1. Home
  2. CVE Database
  3. CVE-2019-11191
LOW · 2.5

CVE-2019-11191

The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is call...

Vulnerability Description

The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in load_aout_binary() in fs/binfmt_aout.c, and thus the ptrace_may_access() check has a race condition when reading /proc/pid/stat. NOTE: the software maintainer disputes that this is a vulnerability because ASLR for a.out format executables has never been supported

CVSS Score

2.5

LOW

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
LOW
Integrity
NONE
Availability
NONE

Affected Products

VendorProductVersions
LinuxLinux Kernel<= 5.0.7

Related Weaknesses (CWE)

CWE-362

References

FAQ

What is CVE-2019-11191?

CVE-2019-11191 is a vulnerability with a CVSS score of 2.5 (LOW). The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is call...

How severe is CVE-2019-11191?

CVE-2019-11191 has been rated LOW with a CVSS base score of 2.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-11191?

Check the references section above for vendor advisories and patch information. Affected products include: Linux Linux Kernel.