{"id":"CVE-2019-14898","details":"The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmget_not_zero or get_task_mm calls.","modified":"2026-05-04T08:23:43.664930Z","published":"2020-05-08T14:15:11.640Z","withdrawn":"2026-05-04T08:23:43.664930Z","references":[{"type":"WEB","url":"https://www.oracle.com/security-alerts/cpuApr2021.html"},{"type":"ADVISORY","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.14.114"},{"type":"ADVISORY","url":"https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.37"},{"type":"ADVISORY","url":"https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.10"},{"type":"ADVISORY","url":"https://security.netapp.com/advisory/ntap-20200608-0001/"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14898"},{"type":"FIX","url":"https://bugs.chromium.org/p/project-zero/issues/detail?id=1790"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"5.0.10"}]},{"events":[{"introduced":"0"},{"last_affected":"2.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-14898.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}