CVE-2019-11486

moderate-risk

Published 2019-04-23

The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.

Do I need to act?

0.05% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 7.0/10 High

LOCAL / HIGH complexity

Affected Products (11)

Linux Kernel

Debian Linux

Leap

Active Iq

Hci Management Node

Snapprotect

Solidfire

Storage Replication Adapter For Clustered Data Ontap

Vasa Provider For Clustered Data Ontap

Virtual Storage Console

Affected Vendors

Debian Linux Netapp Opensuse

References (34)

Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html

Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html

Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html

Mailing List http://www.openwall.com/lists/oss-security/2019/04/29/1

Vendor Advisory https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.112

Vendor Advisory https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.35

Vendor Advisory https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.169

Vendor Advisory https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.8

Patch https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c7084...

Patch https://github.com/torvalds/linux/commit/c7084edc3f6d67750f50d4183134c4fb5712a5c...

Third Party Advisory https://lists.debian.org/debian-lts-announce/2019/05/msg00041.html

Third Party Advisory https://lists.debian.org/debian-lts-announce/2019/05/msg00042.html

Third Party Advisory https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html

Mailing List https://seclists.org/bugtraq/2019/Jun/26

Third Party Advisory https://security.netapp.com/advisory/ntap-20190517-0005/

Third Party Advisory https://support.f5.com/csp/article/K50222414

Third Party Advisory https://www.debian.org/security/2019/dsa-4465

Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00037.html

Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00043.html

Third Party Advisory http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html

and 14 more references

/ 100

moderate-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 16/34 · Moderate