CVE-2019-8912

  • Published Date: 02/18/2019
  • Last Modified Date: 04/12/2019

In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.

Impact

Severity: HIGH
Exploitability Score: 3.9
Impact Score: 10
Attack Vector (AV): LOCAL
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
Availability (A): COMPLETE

References (Advisories, Solutions, and Tools):



Note: This page is generated by our securitybot and has not been checked for errors. Feed Source: NVD