Unrated severityNVD Advisory· Published Apr 11, 2019· Updated Aug 4, 2024
CVE-2019-3837
CVE-2019-3837
Description
It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabled can leak the memory, crash the host leading to a denial-of-service or cause a random memory corruption.
Affected products
7- osv-coords6 versionspkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20COREpkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20COREpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20COREpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20COREpkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20COREpkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4%20LTSS%20EXTREME%20CORE
< 3.0.101-108.138.1+ 5 more
- (no CPE)range: < 3.0.101-108.138.1
- (no CPE)range: < 3.0.101-108.138.1
- (no CPE)range: < 3.0.101-108.138.1
- (no CPE)range: < 3.0.101-108.138.1
- (no CPE)range: < 3.0.101-108.138.1
- (no CPE)range: < 3.0.101-108.138.1
- The Linux Foundation/kernelv5Range: 2.6.32 as shipped in rhel-6
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.