PT-2019-4662 · Linux+4 · Linux Kernel+4

Tristan Madani

Published

2019-11-06

Updated

2023-01-17

CVE-2019-19807

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.3.11

Description The issue is related to a use-after-free error in the Linux kernel, specifically in the sound/core/timer.c file. This error is caused by erroneous code refactoring and is associated with the snd timer open and snd timer close locked functions. The timeri variable was originally intended for a newly created timer instance but was used for a different purpose after refactoring. Exploitation of this issue may allow an attacker to elevate their privileges.

Recommendations For Linux kernel versions prior to 5.3.11, update to version 5.3.11 or later to resolve the issue. As a temporary workaround, consider restricting access to the snd timer open and snd timer close locked functions until a patch is available.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2019-3131

ALT-PU-2019-3155

ALT-PU-2019-3184

ALT-PU-2020-1421

ALT-PU-2020-1450

ALT-PU-2020-1714

BDU:2020-00854

CESA-2020_3010

CESA-2020_3016

CESA-2020_4060

CVE-2019-19807

RHSA-2020:3010

RHSA-2020:3016

RHSA-2020:3222

RHSA-2020:4060

RHSA-2020:4062

RHSA-2020_3010

RHSA-2020_3016

RHSA-2020_4060

RHSA-2020_4062

USN-4225-1

USN-4227-1

USN-4227-2

Affected Products

Alt Linux

Centos

Linux Kernel

Red Hat

Ubuntu

PT-2019-4662 · Linux+4 · Linux Kernel+4

CVE-2019-19807

Weakness Enumeration

Related Identifiers

Affected Products

References · 52