Vulnerability Details : CVE-2019-5489
Potential exploit
The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.
Products affected by CVE-2019-5489
- cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*
- cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-5489
0.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 50 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-5489
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
2.1
|
LOW | AV:L/AC:L/Au:N/C:P/I:N/A:N |
3.9
|
2.9
|
NIST | |
|
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |
1.8
|
3.6
|
NIST |
CWE ids for CVE-2019-5489
-
The product transmits sensitive or security-critical data in cleartext in a communication channel that can be sniffed by unauthorized actors.Assigned by: nvd@nist.gov (Primary)
References for CVE-2019-5489
-
https://access.redhat.com/errata/RHSA-2019:4057
RHSA-2019:4057 - Security Advisory - Red Hat Customer Portal
-
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-pagecache-en
Security Advisory - Page-Cache Side-Channel Vulnerability
-
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html
[security-announce] openSUSE-SU-2019:1570-1: important: Security update
-
https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html
[SECURITY] [DLA 1824-1] linux-4.9 security update
-
https://www.oracle.com/security-alerts/cpujul2020.html
Oracle Critical Patch Update Advisory - July 2020
-
https://access.redhat.com/errata/RHSA-2019:3517
RHSA-2019:3517 - Security Advisory - Red Hat Customer Portal
-
https://seclists.org/bugtraq/2019/Jun/26
Bugtraq: [SECURITY] [DSA 4465-1] linux security update
-
https://access.redhat.com/errata/RHSA-2019:2809
RHSA-2019:2809 - Security Advisory - Red Hat Customer Portal
-
https://arxiv.org/abs/1901.01161
[1901.01161] Page Cache AttacksThird Party Advisory
-
https://bugzilla.suse.com/show_bug.cgi?id=1120843
Bug 1120843 – VUL-0: CVE-2019-5489: kernel-source: new pagecache side-channel attackIssue Tracking;Patch;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:3967
RHSA-2019:3967 - Security Advisory - Red Hat Customer Portal
-
http://www.securityfocus.com/bid/106478
Linux Kernel 'mm/mincore.c' Local Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
-
https://www.debian.org/security/2019/dsa-4465
Debian -- Security Information -- DSA-4465-1 linux
-
https://access.redhat.com/errata/RHSA-2019:2808
RHSA-2019:2808 - Security Advisory - Red Hat Customer Portal
-
https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html
[SECURITY] [DLA 1823-1] linux security update
-
https://access.redhat.com/errata/RHSA-2019:2473
RHSA-2019:2473 - Security Advisory - Red Hat Customer Portal
-
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html
[security-announce] openSUSE-SU-2019:1479-1: important: Security update
-
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html
[security-announce] openSUSE-SU-2019:1579-1: important: Security update
-
https://access.redhat.com/errata/RHSA-2019:2837
RHSA-2019:2837 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:4056
RHSA-2019:4056 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:2029
RHSA-2019:2029 - Security Advisory - Red Hat Customer Portal
-
https://security.netapp.com/advisory/ntap-20190307-0001/
CVE-2019-5489 Linux Kernel Vulnerability in NetApp Products | NetApp Product SecurityThird Party Advisory
-
https://access.redhat.com/errata/RHSA-2019:3309
RHSA-2019:3309 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:4255
RHSA-2019:4255 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:4159
RHSA-2019:4159 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:4058
RHSA-2019:4058 - Security Advisory - Red Hat Customer Portal
-
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e
kernel/git/torvalds/linux.git - Linux kernel source treePatch;Vendor Advisory
-
https://access.redhat.com/errata/RHSA-2019:4164
RHSA-2019:4164 - Security Advisory - Red Hat Customer Portal
-
https://access.redhat.com/errata/RHSA-2019:2043
RHSA-2019:2043 - Security Advisory - Red Hat Customer Portal
-
https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e
Change mincore() to count "mapped" pages rather than "cached" pages · torvalds/linux@574823b · GitHubPatch;Third Party Advisory
-
https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/
New side-channel leak: Boffins bash operating system page caches until they spill secrets • The RegisterTechnical Description;Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2020:0204
RHSA-2020:0204 - Security Advisory - Red Hat Customer Portal
Jump to