CVE-2019-16714

Published: Sep 23, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/torvalds/linux/commit/7d0a06586b2686ba80c4a2da5f91cb10ffbea736

x_refsource_MISC

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2.14

x_refsource_MISC

[oss-security] 20190924 CVE-2019-16714: info leak in RDS rds6_inc_info_copy

mailing-list

x_refsource_MLIST

[oss-security] 20190925 CVE-2019-16714: Linux kernel net/rds: info leak vulnerability in rds6_inc_info_copy

mailing-list

x_refsource_MLIST

https://support.f5.com/csp/article/K48351130?utm_source=f5support&amp%3Butm_medium=RSS

x_refsource_CONFIRM

USN-4157-1

vendor-advisory

x_refsource_UBUNTU

USN-4157-2

vendor-advisory

x_refsource_UBUNTU

https://security.netapp.com/advisory/ntap-20191031-0005/

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-16714

Description

Affected Products

References