{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2019-03-05T00:00:00", "descriptions": [{"lang": "en", "value": "In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-01-22T18:06:27", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "46502", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "https://www.exploit-db.com/exploits/46502/"}, {"tags": ["x_refsource_MISC"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1"}, {"tags": ["x_refsource_MISC"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162"}, {"tags": ["x_refsource_MISC"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27"}, {"tags": ["x_refsource_MISC"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1"}, {"name": "107296", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/107296"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1792"}, {"tags": ["x_refsource_MISC"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14"}, {"name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"}, {"name": "openSUSE-SU-2019:1085", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00045.html"}, {"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"}, {"name": "USN-3932-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3932-1/"}, {"name": "USN-3932-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3932-2/"}, {"name": "USN-3930-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3930-1/"}, {"name": "USN-3931-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3931-1/"}, {"name": "USN-3933-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3933-2/"}, {"name": "USN-3931-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3931-2/"}, {"name": "USN-3930-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3930-2/"}, {"name": "USN-3933-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3933-1/"}, {"name": "openSUSE-SU-2019:1193", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html"}, {"name": "RHSA-2019:0831", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:0831"}, {"name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"}, {"name": "RHSA-2019:1479", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1479"}, {"name": "RHSA-2019:1480", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:1480"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2019-9213", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "46502", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/46502/"}, {"name": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1", "refsource": "MISC", "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1"}, {"name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162", "refsource": "MISC", "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162"}, {"name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27", "refsource": "MISC", "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27"}, {"name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105", "refsource": "MISC", "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105"}, {"name": "https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1", "refsource": "MISC", "url": "https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1"}, {"name": "107296", "refsource": "BID", "url": "http://www.securityfocus.com/bid/107296"}, {"name": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1792", "refsource": "MISC", "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1792"}, {"name": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14", "refsource": "MISC", "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14"}, {"name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"}, {"name": "openSUSE-SU-2019:1085", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00045.html"}, {"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"}, {"name": "USN-3932-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3932-1/"}, {"name": "USN-3932-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3932-2/"}, {"name": "USN-3930-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3930-1/"}, {"name": "USN-3931-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3931-1/"}, {"name": "USN-3933-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3933-2/"}, {"name": "USN-3931-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3931-2/"}, {"name": "USN-3930-2", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3930-2/"}, {"name": "USN-3933-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3933-1/"}, {"name": "openSUSE-SU-2019:1193", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html"}, {"name": "RHSA-2019:0831", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:0831"}, {"name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"}, {"name": "RHSA-2019:1479", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1479"}, {"name": "RHSA-2019:1480", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:1480"}, {"name": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T21:38:46.640Z"}, "title": "CVE Program Container", "references": [{"name": "46502", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "https://www.exploit-db.com/exploits/46502/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1"}, {"name": "107296", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/107296"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1792"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14"}, {"name": "[debian-lts-announce] 20190327 [SECURITY] [DLA 1731-1] linux security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"}, {"name": "openSUSE-SU-2019:1085", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00045.html"}, {"name": "[debian-lts-announce] 20190401 [SECURITY] [DLA 1731-2] linux regression update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"}, {"name": "USN-3932-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3932-1/"}, {"name": "USN-3932-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3932-2/"}, {"name": "USN-3930-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3930-1/"}, {"name": "USN-3931-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3931-1/"}, {"name": "USN-3933-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3933-2/"}, {"name": "USN-3931-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3931-2/"}, {"name": "USN-3930-2", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3930-2/"}, {"name": "USN-3933-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3933-1/"}, {"name": "openSUSE-SU-2019:1193", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html"}, {"name": "RHSA-2019:0831", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:0831"}, {"name": "[debian-lts-announce] 20190503 [SECURITY] [DLA 1771-1] linux-4.9 