CVE-2019-9003

In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a "service ipmievd restart" loop.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.0:rc1:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.0:rc2:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.0:rc3:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.0:rc4:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:cn1610:-:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*

Information

Published : 2019-02-22 07:29

Updated : 2021-06-02 08:31


NVD link : CVE-2019-9003

Mitre link : CVE-2019-9003


JSON object : View

CWE
CWE-416

Use After Free

Advertisement

dedicated server usa

Products Affected

netapp

  • cn1610
  • solidfire
  • hci_management_node
  • cn1610_firmware
  • snapprotect

canonical

  • ubuntu_linux

linux

  • linux_kernel

opensuse

  • leap