Main Vulnerability Database Exploits ID:5803 - Exploit for NULL pointer dereference in Linux kernel - CVE-2019-9213

ID:5803 - Exploit for NULL pointer dereference in Linux kernel - CVE-2019-9213

Published: June 17, 2021

Vulnerability identifier: #VU17910

Vulnerability risk: Low

CVE-ID: CVE-2019-9213

CWE-ID: CWE-476

Exploitation vector: Local access

Vulnerable software:
Linux kernel

Link to public exploit:

https://www.exploit-db.com/exploits/47957/

Vulnerability description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dreference error in expand_downwards() in mm/mmap.c that does not check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task. A local user can perform a denial of service (DoS) attack.

Remediation

Install update from vendor's website.

ID:5803 - Exploit for NULL pointer dereference in Linux kernel - CVE-2019-9213

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human