Vulnerability Description
Bromium client version 4.0.3.2060 and prior to 4.1.7 Update 1 has an out of bound read results in race condition causing Kernel memory leaks or denial of service.
CVSS Score
6.3
MEDIUM
CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Hp | Bromium | >= 4.0.3.2060, <= 4.1.7 |
Related Weaknesses (CWE)
References
- https://airbus-cyber-security.com/dive-into-a-kernel-bromium-race-condition-cve-ExploitThird Party Advisory
- https://support.bromium.com/s/article/Bromium-Secure-Platform-4-1-Update-7-ReleaRelease NotesVendor Advisory
- https://airbus-cyber-security.com/dive-into-a-kernel-bromium-race-condition-cve-ExploitThird Party Advisory
- https://support.bromium.com/s/article/Bromium-Secure-Platform-4-1-Update-7-ReleaRelease NotesVendor Advisory
FAQ
What is CVE-2019-18567?
CVE-2019-18567 is a vulnerability with a CVSS score of 6.3 (MEDIUM). Bromium client version 4.0.3.2060 and prior to 4.1.7 Update 1 has an out of bound read results in race condition causing Kernel memory leaks or denial of service.
How severe is CVE-2019-18567?
CVE-2019-18567 has been rated MEDIUM with a CVSS base score of 6.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-18567?
Check the references section above for vendor advisories and patch information. Affected products include: Hp Bromium.