Linux Kernel is prone to a local privilege-escalation vulnerability.
A local attacker can exploit this issue to gain elevated privileges.
The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.
Solution:
Updates are available. Please see the references or vendor advisory for more information.
| Bugtraq ID: | 108884 |
| Class: | Failure to Handle Exceptional Conditions |
| CVE: | CVE-2019-12817 |
| Remote: | No |
| Local: | Yes |
| Published: | Jun 24 2019 12:00AM |
| Updated: | Jun 24 2019 12:00AM |
| Credit: | Michael Ellerman |
| Vulnerable: | Redhat Enterprise Linux 8 Linux kernel 4.17.7 Linux kernel 4.17.3 Linux kernel 4.17.2 Linux kernel 4.17.1 Linux kernel 4.17.4 Linux kernel 4.17.11 Linux kernel 4.17.10 Linux kernel 4.17-rc2 Linux kernel 4.17 |
| Not Vulnerable: | |
References:
- Linux kernel Homepage (kernel.org)
- powerpc/mm: Add support for handling > 512TB address in SLB miss (kernel.org)
- Bug 1720616 (CVE-2019-12817) - CVE-2019-12817 kernel: ppc: unrelated processes (Redhat)
- CVE-2019-12817 (Redhat)
from SecurityFocus Vulnerabilities https://ift.tt/2X2VulT
No comments:
Post a Comment
Note: Only a member of this blog may post a comment.