CVE-2019-6974

CVSS v3.1 8.1 (High)

CVSS v2.0 6.8 (Medium)

EPSS 4.43 % (93^th)

Affected Products 24

Advisories 63

In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.

Weaknesses

CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CWE-416: Use After Free

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2019-02-15 15:29:00
(5 years ago)
Updated Date: 2023-11-07 03:13:16
(10 months ago)

Affected Products

Canonical

Ubuntu Linux

Debian

Debian Linux

F5

Linux

Linux Kernel

Redhat

Configuration #1

	CPE23	From	Up To
Linux Kernel from 3.10 version and prior 3.16.64 version	cpe:2.3:o:linux:linux_kernel	>= 3.10	< 3.16.64
Linux Kernel from 3.17 version and prior 3.18.136 version	cpe:2.3:o:linux:linux_kernel	>= 3.17	< 3.18.136
Linux Kernel from 3.19 version and prior 4.4.176 version	cpe:2.3:o:linux:linux_kernel	>= 3.19	< 4.4.176
Linux Kernel from 4.5 version and prior 4.9.156 version	cpe:2.3:o:linux:linux_kernel	>= 4.5	< 4.9.156
Linux Kernel from 4.10 version and prior 4.14.99 version	cpe:2.3:o:linux:linux_kernel	>= 4.10	< 4.14.99
Linux Kernel from 4.15 version and prior 4.19.21 version	cpe:2.3:o:linux:linux_kernel	>= 4.15	< 4.19.21
Linux Kernel from 4.20 version and prior 4.20.8 version	cpe:2.3:o:linux:linux_kernel	>= 4.20	< 4.20.8

Configuration #2

		CPE23	From	Up To
	Debian Linux 8.0	cpe:2.3:o:debian:debian_linux:8.0

Configuration #3

		CPE23	From	Up To
	Canonical Ubuntu Linux 12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04:::*:esm
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:lts
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:lts
	Canonical Ubuntu Linux 18.04	cpe:2.3:o:canonical:ubuntu_linux:18.04:::*:lts
	Canonical Ubuntu Linux 18.10	cpe:2.3:o:canonical:ubuntu_linux:18.10

