CVE-2019-15902
CVSS v3.1
5.6 (Medium)
CVSS v2.0
4.7 (Medium)
EPSS
0.05 % (19th)
Affected Products
7
Advisories
21
A backporting error was discovered in the Linux stable/longterm kernel 4.4.x through 4.4.190, 4.9.x through 4.9.190, 4.14.x through 4.14.141, 4.19.x through 4.19.69, and 5.2.x through 5.2.11. Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate. This occurred because the backport process depends on cherry picking specific commits, and because two (correctly ordered) code lines were swapped.
Weaknesses
- CWE-200
- Exposure of Sensitive Information to an Unauthorized Actor
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2019-09-04 06:15:10
(5 years ago) - Updated Date
-
2019-10-17 04:15:12
(4 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
AND |
|
---|
Configuration #2
AND |
|
---|
Configuration #3
AND |
|
---|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...