Vulnerability Details CVE-2019-11811
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.1%
CVSS Severity
CVSS v3 Score 7.0
CVSS v2 Score 6.9
References
- http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html
- http://www.securityfocus.com/bid/108410
- https://access.redhat.com/errata/RHSA-2019:1873
- https://access.redhat.com/errata/RHSA-2019:1891
- https://access.redhat.com/errata/RHSA-2019:1959
- https://access.redhat.com/errata/RHSA-2019:1971
- https://access.redhat.com/errata/RHSA-2019:4057
- https://access.redhat.com/errata/RHSA-2019:4058
- https://access.redhat.com/errata/RHSA-2020:0036
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.4
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=401e7e88d4ef80188ffa07095ac00456f901b8c4
- https://github.com/torvalds/linux/commit/401e7e88d4ef80188ffa07095ac00456f901b8c4
- https://security.netapp.com/advisory/ntap-20190719-0003/
- https://support.f5.com/csp/article/K01512680
- http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html
- http://www.securityfocus.com/bid/108410
- https://access.redhat.com/errata/RHSA-2019:1873
- https://access.redhat.com/errata/RHSA-2019:1891
- https://access.redhat.com/errata/RHSA-2019:1959
- https://access.redhat.com/errata/RHSA-2019:1971
- https://access.redhat.com/errata/RHSA-2019:4057
- https://access.redhat.com/errata/RHSA-2019:4058
- https://access.redhat.com/errata/RHSA-2020:0036
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.4
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=401e7e88d4ef80188ffa07095ac00456f901b8c4
- https://github.com/torvalds/linux/commit/401e7e88d4ef80188ffa07095ac00456f901b8c4
- https://security.netapp.com/advisory/ntap-20190719-0003/
- https://support.f5.com/csp/article/K01512680
Products affected by CVE-2019-11811
-
cpe:2.3:o:linux:linux_kernel:4.18
-
cpe:2.3:o:linux:linux_kernel:4.18.0
-
cpe:2.3:o:linux:linux_kernel:4.18.0-193.el8
-
cpe:2.3:o:linux:linux_kernel:4.18.1
-
cpe:2.3:o:linux:linux_kernel:4.18.10
-
cpe:2.3:o:linux:linux_kernel:4.18.11
-
cpe:2.3:o:linux:linux_kernel:4.18.12
-
cpe:2.3:o:linux:linux_kernel:4.18.13
-
cpe:2.3:o:linux:linux_kernel:4.18.14
-
cpe:2.3:o:linux:linux_kernel:4.18.15
-
cpe:2.3:o:linux:linux_kernel:4.18.16
-
cpe:2.3:o:linux:linux_kernel:4.18.17
-
cpe:2.3:o:linux:linux_kernel:4.18.18
-
cpe:2.3:o:linux:linux_kernel:4.18.19
-
cpe:2.3:o:linux:linux_kernel:4.18.2
-
cpe:2.3:o:linux:linux_kernel:4.18.20
-
cpe:2.3:o:linux:linux_kernel:4.18.3
-
cpe:2.3:o:linux:linux_kernel:4.18.4
-
cpe:2.3:o:linux:linux_kernel:4.18.5
-
cpe:2.3:o:linux:linux_kernel:4.18.6
-
cpe:2.3:o:linux:linux_kernel:4.18.7
-
cpe:2.3:o:linux:linux_kernel:4.18.8
-
cpe:2.3:o:linux:linux_kernel:4.18.9
-
cpe:2.3:o:linux:linux_kernel:4.19
-
cpe:2.3:o:linux:linux_kernel:4.19.1
-
cpe:2.3:o:linux:linux_kernel:4.19.10
-
cpe:2.3:o:linux:linux_kernel:4.19.11
-
cpe:2.3:o:linux:linux_kernel:4.19.12
-
cpe:2.3:o:linux:linux_kernel:4.19.13
-
cpe:2.3:o:linux:linux_kernel:4.19.14
-
cpe:2.3:o:linux:linux_kernel:4.19.15
-
cpe:2.3:o:linux:linux_kernel:4.19.16
-
cpe:2.3:o:linux:linux_kernel:4.19.17
-
cpe:2.3:o:linux:linux_kernel:4.19.18
-
cpe:2.3:o:linux:linux_kernel:4.19.19
-
cpe:2.3:o:linux:linux_kernel:4.19.2
-
cpe:2.3:o:linux:linux_kernel:4.19.20
-
cpe:2.3:o:linux:linux_kernel:4.19.21
-
cpe:2.3:o:linux:linux_kernel:4.19.22
-
cpe:2.3:o:linux:linux_kernel:4.19.23
-
cpe:2.3:o:linux:linux_kernel:4.19.24
-
cpe:2.3:o:linux:linux_kernel:4.19.25
-
cpe:2.3:o:linux:linux_kernel:4.19.26
-
cpe:2.3:o:linux:linux_kernel:4.19.26.1
-
cpe:2.3:o:linux:linux_kernel:4.19.27
-
cpe:2.3:o:linux:linux_kernel:4.19.28
-
cpe:2.3:o:linux:linux_kernel:4.19.29
-
cpe:2.3:o:linux:linux_kernel:4.19.3
-
cpe:2.3:o:linux:linux_kernel:4.19.30
-
cpe:2.3:o:linux:linux_kernel:4.19.4
-
cpe:2.3:o:linux:linux_kernel:4.19.5
-
cpe:2.3:o:linux:linux_kernel:4.19.6
-
cpe:2.3:o:linux:linux_kernel:4.19.7
-
cpe:2.3:o:linux:linux_kernel:4.19.8
-
cpe:2.3:o:linux:linux_kernel:4.19.9
-
cpe:2.3:o:linux:linux_kernel:4.20
-
cpe:2.3:o:linux:linux_kernel:4.20.1
-
cpe:2.3:o:linux:linux_kernel:4.20.10
-
cpe:2.3:o:linux:linux_kernel:4.20.11
-
cpe:2.3:o:linux:linux_kernel:4.20.12
-
cpe:2.3:o:linux:linux_kernel:4.20.13
-
cpe:2.3:o:linux:linux_kernel:4.20.14
-
cpe:2.3:o:linux:linux_kernel:4.20.15
-
cpe:2.3:o:linux:linux_kernel:4.20.16
-
cpe:2.3:o:linux:linux_kernel:4.20.17
-
cpe:2.3:o:linux:linux_kernel:4.20.2
-
cpe:2.3:o:linux:linux_kernel:4.20.3
-
cpe:2.3:o:linux:linux_kernel:4.20.4
-
cpe:2.3:o:linux:linux_kernel:4.20.5
-
cpe:2.3:o:linux:linux_kernel:4.20.6
-
cpe:2.3:o:linux:linux_kernel:4.20.7
-
cpe:2.3:o:linux:linux_kernel:4.20.8
-
cpe:2.3:o:linux:linux_kernel:4.20.9
-
cpe:2.3:o:linux:linux_kernel:5.0
-
cpe:2.3:o:linux:linux_kernel:5.0.1
-
cpe:2.3:o:linux:linux_kernel:5.0.2
-
cpe:2.3:o:linux:linux_kernel:5.0.3
-
cpe:2.3:o:opensuse:leap:15.1
-
cpe:2.3:o:redhat:enterprise_linux:7.0
-
cpe:2.3:o:redhat:enterprise_linux_aus:7.6
-
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
-
cpe:2.3:o:redhat:enterprise_linux_server:7.0
-
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4
-
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.4
-
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
-
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0