CVE-2019-9213
05.03.2019, 22:29
In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.Enginsight
| Vendor | Product | Version |
|---|---|---|
| linux | linux_kernel | 4.9 ≤ 𝑥 < 4.9.162 |
| linux | linux_kernel | 4.14 ≤ 𝑥 < 4.14.105 |
| linux | linux_kernel | 4.19 ≤ 𝑥 < 4.19.27 |
| linux | linux_kernel | 4.20 ≤ 𝑥 < 4.20.14 |
| debian | debian_linux | 8.0 |
| redhat | enterprise_linux | 7.0 |
| redhat | enterprise_linux | 8.0 |
| opensuse | leap | 15.0 |
| opensuse | leap | 42.3 |
| canonical | ubuntu_linux | 12.04 |
| canonical | ubuntu_linux | 14.04 |
| canonical | ubuntu_linux | 16.04 |
| canonical | ubuntu_linux | 18.10 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
| linux |
| ||||||||||
| linux-aws |
| ||||||||||
| linux-aws-hwe |
| ||||||||||
| linux-azure |
| ||||||||||
| linux-azure-edge |
| ||||||||||
| linux-euclid |
| ||||||||||
| linux-flo |
| ||||||||||
| linux-gcp |
| ||||||||||
| linux-gcp-edge |
| ||||||||||
| linux-gke |
| ||||||||||
| linux-goldfish |
| ||||||||||
| linux-grouper |
| ||||||||||
| linux-hwe |
| ||||||||||
| linux-hwe-edge |
| ||||||||||
| linux-kvm |
| ||||||||||
| linux-lts-trusty |
| ||||||||||
| linux-lts-utopic |
| ||||||||||
| linux-lts-vivid |
| ||||||||||
| linux-lts-wily |
| ||||||||||
| linux-lts-xenial |
| ||||||||||
| linux-maguro |
| ||||||||||
| linux-mako |
| ||||||||||
| linux-manta |
| ||||||||||
| linux-oem |
| ||||||||||
| linux-oracle |
| ||||||||||
| linux-raspi2 |
| ||||||||||
| linux-snapdragon |
|
Common Weakness Enumeration
References