Home

CVE-2019-11190

Description

The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat.

Risk Information

Base Score
4.7
MODERATE
Vector
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
0.009

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel for Amazon Web Services (AWS) systems (USN-3932-2) linux-image-aws_4.4.0.1044.45_amd64.debLinux
Linux kernel (USN-3982-1) linux-image-aws_4.4.0.1084.87_amd64.debLinux
Linux kernel (USN-3982-1) linux-image-kvm_4.4.0.1047.47_amd64.debLinux
Linux kernel (USN-3982-1) linux-image-generic_4.4.0.150.158_i386.debLinux
Linux kernel (USN-3982-1) linux-image-generic_4.4.0.150.158_amd64.debLinux
Linux kernel (USN-3982-1) linux-image-virtual_4.4.0.150.158_i386.debLinux
Linux kernel (USN-3982-1) linux-image-virtual_4.4.0.150.158_amd64.debLinux
Linux kernel (USN-3982-1) linux-image-lowlatency_4.4.0.150.158_i386.debLinux
Linux kernel (USN-3982-1) linux-image-lowlatency_4.4.0.150.158_amd64.debLinux
Linux kernel (USN-4008-1) linux-image-aws_4.4.0.1084.87_amd64.debLinux
Linux kernel (USN-4008-1) linux-image-kvm_4.4.0.1047.47_amd64.debLinux
Linux kernel (USN-4008-1) linux-image-generic_4.4.0.150.158_i386.debLinux
Linux kernel (USN-4008-1) linux-image-generic_4.4.0.150.158_amd64.debLinux
Linux kernel (USN-4008-1) linux-image-virtual_4.4.0.150.158_i386.debLinux
Linux kernel (USN-4008-1) linux-image-virtual_4.4.0.150.158_amd64.debLinux
Linux kernel (USN-4008-1) linux-image-lowlatency_4.4.0.150.158_i386.debLinux
Linux kernel (USN-4008-1) linux-image-lowlatency_4.4.0.150.158_amd64.debLinux
Linux kernel (USN-4008-1) linux-image-4.4.0-1047-kvm_4.4.0-1047.53_amd64.debLinux
Linux kernel (USN-4008-1) linux-image-4.4.0-1084-aws_4.4.0-1084.94_amd64.debLinux
Linux kernel (USN-4008-1) linux-image-4.4.0-150-generic_4.4.0-150.176_i386.debLinux
Linux kernel (USN-4008-1) linux-image-4.4.0-150-generic_4.4.0-150.176_amd64.debLinux
Linux kernel (USN-4008-1) linux-image-4.4.0-150-lowlatency_4.4.0-150.176_i386.debLinux
Linux kernel (USN-4008-1) linux-image-4.4.0-150-lowlatency_4.4.0-150.176_amd64.debLinux
Linux security system (USN-4008-2) python3-apparmor_2.10.95-0ubuntu2.11_i386.debLinux
Linux security system (USN-4008-2) python3-apparmor_2.10.95-0ubuntu2.11_amd64.debLinux
Linux security system (USN-4008-2) apparmor-profiles_2.10.95-0ubuntu2.11_all.debLinux
SUSE-SU-2019:14089-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.95.2.i586.rpmLinux
SUSE-SU-2019:14089-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-default-extra-3.0.101-108.95.2.x86_64.rpmLinux
SUSE-SU-2019:14089-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-pae-extra-3.0.101-108.95.2.i586.rpmLinux
SUSE-SU-2019:14089-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-trace-extra-3.0.101-108.95.2.x86_64.rpmLinux
SUSE-SU-2019:14089-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.95.2.i586.rpmLinux
SUSE-SU-2019:14089-1(SUSE Linux Enterprise Server 11-EXTRA ) kernel-xen-extra-3.0.101-108.95.2.x86_64.rpmLinux
SUSE-SU-2019:1532-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-default-4.4.180-94.97.1.x86_64.rpmLinux
SUSE-SU-2019:1532-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-default-debuginfo-4.4.180-94.97.1.x86_64.rpmLinux
SUSE-SU-2019:1532-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-default-debugsource-4.4.180-94.97.1.x86_64.rpmLinux
SUSE-SU-2019:1532-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-default-devel-4.4.180-94.97.1.x86_64.rpmLinux
SUSE-SU-2019:1532-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-default-extra-4.4.180-94.97.1.x86_64.rpmLinux
