PT-2019-4875 · Linux+4 · Linux Kernel+4

Publicado

2019-04-16

Atualizado

2021-05-28

CVE-2019-15920

CVSS v3.1

4.3

Média

Vetor

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.0.11

Description An issue in the Linux kernel is related to a use-after-free in the SMB2 read function, located in fs/cifs/smb2pdu.c. This issue can potentially allow an attacker to impact the confidentiality, integrity, and availability of protected information.

Recommendations For Linux kernel versions prior to 5.0.11, update to version 5.0.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the SMB2 read function until a patch is available.

Exploit

Correção

Use After Free

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-416

Identificadores relacionados

ALT-PU-2019-1762

ALT-PU-2019-1767

ALT-PU-2020-1198

ALT-PU-2020-1501

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2020-01463

CESA-2019_3517

CVE-2019-15920

OPENSUSE-SU-2019:2173-1

OPENSUSE-SU-2019:2181-1

OPENSUSE-SU-2019_2173-1

OPENSUSE-SU-2019_2181-1

RHSA-2019:3517

RHSA-2019_3517

SUSE-SU-2019:2412-1

SUSE-SU-2019:2414-1

SUSE-SU-2019:2424-1

SUSE-SU-2019:2648-1

SUSE-SU-2019:2651-1

SUSE-SU-2019:2658-1

SUSE-SU-2019:2738-1

SUSE-SU-2019:2756-1

Produtos afetados

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2019-4875 · Linux+4 · Linux Kernel+4

CVE-2019-15920

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 553