CVE-2019-11811

CVSS v3.1 7 (High)

CVSS v2.0 6.9 (Medium)

EPSS 0.08 % (34^th)

Affected Products 9

Advisories 9

An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.

Weaknesses

CWE-416: Use After Free

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2019-05-07 14:29:00
(5 years ago)
Updated Date: 2023-08-11 19:54:26
(13 months ago)

Affected Products

Linux

Linux Kernel

Opensuse

Leap

Redhat

Configuration #1

		CPE23	From	Up To
	Linux Kernel from 4.18 version and prior 4.19.31 version	cpe:2.3:o:linux:linux_kernel	>= 4.18	< 4.19.31
	Linux Kernel from 4.20 version and prior 5.0.4 version	cpe:2.3:o:linux:linux_kernel	>= 4.20	< 5.0.4

Configuration #2

		CPE23	From	Up To
	Opensuse Leap 15.1	cpe:2.3:o:opensuse:leap:15.1
	Redhat Enterprise Linux 7.0	cpe:2.3:o:redhat:enterprise_linux:7.0
	Redhat Enterprise Linux Aus 7.6	cpe:2.3:o:redhat:enterprise_linux_aus:7.6
	Redhat Enterprise Linux Desktop 7.0	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
	Redhat Enterprise Linux Server 7.0	cpe:2.3:o:redhat:enterprise_linux_server:7.0
	Redhat Enterprise Linux Server Aus 7.4	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4
	Redhat Enterprise Linux Server Tus 7.4	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4
	Redhat Enterprise Linux Server Tus 7.6	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
	Redhat Enterprise Linux Workstation 7.0	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0