CVE-2019-13233

Published: Jul 4, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://bugs.chromium.org/p/project-zero/issues/detail?id=1879

x_refsource_MISC

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.9

x_refsource_MISC

https://github.com/torvalds/linux/commit/de9f869616dd95e95c00bdd6b0fcd3421e8a4323

x_refsource_MISC

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de9f869616dd95e95c00bdd6b0fcd3421e8a4323

x_refsource_MISC

openSUSE-SU-2019:1757

vendor-advisory

x_refsource_SUSE

https://security.netapp.com/advisory/ntap-20190806-0001/

x_refsource_CONFIRM

DSA-4495

vendor-advisory

x_refsource_DEBIAN

20190812 [SECURITY] [DSA 4495-1] linux security update

mailing-list

x_refsource_BUGTRAQ

USN-4093-1

vendor-advisory

x_refsource_UBUNTU

USN-4094-1

vendor-advisory

x_refsource_UBUNTU

USN-4117-1

vendor-advisory

x_refsource_UBUNTU

USN-4118-1

vendor-advisory

x_refsource_UBUNTU

http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html

x_refsource_MISC

https://support.f5.com/csp/article/K13331647?utm_source=f5support&amp%3Butm_medium=RSS

x_refsource_CONFIRM

RHSA-2019:3309

vendor-advisory

x_refsource_REDHAT

RHSA-2019:3517

vendor-advisory

x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-13233

Description

Affected Products

References