CVE-2019-15239

HIGH

Linux Kernel < 4.9.190 and < 4.14.139 - Use-After-Free in TCP Write Queue Handling

Title source: llm
STIX 2.1

Description

In the Linux kernel, a certain net/ipv4/tcp_output.c change, which was properly incorporated into 4.16.12, was incorrectly backported to the earlier longterm kernels, introducing a new vulnerability that was potentially more severe than the issue that was intended to be fixed by backporting. Specifically, by adding to a write queue between disconnection and re-connection, a local attacker can trigger multiple use-after-free conditions. This can result in a kernel crash, or potentially in privilege escalation. NOTE: this affects (for example) Linux distributions that use 4.9.x longterm kernels before 4.9.190 or 4.14.x longterm kernels before 4.14.139.

Scores

CVSS v3 7.8
EPSS 0.0059
EPSS Percentile 43.9%
Attack Vector LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-416
Status published
Products (3)
debian/debian_linux 9.0
debian/debian_linux 10.0
linux/linux_kernel 4.16.12
Published Aug 20, 2019
Tracked Since Feb 18, 2026