Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 18 submissions in the queue.

Linux Kernel Hole Reported: CVE-2019-11811

posted by martyb on Monday July 22 2019, @05:58PM   Printer-friendly
from the ALL-kernels-affected dept.

An Anonymous Coward writes:

https://www.securityfocus.com/bid/108410

From the RedHat bug discussion:

https://bugzilla.redhat.com/show_bug.cgi?id=1709180

A flaw was found in the Linux kernels implementation of IPMI (remote baseband access) where an attacker with local access to read /proc/ioports may be able to create a use-after-free condition when the kernel module is unloaded. The use after-free condition may result in privilege escalation. Investigation is ongoing.

See https://security-tracker.debian.org/tracker/CVE-2019-11811 for a lot of other distro links (the Source section at the top).

Original Submission

 
This discussion has been archived. No new comments can be posted.
Linux Kernel Hole Reported: CVE-2019-11811 | Log In/Create an Account | Top | 17 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by RS3 on Tuesday July 23 2019, @12:18AM

    by RS3 (6367) on Tuesday July 23 2019, @12:18AM (#870141)

    Yes, I agree and I do that too, esp. for stable kernel releases. I was just pointing out that sometimes bugs are recent additions.

    Can complex code ever be bug-free? Every now and then I read about a "race condition", which I know well in HW, but SW? Hmmm...

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2