{"api_version":"1","generated_at":"2026-04-22T22:49:24+00:00","cve":"CVE-2019-5489","urls":{"html":"https://cve.report/CVE-2019-5489","api":"https://cve.report/api/cve/CVE-2019-5489.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2019-5489","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2019-5489"},"summary":{"title":"CVE-2019-5489","description":"The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2019-01-07 17:29:00","updated_at":"2020-08-24 17:37:00"},"problem_types":["CWE-319"],"metrics":[],"references":[{"url":"https://access.redhat.com/errata/RHSA-2019:2837","name":"RHSA-2019:2837","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2020:0204","name":"RHSA-2020:0204","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:2029","name":"RHSA-2019:2029","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:4058","name":"RHSA-2019:4058","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://seclists.org/bugtraq/2019/Jun/26","name":"20190618 [SECURITY] [DSA 4465-1] linux security update","refsource":"BUGTRAQ","tags":[],"title":"Bugtraq: [SECURITY] [DSA 4465-1] linux security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e","name":"https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e","refsource":"MISC","tags":["Patch","Third Party Advisory"],"title":"Change mincore() to count \"mapped\" pages rather than \"cached\" pages · torvalds/linux@574823b · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:2808","name":"RHSA-2019:2808","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:3517","name":"RHSA-2019:3517","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.oracle.com/security-alerts/cpujul2020.html","name":"https://www.oracle.com/security-alerts/cpujul2020.html","refsource":"MISC","tags":[],"title":"Oracle Critical Patch Update Advisory - July 2020","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html","name":"openSUSE-SU-2019:1570","refsource":"SUSE","tags":[],"title":"[security-announce] openSUSE-SU-2019:1570-1: important: Security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html","name":"openSUSE-SU-2019:1479","refsource":"SUSE","tags":[],"title":"[security-announce] openSUSE-SU-2019:1479-1: important: Security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:2043","name":"RHSA-2019:2043","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://bugzilla.suse.com/show_bug.cgi?id=1120843","name":"https://bugzilla.suse.com/show_bug.cgi?id=1120843","refsource":"MISC","tags":["Issue Tracking","Patch","Third Party Advisory"],"title":"Bug 1120843 – VUL-0: CVE-2019-5489: kernel-source: new pagecache side-channel attack","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.debian.org/security/2019/dsa-4465","name":"DSA-4465","refsource":"DEBIAN","tags":[],"title":"Debian -- Security Information -- DSA-4465-1 linux","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:4164","name":"RHSA-2019:4164","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:4159","name":"RHSA-2019:4159","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:2809","name":"RHSA-2019:2809","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-pagecache-en","name":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-pagecache-en","refsource":"CONFIRM","tags":[],"title":"Security Advisory - Page-Cache Side-Channel Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e","name":"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e","refsource":"MISC","tags":["Patch","Vendor Advisory"],"title":"kernel/git/torvalds/linux.git - Linux kernel source tree","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html","name":"[debian-lts-announce] 20190617 [SECURITY] [DLA 1823-1] linux security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 1823-1] linux security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:4057","name":"RHSA-2019:4057","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/","name":"https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/","refsource":"MISC","tags":["Technical Description","Third Party Advisory"],"title":"New side-channel leak: Boffins bash operating system page caches until they spill secrets • The Register","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:2473","name":"RHSA-2019:2473","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://security.netapp.com/advisory/ntap-20190307-0001/","name":"https://security.netapp.com/advisory/ntap-20190307-0001/","refsource":"CONFIRM","tags":["Third