PT-2019-3247 · Linux+4 · Linux Kernel+4

Published

2019-02-09

·

Updated

2023-08-11

·

CVE-2019-11811

CVSS v3.1

7.0

High

VectorAV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.0.4
Description The issue is related to a use-after-free error in the Linux kernel, specifically in the ipmi si module, which can be exploited to execute arbitrary code or cause a denial of service. This is due to the use of memory after it has been freed, which can be triggered by a specially crafted request. The vulnerable code is located in the drivers/char/ipmi/ipmi si intf.c, drivers/char/ipmi/ipmi si mem io.c, and drivers/char/ipmi/ipmi si port io.c files. The exploitation can occur when attempting to read access to /proc/ioports after the ipmi si module is removed.
Recommendations For Linux kernel versions prior to 5.0.4, update to version 5.0.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the /proc/ioports file to minimize the risk of exploitation. Additionally, avoid removing the ipmi si module while the system is in use, as this can trigger the use-after-free error.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2019-1506
ALT-PU-2019-1552
ALT-PU-2020-1198
ALT-PU-2020-1501
ALT-PU-2020-2410
ALT-PU-2020-2433
ALT-PU-2021-1870
BDU:2019-03237
CESA-2019_1873
CESA-2019_1959
CESA-2019_1971
CVE-2019-11811
OPENSUSE-SU-2019:1479-1
OPENSUSE-SU-2019_1479-1
RHSA-2019:1873
RHSA-2019:1891
RHSA-2019:1959
RHSA-2019:1971
RHSA-2019:4057
RHSA-2019:4058
RHSA-2019_1873
RHSA-2019_1891
RHSA-2019_1959
RHSA-2019_1971
RHSA-2020:0036
RHSA-2020:2854
SUSE-SU-2019:1550-1
SUSE-SU-2019:2430-1

Affected Products

Alt Linux
Centos
Linux Kernel
Red Hat
Suse