CVE-2019-11815
Bug #1829055 reported by
themusicgod1
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux (Debian) |
Fix Released
|
Unknown
|
|||
linux (Ubuntu) |
Fix Released
|
Medium
|
Unassigned |
Bug Description
An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.
This is a remotely exploitable bug, and seems to be relevant for all current versions of ubuntu, including LTS ones.
Debian CVE : https:/
Fixed by: https:/
CVE References
Changed in linux (Debian): | |
status: | Unknown → Fix Released |
information type: | Private Security → Public Security |
tags: | added: cscc |
To post a comment you must log in.
seems to only be remotely executable if rds is enabled, which it isn't by default in debian...