Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
redhatcveRedhat.comRH:CVE-2019-11487
HistoryApr 07, 2020 - 5:14 p.m.

CVE-2019-11487

2020-04-0717:14:51
redhat.com
access.redhat.com
29

0.002 Low

EPSS

Percentile

52.7%

JSON

A flaw was found in the Linux kernel’s implementation of the FUSE filesystem, where it allows a page reference counter overflow. If a page reference counter overflows into a negative value, it can be placed back into the “free” list for reuse by other applications. This flaw allows a local attacker who can manipulate memory page reference counters to cause memory corruption and possible privilege escalation by triggering a use-after-free condition. The current attack requires the system to have approximately 140 GB of RAM for this attack to be performed. It may be possible that the attack can occur with fewer memory requirements.

Mitigation

Preventing loading of the 'fuse' kernel module will prevent attackers from using this exploit against the system; howeve the functionality of being able to access the filesystems that would be allowed by fuse would no longer be allowed . See “How do I blacklist a kernel module to prevent it from loading automatically?" ( <https://access.redhat.com/solutions/41278&gt;) for instructions on how to disable the 'fuse' kernel module from autoloading. This mitigation may not be suitable if access to the functionality provided by fuse is required.

Related

prion 1
nessus 60
veracode 1
nvd 1
openvas 30
cve 1
redhat 9
cvelist 1
oraclelinux 6
debiancve 1
centos 2
ubuntucve 1
f5 1
ubuntu 6
suse 3
virtuozzo 1
osv 1
debian 2
ibm 2
photon 6
slackware 1
cloudfoundry 2
oracle 1
prion
prion
Design/Logic Flaw
2019-04-23 22:29:00
nessus
nessus
EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1671)
2019-06-27 00:00:00
CentOS 6 : kernel (CESA-2020:4182)
2020-11-09 00:00:00
Scientific Linux Security Update : kernel on SL6.x i386/x86_64 (20201012)
2020-10-13 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-03-18 00:55:52
nvd
nvd
CVE-2019-11487
2019-04-23 22:29:05
openvas
openvas
CentOS: Security Advisory for kernel (CESA-2020:4182)
2020-11-10 00:00:00
Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1671)
2020-01-23 00:00:00
SUSE: Security Advisory (SUSE-SU-2019:1767-1)
2021-04-19 00:00:00
cve
cve
CVE-2019-11487
2019-04-23 22:29:05
redhat
redhat
(RHSA-2020:4182) Important: kernel security and bug fix update
2020-10-06 12:54:02
(RHSA-2020:3266) Important: kernel-rt security and bug fix update
2020-08-03 06:02:46
(RHSA-2020:3230) Important: kernel security and bug fix update
2020-07-29 21:04:32
cvelist
cvelist
CVE-2019-11487
2019-04-23 22:00:44
oraclelinux
oraclelinux
kernel security and bug fix update
2020-10-08 00:00:00
kernel security, bug fix, and enhancement update
2020-03-18 00:00:00
kernel security and bug fix update
2019-09-12 00:00:00
debiancve
debiancve
CVE-2019-11487
2019-04-23 22:29:05
centos
centos
kernel, perf, python security update
2020-11-09 13:13:23
bpftool, kernel, perf, python security update
2020-03-18 19:22:23
ubuntucve
ubuntucve
CVE-2019-11487
2019-04-23 00:00:00
f5
f5
K14255532 : Linux kernel vulnerability CVE-2019-11487
2019-06-28 00:00:00
ubuntu
ubuntu
Linux kernel (HWE) vulnerabilities
2019-08-01 00:00:00
Linux kernel vulnerabilities
2019-07-23 00:00:00
Linux kernel vulnerabilities
2019-10-01 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2019-06-18 00:00:00
Security update for the Linux Kernel (important)
2019-06-18 00:00:00
Security update for the Linux Kernel (important)
2019-06-18 00:00:00
virtuozzo
virtuozzo
[Important] [Security] New kernel 2.6.32-042stab146.1; Virtuozzo 6.0 Update 12 Hotfix 54 (6.0.12-3761)
2021-08-03 00:00:00
osv
osv
linux-4.9 - security update
2019-09-12 00:00:00
debian
debian
[SECURITY] [DLA 1919-1] linux-4.9 security update
2019-09-14 00:21:38
[SECURITY] [DLA 1919-2] linux-4.9 security update
2019-09-15 17:51:06
ibm
ibm
Security Bulletin: IBM QRadar Network Security is affected by multiple vulnerabilities in kernel.
2022-07-07 10:52:55
Security Bulletin: IBM Data Risk Manager is affected by multiple vulnerabilities
2021-08-13 22:15:02
photon
photon
Critical Photon OS Security Update - PHSA-2019-0250
2019-09-03 00:00:00
Critical Photon OS Security Update - PHSA-2019-0161
2019-06-05 00:00:00
Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2019-2.0-0161
2019-06-05 00:00:00
slackware
slackware
[slackware-security] Slackware 14.2 kernel
2020-03-26 23:13:28
cloudfoundry
cloudfoundry
USN-4115-1: Linux kernel vulnerabilities | Cloud Foundry
2019-09-30 00:00:00
USN-4115-2: Linux kernel regression | Cloud Foundry
2019-09-30 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - April 2021
2021-04-20 00:00:00

0.002 Low

EPSS

Percentile

52.7%

JSON
Related for RH:CVE-2019-11487
prion1nessus60veracode1nvd1openvas30cve1redhat9cvelist1oraclelinux6debiancve1centos2ubuntucve1f51ubuntu6suse3virtuozzo1osv1debian2ibm2photon6slackware1cloudfoundry2oracle1