CVE-2019-13648
kernel: denial of service in arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c via sigreturn() system call
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c.
En el kernel de Linux hasta versión 5.2.1 sobre la plataforma powerpc, cuando la memoria transaccional de hardware está deshabilitada, un usuario local puede causar una denegación de servicio (excepción de TM Bad Thing y bloqueo del sistema) por medio de una llamada de sistema de la función sigreturn() que envía una trama de señal diseñada. Esto afecta a los archivos arch/powerpc/kernel/signal_32.c y arch/powerpc/kernel/signal_64.c.
A flaw was found in the PowerPc platform, where the kernel will panic if the transactional memory is disabled. An attacker could use this flaw to panic the system by constructing a signal context through the transactional memory MSR bits set.
It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code. Amit Klein and Benny Pinkas discovered that the Linux kernel did not sufficiently randomize IP ID values generated for connectionless networking protocols. A remote attacker could use this to track particular Linux devices. Various other issues were also addressed.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-07-18 CVE Reserved
- 2019-07-19 CVE Published
- 2024-08-04 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-399: Resource Management Errors
- CWE-400: Uncontrolled Resource Consumption
CAPEC
References (19)
| URL | Tag | Source |
|---|---|---|
| http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html | X_refsource_misc |
|
| http://www.openwall.com/lists/oss-security/2019/07/30/1 | Mailing List |
|
| https://git.kernel.org/torvalds/c/f16d80b75a096c52354c6e0a574993f3b0dfbdfe | X_refsource_confirm | |
| https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html | Mailing List |
|
| https://seclists.org/bugtraq/2019/Aug/13 | Mailing List |
|
| https://seclists.org/bugtraq/2019/Aug/18 | Mailing List |
|
| https://seclists.org/bugtraq/2019/Aug/26 | Mailing List |
|
| https://security.netapp.com/advisory/ntap-20190806-0001 | X_refsource_confirm |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://patchwork.ozlabs.org/patch/1133904 | 2023-11-07 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Linux Search vendor "Linux" | Linux Kernel Search vendor "Linux" for product "Linux Kernel" | <= 5.2.1 Search vendor "Linux" for product "Linux Kernel" and version " <= 5.2.1" | - |
Affected
| ||||||