CVEPublished 2019-03-052 articles on news7 live referencesNVD data

CVE-2019-9213

Vulnerability data via CVEDB (Shodan)

CVSS v3.1
5.5
MEDIUM
EPSS percentile
92
Exploit Prediction Scoring System · top 8% of all CVEs
Description

In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task.

Timeline
Published 2019-03-05

External references

Search for exposed instances

Shodan + Censys queries derived from NVD's CPE data. The vuln tag catches assets Shodan has explicitly linked to this CVE; the product / banner fingerprints find exposed instances even when the vuln tag was never applied (which is common).

More intel sources (5)

Known PoCs on GitHub (3)