SUSE-SU-2019:1532-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-default-extra-debuginfo-4.4.180-94.97.1.x86_64.rpmLinux
SUSE-SU-2019:1532-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-devel-4.4.180-94.97.1.noarch.rpmLinux
SUSE-SU-2019:1532-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-macros-4.4.180-94.97.1.noarch.rpmLinux
SUSE-SU-2019:1532-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-source-4.4.180-94.97.1.noarch.rpmLinux
SUSE-SU-2019:1532-1(SUSE Linux Enterprise Desktop 12-SP3 ) kernel-syms-4.4.180-94.97.1.x86_64.rpmLinux
(RHSA-2020:1016) kernel security, bug fix, and enhancement update bpftool-3.10.0-1127.el7.x86_64.rpmLinux
(RHSA-2020:1016) kernel security, bug fix, and enhancement update kernel-3.10.0-1127.el7.x86_64.rpmLinux
(RHSA-2020:1016) kernel security, bug fix, and enhancement update kernel-abi-whitelists-3.10.0-1127.el7.noarch.rpmLinux
(RHSA-2020:1016) kernel security, bug fix, and enhancement update kernel-debug-3.10.0-1127.el7.x86_64.rpmLinux
(RHSA-2020:1016) kernel security, bug fix, and enhancement update kernel-debug-devel-3.10.0-1127.el7.x86_64.rpmLinux
(RHSA-2020:1016) kernel security, bug fix, and enhancement update kernel-devel-3.10.0-1127.el7.x86_64.rpmLinux
(RHSA-2020:1016) kernel security, bug fix, and enhancement update kernel-doc-3.10.0-1127.el7.noarch.rpmLinux
(RHSA-2020:1016) kernel security, bug fix, and enhancement update kernel-headers-3.10.0-1127.el7.x86_64.rpmLinux
(RHSA-2020:1016) kernel security, bug fix, and enhancement update kernel-tools-3.10.0-1127.el7.x86_64.rpmLinux
(RHSA-2020:1016) kernel security, bug fix, and enhancement update kernel-tools-libs-3.10.0-1127.el7.x86_64.rpmLinux
(RHSA-2020:1016) kernel security, bug fix, and enhancement update kernel-tools-libs-devel-3.10.0-1127.el7.x86_64.rpmLinux
(RHSA-2020:1016) kernel security, bug fix, and enhancement update perf-3.10.0-1127.el7.x86_64.rpmLinux
(RHSA-2020:1016) kernel security, bug fix, and enhancement update python-perf-3.10.0-1127.el7.x86_64.rpmLinux
Dtrace-modules-3.8.13-118.34.1.el6uek update (ELSA-2019-4644) dtrace-modules-3.8.13-118.34.1.el6uek-0.4.5-3.el6.x86_64.rpmLinux
Dtrace-modules-3.8.13-118.34.1.el7uek update (ELSA-2019-4644) dtrace-modules-3.8.13-118.34.1.el7uek-0.4.5-3.el7.x86_64.rpmLinux
(CESA-2020:1016) kernel security, bug fix, and enhancement update bpftool-3.10.0-1127.el7.x86_64.rpmLinux
(CESA-2020:1016) kernel security, bug fix, and enhancement update kernel-3.10.0-1127.el7.x86_64.rpmLinux
(CESA-2020:1016) kernel security, bug fix, and enhancement update kernel-debug-3.10.0-1127.el7.x86_64.rpmLinux
(CESA-2020:1016) kernel security, bug fix, and enhancement update kernel-debug-devel-3.10.0-1127.el7.x86_64.rpmLinux
(CESA-2020:1016) kernel security, bug fix, and enhancement update kernel-devel-3.10.0-1127.el7.x86_64.rpmLinux
(CESA-2020:1016) kernel security, bug fix, and enhancement update kernel-headers-3.10.0-1127.el7.x86_64.rpmLinux
(CESA-2020:1016) kernel security, bug fix, and enhancement update kernel-tools-3.10.0-1127.el7.x86_64.rpmLinux
(CESA-2020:1016) kernel security, bug fix, and enhancement update kernel-tools-libs-3.10.0-1127.el7.x86_64.rpmLinux
(CESA-2020:1016) kernel security, bug fix, and enhancement update kernel-tools-libs-devel-3.10.0-1127.el7.x86_64.rpmLinux
(CESA-2020:1016) kernel security, bug fix, and enhancement update perf-3.10.0-1127.el7.x86_64.rpmLinux
(CESA-2020:1016) kernel security, bug fix, and enhancement update python-perf-3.10.0-1127.el7.x86_64.rpmLinux
Concurrent Execution using Shared Resource with Improper Synchronization (Race Condition) Vulnerability (CVE-2019-11190)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234