Party Advisory"],"title":"CVE-2019-5489 Linux Kernel Vulnerability in NetApp Products | NetApp Product Security","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:4056","name":"RHSA-2019:4056","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html","name":"[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update","refsource":"MLIST","tags":[],"title":"[SECURITY] [DLA 1824-1] linux-4.9 security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:4255","name":"RHSA-2019:4255","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:3967","name":"RHSA-2019:3967","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/106478","name":"106478","refsource":"BID","tags":["Third Party Advisory","VDB Entry"],"title":"Linux Kernel 'mm/mincore.c' Local Information Disclosure Vulnerability","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html","name":"openSUSE-SU-2019:1579","refsource":"SUSE","tags":[],"title":"[security-announce] openSUSE-SU-2019:1579-1: important: Security update","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://arxiv.org/abs/1901.01161","name":"https://arxiv.org/abs/1901.01161","refsource":"MISC","tags":["Third Party Advisory"],"title":"[1901.01161] Page Cache Attacks","mime":"text/xml","httpstatus":"200","archivestatus":"200"},{"url":"https://access.redhat.com/errata/RHSA-2019:3309","name":"RHSA-2019:3309","refsource":"REDHAT","tags":[],"title":"Red Hat Customer Portal","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2019-5489","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2019-5489","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2019","cve_id":"5489","vulnerable":"1","versionEndIncluding":"4.19.13","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"linux","cpe5":"linux_kernel","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"5489","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_performance_analytics_services","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"5489","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"active_iq_performance_analytics_services","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"5489","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"element_software_management_node","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2019","cve_id":"5489","vulnerable":"1","versionEndIncluding":"1","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"netapp","cpe5":"element_software_management_node","cpe6":"-","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2019-5489","qid":"160525","title":"Oracle Enterprise Linux Security Update for unbreakable enterprise kernel (ELSA-2023-12232)"},{"cve":"CVE-2019-5489","qid":"296075","title":"Oracle Solaris 11.4 Support Repository Update (SRU) 21.69.0 Missing (CPUAPR2020)"},{"cve":"CVE-2019-5489","qid":"390276","title":"Oracle VM Server for x86 Security Update for kernel (OVMSA-2023-0007)"},{"cve":"CVE-2019-5489","qid":"610324","title":"Google Android March 2021 Security Patch Missing for Huawei EMUI"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2019-5489","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"106478","refsource":"BID","url":"http://www.securityfocus.com/bid/106478"},{"refsource":"SUSE","name":"openSUSE-SU-2019:1479","url":"http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html"},{"refsource":"DEBIAN","name":"DSA-4465","url":"https://www.debian.org/security/2019/dsa-4465"},{"refsource":"MLIST","name":"[debian-lts-announce] 20190617 [SECURITY] [DLA 1823-1] linux security update","url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html"},{"refsource":"MLIST","name":"[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update","url":"https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html"},{"refsource":"SUSE","name":"openSUSE-SU-2019:1570","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html"},{"refsource":"BUGTRAQ","name":"20190618 [SECURITY] [DSA 4465-1] linux security