CVE-2019-3896

A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).
Configurations

Configuration 1 (hide)

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:6.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

History

21 Nov 2024, 04:42

Type Values Removed Values Added
CVSS v2 : 7.2
v3 : 7.8
v2 : 7.2
v3 : 7.0
References () http://www.securityfocus.com/bid/108814 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/108814 - Third Party Advisory, VDB Entry
References () https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3896 - Issue Tracking, Third Party Advisory () https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3896 - Issue Tracking, Third Party Advisory
References () https://security.netapp.com/advisory/ntap-20190710-0002/ - () https://security.netapp.com/advisory/ntap-20190710-0002/ -
References () https://support.f5.com/csp/article/K04327111 - () https://support.f5.com/csp/article/K04327111 -

Information

Published : 2019-06-19 00:15

Updated : 2024-11-21 04:42


NVD link : CVE-2019-3896

Mitre link : CVE-2019-3896

CVE.ORG link : CVE-2019-3896


JSON object : View

Products Affected

redhat

  • enterprise_linux_server
  • enterprise_linux_desktop
  • enterprise_linux_server_aus
  • enterprise_linux_workstation

linux

  • linux_kernel
CWE
CWE-416

Use After Free

CWE-415

Double Free