Buffer overflow in Linux Kernel
CVE-2019-14821
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' o…
Vulnerability class: Buffer Overflow
EPSS: 0.008 (50.5th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.
Affected products
Weakness classification (CWE)
Public proof-of-concept exploits
References
- secalert@redhat.com (x_refsource_CONFIRM, Patch, Third Party Advisory, Mitigation, Issue Tracking)
- secalert@redhat.com (mailing-list, x_refsource_MLIST, Patch, Mailing List, Third Party Advisory)
- secalert@redhat.com (x_refsource_FEDORA, vendor-advisory, Mailing List, Third Party Advisory)
- secalert@redhat.com (mailing-list, x_refsource_MLIST, Mailing List, Third Party Advisory)
- secalert@redhat.com (mailing-list, x_refsource_BUGTRAQ, Mailing List, Third Party Advisory, Issue Tracking)
- secalert@redhat.com (vendor-advisory, Third Party Advisory, x_refsource_DEBIAN)
- secalert@redhat.com (mailing-list, x_refsource_MLIST, Mailing List, Third Party Advisory)
- secalert@redhat.com (x_refsource_FEDORA, vendor-advisory, Mailing List, Third Party Advisory)
- secalert@redhat.com (x_refsource_CONFIRM, Third Party Advisory)
- secalert@redhat.com (vendor-advisory, Mailing List, Third Party Advisory, x_refsource_SUSE)
Frequently asked questions
- What is CVE-2019-14821?
- CVE-2019-14821 is a high-severity vulnerability in Linux Kernel, classified under Out-of-bounds Write. CVSS score: 8.8/10. Published 2019-09-19.
- How severe is CVE-2019-14821?
- High severity. CVSS v3 base score is 8.8 out of 10.
- Is CVE-2019-14821 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.