIGH | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST | |
7.0
|
HIGH | CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.0
|
5.9
|
NIST | 2024-02-15 |
CWE ids for CVE-2019-11599
-
The product does not properly acquire or release a lock on a resource, leading to unexpected resource state changes and behaviors.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-11599
-
http://www.openwall.com/lists/oss-security/2019/04/29/2
oss-security - Re: Linux kernel: multiple issuesMailing List;Third Party Advisory
-
https://seclists.org/bugtraq/2019/Jul/33
Bugtraq: [slackware-security] Slackware 14.2 kernel (SSA:2019-202-01)Mailing List;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0543
RHSA-2020:0543 - Security Advisory - Red Hat Customer PortalThird Party Advisory;VDB Entry
-
https://usn.ubuntu.com/4118-1/
USN-4118-1: Linux kernel (AWS) vulnerabilities | Ubuntu security noticesThird Party Advisory;VDB Entry
-
https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html
[SECURITY] [DLA 1824-1] linux-4.9 security updateBroken Link
-
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10
Mailing List;Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2019:3517
RHSA-2019:3517 - Security Advisory - Red Hat Customer PortalThird Party Advisory;VDB Entry
-
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.37
Mailing List;Vendor Advisory
-
https://seclists.org/bugtraq/2019/Jun/26
Bugtraq: [SECURITY] [DSA 4465-1] linux security updateMailing List;Third Party Advisory
-
https://github.com/torvalds/linux/commit/04f5866e41fb70690e28397487d8bd8eea7d712a
coredump: fix race condition between mmget_not_zero()/get_task_mm() a… · torvalds/linux@04f5866 · GitHubPatch;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0100
RHSA-2020:0100 - Security Advisory - Red Hat Customer PortalThird Party Advisory;VDB Entry
-
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114
Mailing List;Vendor Advisory
-
https://usn.ubuntu.com/4095-1/
USN-4095-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory;VDB Entry
-
https://support.f5.com/csp/article/K51674118
Third Party Advisory
-
https://security.netapp.com/advisory/ntap-20200608-0001/
May 2020 Linux Kernel Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/108113
Linux Kernel CVE-2019-11599 Local Race Condition VulnerabilityThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html
[security-announce] openSUSE-SU-2019:1757-1: important: Security updateThird Party Advisory;VDB Entry
-
https://security.netapp.com/advisory/ntap-20190517-0002/
May 7th 2019 Linux Kernel Vulnerabilities in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://www.debian.org/security/2019/dsa-4465
Debian -- Security Information -- DSA-4465-1 linuxThird Party Advisory
-
https://www.oracle.com/security-alerts/cpuApr2021.html
Oracle Critical Patch Update Advisory - April 2021Third Party Advisory
-
https://www.exploit-db.com/exploits/46781/
Linux - Missing Locking Between ELF coredump code and userfaultfd VMA ModificationExploit;Third Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
Slackware Security Advisory - Slackware 14.2 kernel Updates ≈ Packet StormThird Party Advisory;VDB Entry
-
https://support.f5.com/csp/article/K51674118?utm_source=f5support&utm_medium=RSS
-
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html
[security-announce] openSUSE-SU-2019:1716-1: important: Security updateThird Party Advisory;VDB Entry
-
http://www.openwall.com/lists/oss-security/2019/04/29/1
oss-security - Linux kernel: multiple issuesMailing List;Third Party Advisory
-
https://support.f5.com/csp/article/K51674118?utm_source=f5support&%3Butm_medium=RSS
Article DetailThird Party Advisory
-
https://usn.ubuntu.com/4115-1/
USN-4115-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/152663/Linux-Missing-Lockdown.html
Linux Missing Lockdown ≈ Packet StormExploit;Third Party Advisory;VDB Entry
-
https://access.redhat.com/errata/RHSA-2019:2029
RHSA-2019:2029 - Security Advisory - Red Hat Customer PortalThird Party Advisory;VDB Entry
-
https://access.redhat.com/errata/RHSA-2020:0179
RHSA-2020:0179 - Security Advisory - Red Hat Customer PortalThird Party Advisory;VDB Entry
-
https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html
[SECURITY] [DLA 1799-2] linux security updateThird Party Advisory
-
https://usn.ubuntu.com/4069-2/
USN-4069-2: Linux kernel (HWE) vulnerabilities | Ubuntu security noticesThird Party Advisory;VDB Entry
-
https://access.redhat.com/errata/RHSA-2019:3309
RHSA-2019:3309 - Security Advisory - Red Hat Customer PortalThird Party Advisory;VDB Entry
-
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=04f5866e41fb70690e28397487d8bd8eea7d712a
kernel/git/torvalds/linux.git - Linux kernel source treeMailing List;Patch;Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2020:0103
RHSA-2020:0103 - Security Advisory - Red Hat Customer PortalThird Party Advisory;VDB Entry
-
http://www.openwall.com/lists/oss-security/2019/04/30/1
oss-security - Re: Linux kernel: multiple issuesMailing List;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:2043
RHSA-2019:2043 - Security Advisory - Red Hat Customer PortalThird Party Advisory;VDB Entry
-
https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html
[SECURITY] [DLA 1799-1] linux security updateExploit
-
https://bugs.chromium.org/p/project-zero/issues/detail?id=1790
1790 - Linux: missing locking between ELF coredump code and userfaultfd VMA modification - project-zero - MonorailMailing List;Exploit;Third Party Advisory
-
https://usn.ubuntu.com/4069-1/
USN-4069-1: Linux kernel vulnerabilities | Ubuntu security noticesThird Party Advisory
Jump to