PT-2019-11588 · Linux+1 · Linux Kernel+1

Hou Tao

Publicado

2019-01-29

Atualizado

2021-06-02

CVE-2019-10125

CVSS v2.0

Crítica

Vetor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Linux kernel versions through 5.0.4

Description: An issue was discovered in aio poll() in fs/aio.c. A file may be released by aio poll wake() if an expected event is triggered immediately, for example, by the close of a pair of pipes, after the return of vfs poll(), causing a use-after-free.

Recommendations: For Linux kernel versions through 5.0.4, update to a version later than 5.0.4 to resolve the issue. At the moment, there is no information about additional mitigation measures for this specific issue.

Exploit

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALT-PU-2019-1139

ALT-PU-2019-1363

ALT-PU-2019-1552

ALT-PU-2019-1710

ALT-PU-2019-1765

CVE-2019-10125

Produtos afetados

Alt Linux

Linux Kernel

PT-2019-11588 · Linux+1 · Linux Kernel+1

CVE-2019-10125

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 13