security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"}, {"name": "RHSA-2019:1479", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:1479"}, {"name": "RHSA-2019:1480", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:1480"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2019-9213", "datePublished": "2019-03-05T22:00:00", "dateReserved": "2019-02-27T00:00:00", "dateUpdated": "2024-08-04T21:38:46.640Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "56A636A0-542A-457B-8557-CD70D9AD69C1", "versionEndExcluding": "4.9.162", "versionStartIncluding": "4.9", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "6DC55135-E4DB-45B8-BF67-5139F750BF40", "versionEndExcluding": "4.14.105", "versionStartIncluding": "4.14", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "03F65CBE-42FC-4C64-8189-9D1AA25C01A5", "versionEndExcluding": "4.19.27", "versionStartIncluding": "4.19", "vulnerable": true}, {"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "matchCriteriaId": "816E4DD2-A3B9-47AD-AFD4-79A03297934E", "versionEndExcluding": "4.20.14", "versionStartIncluding": "4.20", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A", "vulnerable": true}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "matchCriteriaId": "F1E78106-58E6-4D59-990F-75DA575BFAD9", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "matchCriteriaId": "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:*:*:*:*", "matchCriteriaId": "1F3EFED2-F6BC-46D9-AB22-D5ED87EF4549", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*", "matchCriteriaId": "815D70A8-47D3-459C-A32C-9FEACA0659D1", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*", "matchCriteriaId": "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*", "matchCriteriaId": "07C312A0-CD2C-4B9C-B064-6409B25C278F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task."}, {"lang": "es", "value": "En el kernel de Linux, en versiones anteriores a la 4.20.14, expand_downwards en mm/mmap.c carece de una comprobaci\u00f3n para la direcci\u00f3n m\u00ednima de mmap, lo que facilita que los atacantes exploten desreferencias de puntero NULL en el kernel en plataformas que no son SMAP. Esto esto est\u00e1 relacionado con una comprobaci\u00f3n de capacidades para la tarea equivocada."}], "id": "CVE-2019-9213", "lastModified": "2024-11-21T04:51:13.217", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 4.9, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-03-05T22:29:00.240", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Vendor Advisory"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00045.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/107296"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:0831"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:1479"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:1480"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1792"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3930-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3930-2/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3931-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3931-2/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3932-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3932-2/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3933-1/"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3933-2/"}, {"source": "cve@mitre.org", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/46502/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0a1d52994d440e21def1c2174932410b4f2a98a1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00045.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "http://packetstormsecurity.com/files/156053/Reliable-Datagram-Sockets-RDS-rds_atomic_free_op-Privilege-Escalation.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/107296"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:0831"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:1479"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:1480"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Mailing List", "Third Party Advisory"], "url": "https://bugs.chromium.org/p/project-zero/issues/detail?id=1792"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.105"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.27"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.20.14"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.162"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Vendor Advisory"], "url": "https://github.com/torvalds/linux/commit/0a1d52994d440e21def1c2174932410b4f2a98a1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2019/03/msg00034.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2019/04/msg00004.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2019/05/msg00002.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3930-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3930-2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3931-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3931-2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3932-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3932-2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3933-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3933-2/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Third Party Advisory", "VDB Entry"], "url": "https://www.exploit-db.com/exploits/46502/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2019:0831", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "kernel-alt-0:4.14.0-115.7.1.el7a", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2019-04-23T00:00:00Z"}, {"advisory": "RHSA-2019:1480", "cpe": "cpe:/a:redhat:enterprise_linux:8::nfv", "package": "kernel-rt-0:4.18.0-80.4.2.rt9.152.el8_0", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2019-06-17T00:00:00Z"}, {"advisory": "RHSA-2019:1479", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "kernel-0:4.18.0-80.4.2.el8_0", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2019-06-17T00:00:00Z"}], "bugzilla": {"description": "kernel: lack of check for mmap minimum address in expand_downwards in mm/mmap.c leads to NULL pointer dereferences exploit on non-SMAP platforms", "id": "1686136", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1686136"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.5", "cvss3_scoring_vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-476", "details": ["In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.", "A flaw was found in mmap in the Linux kernel allowing the process to map a null page. This allows attackers to abuse this mechanism to turn null pointer dereferences into workable exploits."], "mitigation": {"lang": "en:us", "value": "Enabling selinux prevents the public exploit from working correctly."}, "name": "CVE-2019-9213", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 5"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "kernel-rt", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:enterprise_mrg:2", "fix_state": "Not affected", "package_name": "kernel", "product_name": "Red Hat Enterprise MRG 2"}], "public_date": "2019-02-27T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2019-9213\nhttps://nvd.nist.gov/vuln/detail/CVE-2019-9213"], "threat_severity": "Important", "upstream_fix": "kernel 4.20.14"}