CVE-2019-0211

Published: Apr 8, 2019Modified: Oct 27, 2025CISA KEV

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

In Apache HTTP Server 2.4 releases 2.4.17 to 2.4.38, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute arbitrary code with the privileges of the parent process (usually root) by manipulating the scoreboard. Non-Unix systems are not affected.

Affected (68)

Products: Apache: Http Server · Fedoraproject: Fedora · Canonical: Ubuntu Linux · +5 more

Show all products

1 product

1 product

1 product

1 product

1 product

1 product

Oncommand Unified Manager

Redhat

15 products

Enterprise Linux

Enterprise Linux Eus

Enterprise Linux For Arm 64

Enterprise Linux For Arm 64 Eus

Enterprise Linux For Ibm Z Systems

Enterprise Linux For Ibm Z Systems Eus

Enterprise Linux For Power Little Endian

Enterprise Linux For Power Little Endian Eus

Enterprise Linux Server Aus

Enterprise Linux Server Tus

Enterprise Linux Update Services For Sap Solutions

Jboss Core Services

Openshift Container Platform

Openshift Container Platform For Power

Software Collections

Oracle

6 products

Communications Session Report Manager

Communications Session Route Manager

Enterprise Manager Ops Center

Http Server

Instantis Enterprisetrack

Retail Xstore Point Of Service

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Apache Http Server	From 2.4.17 to 2.4.38

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 28
Fedoraproject Fedora	Version 29
Fedoraproject Fedora	Version 30

Configuration C

4 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 14.04
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 18.10

Configuration D

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 9.0

Configuration E

2 vulnerable

Vulnerable Software	Affected Versions
Opensuse Leap	Version 15.0
Opensuse Leap	Version 42.3

Configuration F

1 vulnerable

Vulnerable Software	Affected Versions
Netapp Oncommand Unified Manager	All versions

Configuration G

40 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 8.0
Redhat Enterprise Linux Eus	Version 8.1
Redhat Enterprise Linux Eus	Version 8.2
Redhat Enterprise Linux Eus	Version 8.4
Redhat Enterprise Linux Eus	Version 8.6
Redhat Enterprise Linux Eus	Version 8.8
Redhat Enterprise Linux For Arm 64	Version 8.0_aarch64
Redhat Enterprise Linux For Arm 64 Eus	Version 8.1_aarch64
Redhat Enterprise Linux For Arm 64 Eus	Version 8.2_aarch64
Redhat Enterprise Linux For Arm 64 Eus	Version 8.4_aarch64
Redhat Enterprise Linux For Arm 64 Eus	Version 8.6_aarch64
Redhat Enterprise Linux For Arm 64 Eus	Version 8.8_aarch64
Redhat Enterprise Linux For Ibm Z Systems	Version 8.0_s390x
Redhat Enterprise Linux For Ibm Z Systems Eus	Version 8.1_s390x
Redhat Enterprise Linux For Ibm Z Systems Eus	Version 8.2_s390x
Redhat Enterprise Linux For Ibm Z Systems Eus	Version 8.4_s390x
Redhat Enterprise Linux For Ibm Z Systems Eus	Version 8.6_s390x
Redhat Enterprise Linux For Ibm Z Systems Eus	Version 8.8_s390x
Redhat Enterprise Linux For Power Little Endian	Version 8.0_ppc64le
Redhat Enterprise Linux For Power Little Endian Eus	Version 8.1_ppc64le
Redhat Enterprise Linux For Power Little Endian Eus	Version 8.2_ppc64le
Redhat Enterprise Linux For Power Little Endian Eus	Version 8.4_ppc64le
Redhat Enterprise Linux For Power Little Endian Eus	Version 8.6_ppc64le
Redhat Enterprise Linux For Power Little Endian Eus	Version 8.8_ppc64le
Redhat Enterprise Linux Server Aus	Version 8.2
Redhat Enterprise Linux Server Aus	Version 8.4
Redhat Enterprise Linux Server Aus	Version 8.6
Redhat Enterprise Linux Server Tus	Version 8.2
Redhat Enterprise Linux Server Tus	Version 8.4
Redhat Enterprise Linux Server Tus	Version 8.6
Redhat Enterprise Linux Server Tus	Version 8.8
Redhat Enterprise Linux Update Services For Sap Solutions	Version 8.0
Redhat Enterprise Linux Update Services For Sap Solutions	Version 8.1
Redhat Enterprise Linux Update Services For Sap Solutions	Version 8.4
Redhat Enterprise Linux Update Services For Sap Solutions	Version 8.6
Redhat Enterprise Linux Update Services For Sap Solutions	Version 8.8
Redhat Jboss Core Services	Version 1.0
Redhat Openshift Container Platform	Version 3.11
Redhat Openshift Container Platform For Power	Version 3.11_ppc64le
Redhat Software Collections	Version 1.0