update","url":"https://seclists.org/bugtraq/2019/Jun/26"},{"refsource":"SUSE","name":"openSUSE-SU-2019:1579","url":"http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html"},{"refsource":"REDHAT","name":"RHSA-2019:2043","url":"https://access.redhat.com/errata/RHSA-2019:2043"},{"refsource":"REDHAT","name":"RHSA-2019:2029","url":"https://access.redhat.com/errata/RHSA-2019:2029"},{"refsource":"REDHAT","name":"RHSA-2019:2473","url":"https://access.redhat.com/errata/RHSA-2019:2473"},{"refsource":"REDHAT","name":"RHSA-2019:2808","url":"https://access.redhat.com/errata/RHSA-2019:2808"},{"refsource":"REDHAT","name":"RHSA-2019:2837","url":"https://access.redhat.com/errata/RHSA-2019:2837"},{"refsource":"REDHAT","name":"RHSA-2019:2809","url":"https://access.redhat.com/errata/RHSA-2019:2809"},{"refsource":"REDHAT","name":"RHSA-2019:3309","url":"https://access.redhat.com/errata/RHSA-2019:3309"},{"refsource":"REDHAT","name":"RHSA-2019:3517","url":"https://access.redhat.com/errata/RHSA-2019:3517"},{"refsource":"REDHAT","name":"RHSA-2019:3967","url":"https://access.redhat.com/errata/RHSA-2019:3967"},{"refsource":"REDHAT","name":"RHSA-2019:4058","url":"https://access.redhat.com/errata/RHSA-2019:4058"},{"refsource":"REDHAT","name":"RHSA-2019:4057","url":"https://access.redhat.com/errata/RHSA-2019:4057"},{"refsource":"REDHAT","name":"RHSA-2019:4056","url":"https://access.redhat.com/errata/RHSA-2019:4056"},{"refsource":"REDHAT","name":"RHSA-2019:4159","url":"https://access.redhat.com/errata/RHSA-2019:4159"},{"refsource":"REDHAT","name":"RHSA-2019:4164","url":"https://access.redhat.com/errata/RHSA-2019:4164"},{"refsource":"REDHAT","name":"RHSA-2019:4255","url":"https://access.redhat.com/errata/RHSA-2019:4255"},{"refsource":"REDHAT","name":"RHSA-2020:0204","url":"https://access.redhat.com/errata/RHSA-2020:0204"},{"url":"https://www.oracle.com/security-alerts/cpujul2020.html","refsource":"MISC","name":"https://www.oracle.com/security-alerts/cpujul2020.html"},{"name":"https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/","refsource":"MISC","url":"https://www.theregister.co.uk/2019/01/05/boffins_beat_page_cache/"},{"name":"https://bugzilla.suse.com/show_bug.cgi?id=1120843","refsource":"MISC","url":"https://bugzilla.suse.com/show_bug.cgi?id=1120843"},{"name":"https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e","refsource":"MISC","url":"https://github.com/torvalds/linux/commit/574823bfab82d9d8fa47f422778043fbb4b4f50e"},{"name":"https://arxiv.org/abs/1901.01161","refsource":"MISC","url":"https://arxiv.org/abs/1901.01161"},{"name":"https://security.netapp.com/advisory/ntap-20190307-0001/","refsource":"CONFIRM","url":"https://security.netapp.com/advisory/ntap-20190307-0001/"},{"name":"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e","refsource":"MISC","url":"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=574823bfab82d9d8fa47f422778043fbb4b4f50e"},{"refsource":"CONFIRM","name":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-pagecache-en","url":"http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-pagecache-en"}]}},"nvd":{"publishedDate":"2019-01-07 17:29:00","lastModifiedDate":"2020-08-24 17:37:00","problem_types":["CWE-319"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.0","vectorString":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":5.5,"baseSeverity":"MEDIUM"},"exploitabilityScore":1.8,"impactScore":3.6},"baseMetricV2":{"cvssV2":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:P/I:N/A:N","accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"PARTIAL","integrityImpact":"NONE","availabilityImpact":"NONE","baseScore":2.1},"severity":"LOW","exploitabilityScore":3.9,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*","versionEndIncluding":"4.19.13","cpe_name":[]}]},{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:element_software_management_node:-:*:*:*:*:*:*:*","cpe_name":[]},{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:netapp:active_iq_performance_analytics_services:-:*:*:*:*:*:*:*","cpe_name":[]}]}]}},"legacy_mitre":{"record":{"CveYear":"2019","CveId":"5489","Ordinal":"143109","Title":"CVE-2019-5489","CVE":"CVE-2019-5489","Year":"2019"},"notes":[{"CveYear":"2019","CveId":"5489","Ordinal":"1","NoteData":"The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this affects the output of the fincore program.) Limited remote exploitation may be possible, as demonstrated by latency differences in accessing public files from an Apache HTTP Server.","Type":"Description","Title":null},{"CveYear":"2019","CveId":"5489","Ordinal":"2","NoteData":"2019-01-07","Type":"Other","Title":"Published"},{"CveYear":"2019","CveId":"5489","Ordinal":"3","NoteData":"2020-07-14","Type":"Other","Title":"Modified"}]}}}