VYPR
Unrated severityNVD Advisory· Published Apr 29, 2019· Updated Aug 4, 2024

CVE-2019-11599

CVE-2019-11599

Description

The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a denial of service, or possibly have unspecified other impact by triggering a race condition with mmget_not_zero or get_task_mm calls. This is related to fs/userfaultfd.c, mm/mmap.c, fs/proc/task_mmu.c, and drivers/infiniband/core/uverbs_main.c.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

114

Patches

Vulnerability mechanics

References

39

News mentions

0

No linked articles in our index yet.