mirror of
https://github.com/0xMarcio/cve.git
synced 2026-02-12 22:53:11 +00:00
878 B
878 B
CVE-2019-13233
Description
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
POC
Reference
- http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.9
- https://usn.ubuntu.com/4117-1/
- https://usn.ubuntu.com/4118-1/