CVE Vulnerability

CVE-2019-11191

** DISPUTED ** The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aout.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat. NOTE: the software maintainer disputes that this is a vulnerability because ASLR for a.out format executables has never been supported.

1.9 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 3.4 / Impact : 2.9

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact PARTIAL

Integrity Impact NONE

Availability Impact NONE

Scope

2.5 /10

CVSS v3.0 : LOW

V3 Legend

Vector :

Exploitability : 1 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://www.openwall.com/lists/oss-security/2019/04/03/4/1 Mailing List Exploit
https://www.openwall.com/lists/oss-security/2019/04/03/4 Mailing List Exploit
http://www.securityfocus.com/bid/107887 Third Party Advisory VDB Entry
http://www.openwall.com/lists/oss-security/2019/04/18/5 Mailing List Third Party Advisory
http://www.openwall.com/lists/oss-security/2019/05/22/7
https://usn.ubuntu.com/4008-1/
https://usn.ubuntu.com/4007-2/
https://usn.ubuntu.com/4007-1/
https://usn.ubuntu.com/4006-2/
https://usn.ubuntu.com/4006-1/
https://usn.ubuntu.com/4008-3/
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html
Configurations

Configuration 1

cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Information

Published : 2019-04-12 12:29

Updated : 2019-06-17 04:15

NVD link : CVE-2019-11191

Mitre link : CVE-2019-11191

Products Affected
No products.
CWE
CWE-362