CVE-2019-11811

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.0.4

Description The issue is related to a use-after-free error in the Linux kernel, specifically in the ipmi si module, which can be exploited to execute arbitrary code or cause a denial of service. This is due to the use of memory after it has been freed, which can be triggered by a specially crafted request. The vulnerable code is located in the drivers/char/ipmi/ipmi si intf.c, drivers/char/ipmi/ipmi si mem io.c, and drivers/char/ipmi/ipmi si port io.c files. The exploitation can occur when attempting to read access to /proc/ioports after the ipmi si module is removed.

Recommendations For Linux kernel versions prior to 5.0.4, update to version 5.0.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the /proc/ioports file to minimize the risk of exploitation. Additionally, avoid removing the ipmi si module while the system is in use, as this can trigger the use-after-free error.