CVE-2019-19396

Name of the Vulnerable Software and Affected Versions illumos versions prior to r151030y

Description The issue allows a kernel crash via an application with multiple threads calling sendmsg concurrently over a single socket. This is because uts/common/inet/ip/ip attr.c mishandles conn ixa dereferences.

Recommendations For versions prior to r151030y, update to r151030y or later to resolve the issue. As a temporary workaround, consider restricting concurrent sendmsg calls over a single socket to minimize the risk of exploitation.