How severe is CVE-2019-5023?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.9 out of 10.

What type of vulnerability is CVE-2019-5023?

This is classified as CWE-401, which is a common weakness in software security.

CVE-2019-5023

MEDIUM Year: 2019

CVSS v3 Score

5.9

Medium

CVSS v2 Score

4.3

Medium

Weakness Type

CWE-401

View all →

Vulnerability Description

An exploitable vulnerability exists in the grsecurity PaX patch for the function read_kmem, in PaX from version pax-linux-4.9.8-test1 to 4.9.24-test7, grsecurity official from version grsecurity-3.1-4.9.8-201702060653 to grsecurity-3.1-4.9.24-201704252333, grsecurity unofficial from version v4.9.25-unofficialgrsec to v4.9.74-unofficialgrsec. PaX adds a temp buffer to the read_kmem function, which is never freed when an invalid address is supplied. This results in a memory leakage that can lead to a crash of the system. An attacker needs to induce a read to /dev/kmem using an invalid address to exploit this vulnerability.

CVE-2017-15094

MEDIUM

CVSS:5.9(Medium)

An issue has been found in the DNSSEC parsing code of PowerDNS Recursor from 4.0.0 up to and including 4.0.6 leading to a memory leak when parsing specially crafted DNSSEC ECDSA keys. These keys are o...

CWE-4012017

CVE-2019-19076

MEDIUM

CVSS:5.9(Medium)

A memory leak in the nfp_abm_u32_knode_replace() function in drivers/net/ethernet/netronome/nfp/abm/cls.c in the Linux kernel before 5.3.6 allows attackers to cause a denial of service (memory consump...

CWE-4012019

CVE-2019-19080

MEDIUM

CVSS:5.9(Medium)

Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to cause a denial of service (memory...

CWE-4012019

CVE-2019-19081

MEDIUM

CVSS:5.9(Medium)

A memory leak in the nfp_flower_spawn_vnic_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allows attackers to cause a denial of service (memory c...

CWE-4012019

CVE-2019-6608

MEDIUM

CVSS:5.9(Medium)

On BIG-IP 11.5.1-11.6.3, 12.1.0-12.1.3, 13.0.0-13.1.1.1, and 14.0.0-14.0.0.2, under certain conditions, the snmpd daemon may leak memory on a multi-blade BIG-IP vCMP guest when processing authorized S...

CWE-4012019

CVE-2020-27822

MEDIUM

CVSS:5.9(Medium)

A flaw was found in Wildfly affecting versions 19.0.0.Final, 19.1.0.Final, 20.0.0.Final, 20.0.1.Final, and 21.0.0.Final. When an application uses the OpenTracing API's java-interceptors, there is a po...

CWE-4012020

CVE-2019-5023

Vulnerability Description

Related Vulnerabilities

CVE-2017-15094

CVE-2019-19076

CVE-2019-19080

CVE-2019-19081

CVE-2019-6608

CVE-2020-27822