CVE-2019-16714
Description
In the Linux kernel before 5.2.14, rds6_inc_info_copy in net/rds/recv.c allows attackers to obtain sensitive information from kernel stack memory because tos and flags fields are not initialized.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score
Exploitation Probability
1.117
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Multiple Vulnerabilities are affected in IBM Security Guardium 10.6 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.1 | Windows |
| Multiple Vulnerabilities are affected in IBM Security Guardium 11.0 | Windows |
| Linux kernel (USN-4157-1) linux-image-aws_5.0.0.1019.20_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-gcp_5.0.0.1021.47_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-gke_5.0.0.1021.47_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-kvm_5.0.0.1020.20_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-azure_5.0.0.1023.22_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-generic_5.0.0.32.33_i386.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-generic_5.0.0.32.33_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-virtual_5.0.0.32.33_i386.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-virtual_5.0.0.32.33_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-lowlatency_5.0.0.32.33_i386.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-lowlatency_5.0.0.32.33_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-1019-aws_5.0.0-1019.21_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-1020-kvm_5.0.0-1020.21_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-1021-gcp_5.0.0-1021.21_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-1023-azure_5.0.0-1023.24_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-32-generic_5.0.0-32.34_i386.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-32-generic_5.0.0-32.34_amd64.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-32-lowlatency_5.0.0-32.34_i386.deb | Linux |
| Linux kernel (USN-4157-1) linux-image-5.0.0-32-lowlatency_5.0.0-32.34_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-gcp_5.0.0.1021.26_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-azure_5.0.0.1023.33_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-gke-5.0_5.0.0.1023.12_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-5.0.0-1021-gcp_5.0.0-1021.21~18.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-5.0.0-1023-gke_5.0.0-1023.23~18.04.2_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-5.0.0-1023-azure_5.0.0-1023.24~18.04.1_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-5.0.0-32-generic_5.0.0-32.34~18.04.2_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-5.0.0-32-generic_5.0.0-32.34~18.04.2_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-generic-hwe-18.04_5.0.0.32.89_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-generic-hwe-18.04_5.0.0.32.89_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-virtual-hwe-18.04_5.0.0.32.89_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-virtual-hwe-18.04_5.0.0.32.89_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-5.0.0-32-lowlatency_5.0.0-32.34~18.04.2_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-5.0.0-32-lowlatency_5.0.0-32.34~18.04.2_amd64.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-lowlatency-hwe-18.04_5.0.0.32.89_i386.deb | Linux |
| Linux kernel for Microsoft Azure Cloud systems (USN-4157-2) linux-image-lowlatency-hwe-18.04_5.0.0.32.89_amd64.deb | Linux |
| Missing Initialization of Resource Vulnerability (CVE-2019-16714) | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234