|
|
Synthesis of the vulnerability 
An attacker can force the usage of a freed memory area via try_merge_free_space() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.Impacted products: Linux.
Severity of this bulletin: 2/4.
Creation date: 09/12/2019.
Références of this threat: CVE-2019-19448, VIGILANCE-VUL-31095.
Description of the vulnerability 
An attacker can force the usage of a freed memory area via try_merge_free_space() of the Linux kernel, in order to trigger a denial of service, and possibly to run code.
Full bulletin, software filtering, emails, fixes, … (Request your free trial)
This computer vulnerability note impacts software or systems such as Linux.
Our Vigil@nce team determined that the severity of this computer vulnerability announce is medium.
The trust level is of type confirmed by the editor, with an origin of physical access.
A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a technician ability can exploit this cybersecurity announce.
Solutions for this threat 
Linux kernel: patch for try_merge_free_space.
A patch is indicated in information sources.
Full bulletin, software filtering, emails, fixes, … (Request your free trial)
Computer vulnerabilities tracking service 
Vigil@nce provides an application vulnerability alert. The Vigil@nce security watch publishes vulnerability bulletins about threats impacting the information system.