CVE-2019-5023

Name of the Vulnerable Software and Affected Versions PaX versions pax-linux-4.9.8-test1 through 4.9.24-test7 grsecurity official versions grsecurity-3.1-4.9.8-201702060653 through grsecurity-3.1-4.9.24-201704252333 grsecurity unofficial versions v4.9.25-unofficialgrsec through v4.9.74-unofficialgrsec

Description A memory leakage issue exists in the grsecurity PaX patch due to the read kmem function not freeing a temp buffer when an invalid address is supplied. This can lead to a system crash. An attacker can exploit this by inducing a read to /dev/kmem using an invalid address.

Recommendations For PaX versions pax-linux-4.9.8-test1 through 4.9.24-test7, consider disabling the read kmem function to prevent exploitation until a patch is available. For grsecurity official versions grsecurity-3.1-4.9.8-201702060653 through grsecurity-3.1-4.9.24-201704252333, restrict access to /dev/kmem to minimize the risk of exploitation. For grsecurity unofficial versions v4.9.25-unofficialgrsec through v4.9.74-unofficialgrsec, avoid using invalid addresses with the read kmem function until the issue is resolved.