Detections
Analytics
F5 Networks BIG-IP : Linux kernel vulnerability (K01512680)
high Nessus Plugin ID 150477
Language:
Synopsis
The remote device is missing a vendor-supplied security patch.Description
An issue was discovered in the Linux kernel before 5.0.4. There is a use-after-free upon attempted read access to /proc/ioports after the ipmi_si module is removed, related to drivers/char/ipmi/ipmi_si_intf.c, drivers/char/ipmi/ipmi_si_mem_io.c, and drivers/char/ipmi/ipmi_si_port_io.c.(CVE-2019-11811)Impact
An attacker, with local access to read /proc/ioports, may be able to create a use-after-free condition when the kernel module is unloaded, which may result in privilege escalation.
Solution
Upgrade to one of the non-vulnerable versions listed in the F5 Solution K01512680.See Also
Plugin Details
Severity: High
ID: 150477
File Name: f5_bigip_SOL01512680.nasl
Version: 1.7
Type: local
Published: 6/10/2021
Updated: 11/2/2023
Configuration: Enable paranoid mode
Supported Sensors: Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: Medium
Base Score: 6.9
Temporal Score: 5.1
Vector: CVSS2#AV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS Score Source: CVE-2019-11811
CVSS v3
Risk Factor: High
Base Score: 7
Temporal Score: 6.1
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_domain_name_system, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/h:f5:big-ip, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_webaccelerator
Required KB Items: Host/local_checks_enabled, Settings/ParanoidReport, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version
Exploit Ease: No known exploits are available
Patch Publication Date: 7/8/2019
Vulnerability Publication Date: 5/7/2019
Reference Information
CVE: CVE-2019-11811