CVE-2019-18567
6.1
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
Summary
Bromium client version 4.0.3.2060 and prior to 4.1.7 Update 1 has an out of bound read results in race condition causing Kernel memory leaks or denial of service.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Bromium | Bromium client | 4.0.3.2060 | affected |
| Bromium | Bromium client | ?< 4.0.3.2060 | affected |
| Bromium | Bromium client | ?>= 4.0.3.2060 | affected |
| Bromium | Bromium client | < 4.1.7 Update 1 | affected |
Weaknesses
- CWE-362: CWE-362 Race Condition (Concurrent Execution using Shared Resource with Improper Synchronization)
ADP Enrichment
CVE Program Container
Additional References
- https://support.bromium.com/s/article/Bromium-Secure-Platform-4-1-Update-7-Released
- https://airbus-cyber-security.com/dive-into-a-kernel-bromium-race-condition-cve-2019-18567
References
- https://support.bromium.com/s/article/Bromium-Secure-Platform-4-1-Update-7-Released
- https://airbus-cyber-security.com/dive-into-a-kernel-bromium-race-condition-cve-2019-18567
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.