Race Condition Vulnerability in Linux Kernel Allows Use-After-Free Access to LDT Entry

Race Condition Vulnerability in Linux Kernel Allows Use-After-Free Access to LDT Entry

CVE-2019-13233 · MEDIUM Severity

AV:L/AC:M/AU:N/C:P/I:P/A:P

In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.

Learn more about our Cis Benchmark Audit For Distribution Independent Linux.