Configuration H

16 vulnerable

Vulnerable Software	Affected Versions
Oracle Communications Session Report Manager	Version 8.0.0
Oracle Communications Session Report Manager	Version 8.1.0
Oracle Communications Session Report Manager	Version 8.1.1
Oracle Communications Session Report Manager	Version 8.2.0
Oracle Communications Session Route Manager	Version 8.0.0
Oracle Communications Session Route Manager	Version 8.1.0
Oracle Communications Session Route Manager	Version 8.1.1
Oracle Communications Session Route Manager	Version 8.2.0
Oracle Enterprise Manager Ops Center	Version 12.3.3
Oracle Enterprise Manager Ops Center	Version 12.4.0
Oracle Http Server	Version 12.2.1.3.0
Oracle Instantis Enterprisetrack	Version 17.1
Oracle Instantis Enterprisetrack	Version 17.2
Oracle Instantis Enterprisetrack	Version 17.3
Oracle Retail Xstore Point Of Service	Version 7.0
Oracle Retail Xstore Point Of Service	Version 7.1

Related CWEs

CWE-416

Use After Free

The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory "belongs" to the code that operates on the new pointer.

References (103)

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html

Source: security@apache.org

Broken LinkMailing ListRelease NotesThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html

Source: security@apache.org

Broken LinkMailing ListRelease NotesThird Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html

Source: security@apache.org

Broken LinkThird Party Advisory

http://packetstormsecurity.com/files/152386/Apache-2.4.38-Root-Privilege-Escalation.html

Source: security@apache.org

Third Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/152415/Slackware-Security-Advisory-httpd-Updates.html

Source: security@apache.org

ExploitThird Party AdvisoryVDB Entry

http://packetstormsecurity.com/files/152441/CARPE-DIEM-Apache-2.4.x-Local-Privilege-Escalation.html

Source: security@apache.org

ExploitThird Party AdvisoryVDB Entry

http://www.apache.org/dist/httpd/CHANGES_2.4.39

Source: security@apache.org

Broken LinkVendor Advisory

http://www.openwall.com/lists/oss-security/2019/04/02/3

Source: security@apache.org

Mailing ListThird Party Advisory

http://www.openwall.com/lists/oss-security/2019/07/26/7

Source: security@apache.org

Mailing List

http://www.securityfocus.com/bid/107666

Source: security@apache.org

Broken LinkThird Party AdvisoryVDB Entry

https://access.redhat.com/errata/RHBA-2019:0959

Source: security@apache.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:0746

Source: security@apache.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:0980

Source: security@apache.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:1296

Source: security@apache.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:1297

Source: security@apache.org

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:1543

Source: security@apache.org

Third Party Advisory

https://httpd.apache.org/security/vulnerabilities_24.html

Source: security@apache.org

Vendor Advisory

https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/890507b85c30adf133216b299cc35cd8cd0346a885acfc671c04694e%40%3Cdev.community.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/b1613d44ec364c87bb7ee8c5939949f9b061c05c06e0e90098ebf7aa%40%3Cusers.httpd.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/b2bdb308dc015e771ba79c0586b2de6fb50caa98b109833f5d4daf28%40%3Cdev.community.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/de881a130bc9cb2f3a9ff220784520556884fb8ea80e69400a45509e%40%3Cdev.community.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac%40%3Ccvs.httpd.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E

Source: security@apache.org

Mailing ListPatch

https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E

Source: security@apache.org

Mailing List

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/

Source: security@apache.org

Release Notes

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/

Source: security@apache.org

Release Notes

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/

Source: security@apache.org

Release Notes

https://seclists.org/bugtraq/2019/Apr/16

Source: security@apache.org

Mailing ListPatchThird Party Advisory

https://seclists.org/bugtraq/2019/Apr/5

Source: security@apache.org

Mailing ListThird Party Advisory

https://security.gentoo.org/glsa/201904-20

Source: security@apache.org

Third Party Advisory

https://security.netapp.com/advisory/ntap-20190423-0001/

Source: security@apache.org

Third Party Advisory

https://support.f5.com/csp/article/K32957101

Source: security@apache.org

Third Party Advisory

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us

Source: security@apache.org

Third Party Advisory

https://usn.ubuntu.com/3937-1/

Source: security@apache.org

Third Party Advisory

https://www.debian.org/security/2019/dsa-4422

Source: security@apache.org

Mailing ListThird Party Advisory

https://www.exploit-db.com/exploits/46676/

Source: security@apache.org

ExploitThird Party AdvisoryVDB Entry

https://www.oracle.com/security-alerts/cpuapr2020.html

Source: security@apache.org

PatchThird Party Advisory

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Source: security@apache.org

PatchThird Party Advisory

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Source: security@apache.org

PatchThird Party Advisory

https://www.synology.com/security/advisory/Synology_SA_19_14

Source: security@apache.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html