High severity7.0NVD Advisory· Published Jun 19, 2019· Updated Jun 17, 2026
CVE-2019-3896
CVE-2019-3896
Description
A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).
Affected products
12- osv-coords9 versionspkg:rpm/suse/kernel-bigmem&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-default&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-ec2&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-pae&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-ppc64&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-source&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-syms&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-trace&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSSpkg:rpm/suse/kernel-xen&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4-LTSS
< 3.0.101-108.98.1+ 8 more
- (no CPE)range: < 3.0.101-108.98.1
- (no CPE)range: < 3.0.101-108.98.1
- (no CPE)range: < 3.0.101-108.98.1
- (no CPE)range: < 3.0.101-108.98.1
- (no CPE)range: < 3.0.101-108.98.1
- (no CPE)range: < 3.0.101-108.98.1
- (no CPE)range: < 3.0.101-108.98.1
- (no CPE)range: < 3.0.101-108.98.1
- (no CPE)range: < 3.0.101-108.98.1
Patches
Vulnerability mechanics
References
4- www.securityfocus.com/bid/108814nvdThird Party AdvisoryVDB Entry
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- security.netapp.com/advisory/ntap-20190710-0002/nvd
- support.f5.com/csp/article/K04327111nvd
News mentions
0No linked articles in our index yet.