CVE-2019-3896

A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-06-19 00:15

Updated : 2024-02-28 17:08


NVD link : CVE-2019-3896

Mitre link : CVE-2019-3896

CVE.ORG link : CVE-2019-3896


JSON object : View

Products Affected

linux

  • linux_kernel

redhat

  • enterprise_linux_desktop
  • enterprise_linux_server_aus
  • enterprise_linux_server
  • enterprise_linux_workstation
CWE
CWE-416

Use After Free

CWE-415

Double Free