CVE-2019-13648

{"id": "CVE-2019-13648", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "LOCAL", "vectorString": "AV:L/AC:L/Au:N/C:N/I:N/A:C", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 3.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}], "cvssMetricV30": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.0", "baseScore": 5.5, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 1.8}]}, "published": "2019-07-19T13:15:12.797", "references": [{"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00055.html", "source": "cve@mitre.org"}, {"url": "http://lists.opensuse.org/opensuse-security-announce/2019-08/msg00056.html", "source": "cve@mitre.org"}, {"url": "http://packetstormsecurity.com/files/154059/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html", "source": "cve@mitre.org"}, {"url": "http://www.openwall.com/lists/oss-security/2019/07/30/1", "source": "cve@mitre.org"}, {"url": "https://git.kernel.org/torvalds/c/f16d80b75a096c52354c6e0a574993f3b0dfbdfe", "source": "cve@mitre.org"}, {"url": "https://lists.debian.org/debian-lts-announce/2019/08/msg00017.html", "source": "cve@mitre.org"}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GRK2MW223KQZ76DKEF2BZFN6TCXLZLDS/", "source": "cve@mitre.org"}, {"url": "https://patchwork.ozlabs.org/patch/1133904/", "tags": ["Patch", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://seclists.org/bugtraq/2019/Aug/13", "source": "cve@mitre.org"}, {"url": "https://seclists.org/bugtraq/2019/Aug/18", "source": "cve@mitre.org"}, {"url": "https://seclists.org/bugtraq/2019/Aug/26", "source": "cve@mitre.org"}, {"url": "https://security.netapp.com/advisory/ntap-20190806-0001/", "source": "cve@mitre.org"}, {"url": "https://usn.ubuntu.com/4114-1/", "source": "cve@mitre.org"}, {"url": "https://usn.ubuntu.com/4115-1/", "source": "cve@mitre.org"}, {"url": "https://usn.ubuntu.com/4116-1/", "source": "cve@mitre.org"}, {"url": "https://www.debian.org/security/2019/dsa-4495", "source": "cve@mitre.org"}, {"url": "https://www.debian.org/security/2019/dsa-4497", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-399"}]}], "descriptions": [{"lang": "en", "value": "In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal frame. This affects arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c."}, {"lang": "es", "value": "En el kernel de Linux hasta versi\u00f3n 5.2.1 sobre la plataforma powerpc, cuando la memoria transaccional de hardware est\u00e1 deshabilitada, un usuario local puede causar una denegaci\u00f3n de servicio (excepci\u00f3n de TM Bad Thing y bloqueo del sistema) por medio de una llamada de sistema de la funci\u00f3n sigreturn() que env\u00eda una trama de se\u00f1al dise\u00f1ada. Esto afecta a los archivos arch/powerpc/kernel/signal_32.c y arch/powerpc/kernel/signal_64.c."}], "lastModified": "2023-11-07T03:03:54.537", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3BEAFB0F-D383-4D9A-856A-6493631A4742", "versionEndIncluding": "5.2.1"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}