How severe is CVE-2019-5489?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2019-5489?

This is classified as CWE-319, which is a common weakness in software security.

CVE-2019-5489 - MEDIUM Severity | CVSS 5.5

Vulnerability Description

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.

Related Vulnerabilities

CVE-2007-5626

MEDIUM

CVSS:5.5(Medium)

make_catalog_backup in Bacula 2.2.5, and probably earlier, sends a MySQL password as a command line argument, and sometimes transmits cleartext e-mail containing this command line, which allows contex...

CWE-3192007

CVE-2010-4177

MEDIUM

CVSS:5.5(Medium)

mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the password of a user connected to the MySQL server in clear text form via the list of running processes.

CWE-3192010

CVE-2012-1257

MEDIUM

CVSS:5.5(Medium)

Pidgin 2.10.0 uses DBUS for certain cleartext communication, which allows local users to obtain sensitive information via a dbus session monitor.

CWE-3192012

CVE-2017-6410

MEDIUM

CVSS:5.5(Medium)

kpac/script.cpp in KDE kio before 5.32 and kdelibs before 4.14.30 calls the PAC FindProxyForURL function with a full https URL (potentially including Basic Authentication credentials, a query string, ...

CWE-3192017

CVE-2017-7143

MEDIUM

CVSS:5.5(Medium)

An issue was discovered in certain Apple products. macOS before 10.13 is affected. The issue involves the "Captive Network Assistant" component. It allows remote attackers to discover cleartext passwo...

CWE-3192017

CVE-2019-0069

MEDIUM

CVSS:5.5(Medium)

On EX4600, QFX5100 Series, NFX Series, QFX10K Series, QFX5110, QFX5200 Series, QFX5110, QFX5200, QFX10K Series, vSRX, SRX1500, SRX4000 Series, vSRX, SRX1500, SRX4000, QFX5110, QFX5200, QFX10K Series, ...

CWE-3192019