In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.

Metrics

No CVSS v4.0

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Attack Vector Local

Attack Complexity High

Privileges Required Low

Scope Changed

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

The EPSS score is 0.07216.

Key SSVC decision points have not yet been added.

Affected Vendors & Products

Vendors Products
Canonical
  • Ubuntu Linux
Debian
  • Debian Linux
F5
  • Big-ip Access Policy Manager
  • Big-ip Advanced Firewall Manager
  • Big-ip Analytics
  • Big-ip Application Acceleration Manager
  • Big-ip Application Security Manager
  • Big-ip Edge Gateway
  • Big-ip Fraud Protection Service
  • Big-ip Global Traffic Manager
  • Big-ip Link Controller
  • Big-ip Local Traffic Manager
  • Big-ip Policy Enforcement Manager
  • Big-ip Webaccelerator
Linux
  • Linux Kernel
Redhat
  • Enterprise Linux
  • Enterprise Linux Desktop
  • Enterprise Linux Eus
  • Enterprise Linux Server
  • Enterprise Linux Server Aus
  • Enterprise Linux Server Eus
  • Enterprise Linux Server Tus
  • Enterprise Linux Workstation
  • Openshift Container Platform
  • Rhel Aus
  • Rhel E4s
  • Rhel Eus
  • Rhel Extras Rt
  • Rhel Tus

Configuration 1 [-]

OR cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*

Configuration 2 [-]

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 3 [-]

OR cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*

Configuration 5 [-]

OR cpe:2.3:a:redhat:openshift_container_platform:3.11:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
Package CPE Advisory Released Date
Red Hat Enterprise Linux 7
kernel-rt-0:3.10.0-957.12.1.rt56.927.el7 cpe:/a:redhat:rhel_extras_rt:7 RHSA-2019:0833 2019-04-23T00:00:00Z
kernel-0:3.10.0-957.12.1.el7 cpe:/o:redhat:enterprise_linux:7 RHSA-2019:0818 2019-04-23T00:00:00Z
kernel-alt-0:4.14.0-115.12.1.el7a cpe:/o:redhat:enterprise_linux:7 RHSA-2019:2809 2019-09-20T00:00:00Z
Red Hat Enterprise Linux 7.4 Advanced Update Support
kernel-0:3.10.0-693.62.1.el7 cpe:/o:redhat:rhel_aus:7.4 RHSA-2020:0103 2020-01-14T00:00:00Z
Red Hat Enterprise Linux 7.4 Telco Extended Update Support
kernel-0:3.10.0-693.62.1.el7 cpe:/o:redhat:rhel_tus:7.4 RHSA-2020:0103 2020-01-14T00:00:00Z
Red Hat Enterprise Linux 7.4 Update Services for SAP Solutions
kernel-0:3.10.0-693.62.1.el7 cpe:/o:redhat:rhel_e4s:7.4 RHSA-2020:0103 2020-01-14T00:00:00Z
Red Hat Enterprise Linux 7.5 Extended Update Support
kernel-0:3.10.0-862.44.2.el7 cpe:/o:redhat:rhel_eus:7.5 RHSA-2019:3967 2019-11-26T00:00:00Z

No data.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-1731-1 linux security update
Debian DLA Debian DLA DLA-1731-2 linux regression update
Debian DLA Debian DLA DLA-1771-1 linux-4.9 security update
EUVD EUVD EUVD-2019-16527 In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.
Ubuntu USN Ubuntu USN USN-3930-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-3930-2 Linux kernel (HWE) vulnerabilities
Ubuntu USN Ubuntu USN USN-3931-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-3931-2 Linux kernel (HWE) vulnerabilities
Ubuntu USN Ubuntu USN USN-3932-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-3932-2 Linux kernel (Xenial HWE) vulnerabilities
Ubuntu USN Ubuntu USN USN-3933-1 Linux kernel vulnerabilities
Ubuntu USN Ubuntu USN USN-3933-2 Linux kernel (Trusty HWE) vulnerabilities
Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References
Link Providers
http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cfa39381173d5f969daf43582c95ad679189cbc9 cve-icon cve-icon
http://www.securityfocus.com/bid/107127 cve-icon cve-icon
https://access.redhat.com/errata/RHBA-2019:0959 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:0818 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:0833 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:2809 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2019:3967 cve-icon cve-icon
https://access.redhat.com/errata/RHSA-2020:0103 cve-icon cve-icon
https://bugs.chromium.org/p/project-zero/issues/detail?id=1765 cve-icon cve-icon
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.99 cve-icon cve-icon
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.21 cve-icon cve-icon
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.8 cve-icon cve-icon
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.156 cve-icon cve-icon
https://github.com/torvalds/linux/commit/cfa39381173d5f969daf43582c95ad679189cbc9 cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html cve-icon cve-icon
https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2019-6974 cve-icon
https://support.f5.com/csp/article/K11186236 cve-icon cve-icon
https://support.f5.com/csp/article/K11186236?utm_source=f5support&amp%3Butm_medium=RSS cve-icon cve-icon
https://usn.ubuntu.com/3930-1/ cve-icon cve-icon
https://usn.ubuntu.com/3930-2/ cve-icon cve-icon
https://usn.ubuntu.com/3931-1/ cve-icon cve-icon
https://usn.ubuntu.com/3931-2/ cve-icon cve-icon
https://usn.ubuntu.com/3932-1/ cve-icon cve-icon
https://usn.ubuntu.com/3932-2/ cve-icon cve-icon
https://usn.ubuntu.com/3933-1/ cve-icon cve-icon
https://usn.ubuntu.com/3933-2/ cve-icon cve-icon
https://www.cve.org/CVERecord?id=CVE-2019-6974 cve-icon
https://www.exploit-db.com/exploits/46388/ cve-icon cve-icon
History

Fri, 11 Jul 2025 13:45:00 +0000

Type Values Removed Values Added
Metrics epss

{'score': 0.11275}

 epss

{'score': 0.08376}
cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2024-08-04T20:38:32.373Z

Reserved: 2019-01-26T00:00:00

Link: CVE-2019-6974

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-02-15T15:29:00.250

Modified: 2024-11-21T04:47:20.457

Link: CVE-2019-6974

cve-icon Redhat

Severity : Important

Publid Date: 2019-02-07T00:00:00Z

Links: CVE-2019-6974 - Bugzilla

cve-icon OpenCVE Enrichment

No data.