CVE-2019-11811
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.
| Software | From | Fixed in |
|---|---|---|
| redhat / enterprise_linux_desktop | 7.0 | 7.0.x |
| redhat / enterprise_linux_workstation | 7.0 | 7.0.x |
| redhat / enterprise_linux | 7.0 | 7.0.x |
| redhat / enterprise_linux_server | 7.0 | 7.0.x |
| redhat / enterprise_linux_server_aus | 7.4 | 7.4.x |
| redhat / enterprise_linux_server_tus | 7.4 | 7.4.x |
| redhat / enterprise_linux_server_tus | 7.6 | 7.6.x |
| redhat / enterprise_linux_aus | 7.6 | 7.6.x |
| opensuse / leap | 15.1 | 15.1.x |
| linux / linux_kernel | 4.20 | 5.0.4 |
| linux / linux_kernel | 4.18 | 4.19.31 |
- http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html
- http://www.securityfocus.com/bid/108410
- https://access.redhat.com/errata/RHSA-2019:1873
- https://access.redhat.com/errata/RHSA-2019:1891
- https://access.redhat.com/errata/RHSA-2019:1959
- https://access.redhat.com/errata/RHSA-2019:1971
- https://access.redhat.com/errata/RHSA-2019:4057
- https://access.redhat.com/errata/RHSA-2019:4058
- https://access.redhat.com/errata/RHSA-2020:0036
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.4
- https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=401e7e88d4ef80188ffa07095ac00456f901b8c4
- https://github.com/torvalds/linux/commit/401e7e88d4ef80188ffa07095ac00456f901b8c4
- https://security.netapp.com/advisory/ntap-20190719-0003/
- https://support.f5.com/csp/article/K01512680
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime