PT-2019-2625 · Linux+5 · Linux Kernel+5

Michael Ellerman

Publicado

2019-06-12

Atualizado

2022-04-18

CVE-2019-12817

CVSS v3.1

7.0

Alta

Vetor

AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.1.15 for powerpc

Description The issue is related to a bug in the arch/powerpc/mm/mmu context book3s64.c component of the Linux kernel for powerpc systems. This bug allows unrelated processes to potentially read or write to each other's virtual memory under certain conditions, specifically when an mmap operation is performed above 512 TB. The vulnerability is caused by a buffer overflow in memory, which can be exploited to access or damage the memory content of other processes in the system using the mmap function.

Recommendations For Linux kernel versions prior to 5.1.15 for powerpc, update to version 5.1.15 or later to resolve the issue. As a temporary workaround, consider restricting the use of the mmap function above 512 TB to minimize the risk of exploitation.

Correção

Memory Corruption

Buffer Overflow

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787CWE-119

Identificadores relacionados

ALT-PU-2019-2141

ALT-PU-2019-2200

ALT-PU-2019-2201

ALT-PU-2019-2314

ALT-PU-2020-1198

ALT-PU-2020-1501

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2019-02507

CESA-2019_2703

CVE-2019-12817

DSA-4495-1

MGASA-2019-0314

OPENSUSE-SU-2019:1757-1

OPENSUSE-SU-2019_1757-1

RHSA-2019:2703

RHSA-2019_2703

SUSE-SU-2019:1744-1

SUSE-SU-2019:1765-1

SUSE-SU-2019:1769-1

SUSE-SU-2019:2069-1

SUSE-SU-2019:2430-1

SUSE-SU-2019_1765-1

SUSE-SU-2019_1769-1

USN-4031-1

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2019-2625 · Linux+5 · Linux Kernel+5

CVE-2019-12817

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 639