Rewterz Threat Advisory – CVE-2019-11815 – Linux Kernel “rds_tcp_kill_sock()” Use-After-Free Vulnerability

Rewterz Threat Advisory – Multiple Vulnerabilities in Mozilla Firefox

May 22, 2019

Rewterz Threat Advisory – Amazon Linux Update for Tomcat8 Multiple Vulnerabilities

May 22, 2019

Rewterz Threat Advisory – CVE-2019-11815 – Linux Kernel “rds_tcp_kill_sock()” Use-After-Free Vulnerability

Severity

Medium

Analysis Summary

A use-after-free error related to the “rds_tcp_kill_sock()” function (net/rds/tcp.c) can be exploited to corrupt memory and subsequently execute arbitrary code.

Impact

Unauthorized System Access

Affected Vendors

Linux

Affected Products

Linux Kernel 4.4.x
Linux Kernel 4.9.x
Linux Kernel 4.14.x
Linux Kernel 4.19.x
Linux Kernel 5.0.x

Remediation

Update to a fixed version.

Versions 5.0.x:

Update to version 5.0.8 or later.

Versions 4.19.x:

Update to version 4.19.35 or later.

Versions 4.14.x:

Update to version 4.14.112 or later.

Versions 4.9.x:

Update to version 4.9.169 or later.

Versions 4.4.x:

Update to version 4.4.179 or later.

Rewterz Threat Advisory – Multiple Vulnerabilities in Mozilla Firefox

Rewterz Threat Advisory – Amazon Linux Update for Tomcat8 Multiple Vulnerabilities

Rewterz Threat Advisory – CVE-2019-11815 – Linux Kernel “rds_tcp_kill_sock()” Use-After-Free Vulnerability

Security Operations Centers across the region

Saudi Arabia

UAE

Oman

Pakistan