Rewterz Threat Advisory – CVE-2019-5528 – VMware ESXi hostd Denial of Service Vulnerability
July 11, 2019Rewterz Threat Advisory – Delta Industrial Automation CNCSoft ScreenEditor Multiple Vulnerabilities
July 12, 2019Rewterz Threat Advisory – CVE-2019-5528 – VMware ESXi hostd Denial of Service Vulnerability
July 11, 2019Rewterz Threat Advisory – Delta Industrial Automation CNCSoft ScreenEditor Multiple Vulnerabilities
July 12, 2019Severity
Medium
Analysis Summary
An error related to the “net_hash_mix()” function (include/net/netns/hash.h) can be exploited to disclose certain kernel memory addresses and subsequently bypass KASLR.
Impact
Exposure of sensitive information
Affected Vendors
Linux
Affected Products
- Linux Kernel 3.16.x
- Linux Kernel 4.4.x
- Linux Kernel 4.9.x
- Linux Kernel 4.14.x
- Linux Kernel 4.19.x
Remediation
Update to a fixed version Versions
Versions 3.16.x: Update to version 3.16.70.
Versions 4.4.x: Update to version 4.4.179 or later.
Versions 4.9.x: Update to version 4.9.169 or later.
Versions 4.14.x: Update to version 4.14.112 or later.
Versions 4.19.x: Update to version 4.19.35 or later.