CloudLinux - CloudLinux Blog - Major 9.8 vulnerability affects multiple Linux kernels— CVE-2019-8912 (af_alg_release())

Major 9.8 vulnerability affects multiple Linux kernels— CVE-2019-8912 (af_alg_release())


The KernelCare team are tracking a new vulnerability, CVE-2019-8912.

Our assessment is that the cause is this commit, the introduction of a "sockfs_setattr()" function. This function neglects to null-out values in a structure, making their values usable after exiting from the function (a so-called ‘use-after-free’ error).

Our team have already released live patches for key customers and Amazon Linux, and not unaccustomed to weekend working, are right now making patches available for the full range of affected kernels, which are:

  • Ubuntu Bionic (and HWE kernels based on it)
  • Proxmox VE 5

KernelCare is constantly monitoring for Linux kernel vulnerabilities and are always among the first live patching solution providers to issue patches for our wide range of supported Linux distributions.

KernelCare, by CloudLinux, Inc., is the leading multi-platform live patching solution for Linux kernels. It keeps your servers safe, automatically downloading and installing the latest security patches; it keeps your servers running, updating kernels without rebooting, without interruption to processes or people. KernelCare is the missing link in Linux server security.

Beta: MariaDB for MySQL Governor updated

By accepting you will be accessing a service provided by a third-party external to

EU e-Privacy Directive

This website uses cookies to ensure you get the best experience using our website and services. If you prefer we don’t use cookies, please disable them in your browser.

You have declined cookies. This decision can be reversed.

You have allowed cookies to be placed on your computer. This decision can be reversed.