Configuration #4

	CPE23	From	Up To
F5 Big-ip Access Policy Manager from 13.0.0 version and 13.1.1 and prior versions	cpe:2.3:a:f5:big-ip_access_policy_manager	>= 13.0.0	<= 13.1.1
F5 Big-ip Access Policy Manager from 14.0.0 version and 14.1.0 and prior versions	cpe:2.3:a:f5:big-ip_access_policy_manager	>= 14.0.0	<= 14.1.0
F5 Big-ip Access Policy Manager from 15.0.0 version and prior 15.1.0 version	cpe:2.3:a:f5:big-ip_access_policy_manager	>= 15.0.0	< 15.1.0
F5 Big-ip Advanced Firewall Manager from 13.0.0 version and 13.1.1 and prior versions	cpe:2.3:a:f5:big-ip_advanced_firewall_manager	>= 13.0.0	<= 13.1.1
F5 Big-ip Advanced Firewall Manager from 14.0.0 version and 14.1.0 and prior versions	cpe:2.3:a:f5:big-ip_advanced_firewall_manager	>= 14.0.0	<= 14.1.0
F5 Big-ip Advanced Firewall Manager from 15.0.0 version and prior 15.1.0 version	cpe:2.3:a:f5:big-ip_advanced_firewall_manager	>= 15.0.0	< 15.1.0
F5 Big-ip Analytics from 13.0.0 version and 13.1.1 and prior versions	cpe:2.3:a:f5:big-ip_analytics	>= 13.0.0	<= 13.1.1
F5 Big-ip Analytics from 14.0.0 version and 14.1.0 and prior versions	cpe:2.3:a:f5:big-ip_analytics	>= 14.0.0	<= 14.1.0
F5 Big-ip Analytics from 15.0.0 version and prior 15.1.0 version	cpe:2.3:a:f5:big-ip_analytics	>= 15.0.0	< 15.1.0
F5 Big-ip Application Acceleration Manager from 13.0.0 version and 13.1.1 and prior versions	cpe:2.3:a:f5:big-ip_application_acceleration_manager	>= 13.0.0	<= 13.1.1
F5 Big-ip Application Acceleration Manager from 14.0.0 version and 14.1.0 and prior versions	cpe:2.3:a:f5:big-ip_application_acceleration_manager	>= 14.0.0	<= 14.1.0
F5 Big-ip Application Acceleration Manager from 15.0.0 version and prior 15.1.0 version	cpe:2.3:a:f5:big-ip_application_acceleration_manager	>= 15.0.0	< 15.1.0
F5 Big-ip Application Security Manager from 13.0.0 version and 13.1.1 and prior versions	cpe:2.3:a:f5:big-ip_application_security_manager	>= 13.0.0	<= 13.1.1
F5 Big-ip Application Security Manager from 14.0.0 version and 14.1.0 and prior versions	cpe:2.3:a:f5:big-ip_application_security_manager	>= 14.0.0	<= 14.1.0
F5 Big-ip Application Security Manager from 15.0.0 version and prior 15.1.0 version	cpe:2.3:a:f5:big-ip_application_security_manager	>= 15.0.0	< 15.1.0
F5 Big-ip Edge Gateway from 13.0.0 version and 13.1.1 and prior versions	cpe:2.3:a:f5:big-ip_edge_gateway	>= 13.0.0	<= 13.1.1
F5 Big-ip Edge Gateway from 14.0.0 version and 14.1.0 and prior versions	cpe:2.3:a:f5:big-ip_edge_gateway	>= 14.0.0	<= 14.1.0
F5 Big-ip Edge Gateway from 15.0.0 version and prior 15.1.0 version	cpe:2.3:a:f5:big-ip_edge_gateway	>= 15.0.0	< 15.1.0
F5 Big-ip Fraud Protection Service from 13.0.0 version and 13.1.1 and prior versions	cpe:2.3:a:f5:big-ip_fraud_protection_service	>= 13.0.0	<= 13.1.1
F5 Big-ip Fraud Protection Service from 14.0.0 version and 14.1.0 and prior versions	cpe:2.3:a:f5:big-ip_fraud_protection_service	>= 14.0.0	<= 14.1.0
F5 Big-ip Fraud Protection Service from 15.0.0 version and prior 15.1.0 version	cpe:2.3:a:f5:big-ip_fraud_protection_service	>= 15.0.0	< 15.1.0
F5 Big-ip Global Traffic Manager from 13.0.0 version and 13.1.1 and prior versions	cpe:2.3:a:f5:big-ip_global_traffic_manager	>= 13.0.0	<= 13.1.1
F5 Big-ip Global Traffic Manager from 14.0.0 version and 14.1.0 and prior versions	cpe:2.3:a:f5:big-ip_global_traffic_manager	>= 14.0.0	<= 14.1.0
F5 Big-ip Global Traffic Manager from 15.0.0 version and prior 15.1.0 version	cpe:2.3:a:f5:big-ip_global_traffic_manager	>= 15.0.0	< 15.1.0
F5 Big-ip Link Controller from 13.0.0 version and 13.1.1 and prior versions	cpe:2.3:a:f5:big-ip_link_controller	>= 13.0.0	<= 13.1.1
F5 Big-ip Link Controller from 14.0.0 version and 14.1.0 and prior versions	cpe:2.3:a:f5:big-ip_link_controller	>= 14.0.0	<= 14.1.0
F5 Big-ip Link Controller from 15.0.0 version and prior 15.1.0 version	cpe:2.3:a:f5:big-ip_link_controller	>= 15.0.0	< 15.1.0
F5 Big-ip Local Traffic Manager from 13.0.0 version and 13.1.1 and prior versions	cpe:2.3:a:f5:big-ip_local_traffic_manager	>= 13.0.0	<= 13.1.1
F5 Big-ip Local Traffic Manager from 14.0.0 version and 14.1.0 and prior versions	cpe:2.3:a:f5:big-ip_local_traffic_manager	>= 14.0.0	<= 14.1.0
F5 Big-ip Local Traffic Manager from 15.0.0 version and prior 15.1.0 version	cpe:2.3:a:f5:big-ip_local_traffic_manager	>= 15.0.0	< 15.1.0
F5 Big-ip Policy Enforcement Manager from 13.0.0 version and 13.1.1 and prior versions	cpe:2.3:a:f5:big-ip_policy_enforcement_manager	>= 13.0.0	<= 13.1.1
F5 Big-ip Policy Enforcement Manager from 14.0.0 version and 14.1.0 and prior versions	cpe:2.3:a:f5:big-ip_policy_enforcement_manager	>= 14.0.0	<= 14.1.0
F5 Big-ip Policy Enforcement Manager from 15.0.0 version and prior 15.1.0 version	cpe:2.3:a:f5:big-ip_policy_enforcement_manager	>= 15.0.0	< 15.1.0
F5 Big-ip Webaccelerator from 13.0.0 version and 13.1.1 and prior versions	cpe:2.3:a:f5:big-ip_webaccelerator	>= 13.0.0	<= 13.1.1
F5 Big-ip Webaccelerator from 14.0.0 version and 14.1.0 and prior versions	cpe:2.3:a:f5:big-ip_webaccelerator	>= 14.0.0	<= 14.1.0
F5 Big-ip Webaccelerator from 15.0.0 version and prior 15.1.0 version	cpe:2.3:a:f5:big-ip_webaccelerator	>= 15.0.0	< 15.1.0

Configuration #5

		CPE23	From	Up To
	Redhat Openshift Container Platform 3.11	cpe:2.3:a:redhat:openshift_container_platform:3.11
	Redhat Enterprise Linux 7.0	cpe:2.3:o:redhat:enterprise_linux:7.0
	Redhat Enterprise Linux Desktop 7.0	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
	Redhat Enterprise Linux Eus 7.5	cpe:2.3:o:redhat:enterprise_linux_eus:7.5
	Redhat Enterprise Linux Server 7.0	cpe:2.3:o:redhat:enterprise_linux_server:7.0
	Redhat Enterprise Linux Server Aus 7.4	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4
	Redhat Enterprise Linux Server Aus 7.6	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
	Redhat Enterprise Linux Server Eus 7.6	cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6
	Redhat Enterprise Linux Server Tus 7.4	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4
	Redhat Enterprise Linux Server Tus 7.6	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
	Redhat Enterprise Linux Workstation 7.0	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0