CVE-2019-11815: Linux Kernel (prior to 5.0.8) Remote Code Execution Vulnerability Alert

If you are not used to using the latest version of the Linux kernel, then now may be a good time to consider upgrading. Systems based on Linux kernel prior to 5.0.8 have found a security vulnerability in implementing RDS over TCP. If not patched, the vulnerability could cause an attacker to compromise the system. The CVE number is CVE-2019-11815.

Red Hat, Ubuntu, Debian, and SUSE have all been affected by this vulnerability, and these publishers have issued security recommendations for their Linux distributions. It is worth noting that the “attack complexity” was rated as “high”, so although the impact of security vulnerabilities may be serious, it is more difficult to successfully implement the attack.

In the analysis of the vulnerability, Red Hat wrote:

A flaw was found in the Linux kernel’s implementation of RDS over TCP. A system that has the rds_tcp kernel module loaded (either through autoload via local process running listen(), or manual loading) could possibly cause a use after free (UAF) in which an attacker who is able to manipulate socket state while a network namespace is being torn down. This can lead to possible memory corruption and privilege escalation.