CVE-2019-11811
published 2019-05-07CVE-2019-11811: An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is…
high7CVSS 3.1
AVLACHPRLUINSUCHIHAH
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | linux | < linux 4.19.37-1 (bookworm) | linux 4.19.37-1 (bookworm) |
| linux | linux_kernel | >= 0 < 4.19.37-1 | 4.19.37-1 |
| linux | linux_kernel | >= 0 < 4.19.37-1 | 4.19.37-1 |
| linux | linux_kernel | >= 0 < 4.19.37-1 | 4.19.37-1 |
| linux | linux_kernel | >= 0 < 4.19.37-1 | 4.19.37-1 |
| linux | linux_kernel | >= 4.18 < 4.19.31 | 4.19.31 |
| linux | linux_kernel | >= 4.20 < 5.0.4 | 5.0.4 |
| opensuse | leap | — | — |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux_aus | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_server | — | — |
| redhat | enterprise_linux_server_aus | — | — |
| redhat | enterprise_linux_server_tus | — | — |
| redhat | enterprise_linux_server_tus | — | — |
| redhat | enterprise_linux_workstation | — | — |
CVSS provenance
nvdv3.17.0HIGHCVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
osv7.0HIGH