CVE-2019-5595

Name: CVE-2019-5595
Creator: NVD / NIST
Published: 2019-02-12T05:29:00.757+00:00
License: https://creativecommons.org/publicdomain/zero/1.0/

UnknownEPSS 0.35%

Last modified Jun 17, 2026

CVE-2019-5595 is a vulnerability of currently unknown severity. In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r343781), and 12.0-RELEASE-p3, kernel callee-save registers are not properly sanitized before return from system calls, potentially allowing some kernel data used in the system call to be exposed.. EPSS estimates a 0.35% chance of exploitation in the next 30 days.

Description

In FreeBSD before 11.2-STABLE(r343782), 11.2-RELEASE-p9, 12.0-STABLE(r343781), and 12.0-RELEASE-p3, kernel callee-save registers are not properly sanitized before return from system calls, potentially allowing some kernel data used in the system call to be exposed.

Metrics

EPSS Probability

0.35%

26.6th percentile

Probability of exploitation in the next 30 days. Learn more

Weakness Enumeration

CWE-459

Affected Software

Vendor	Product	Versions
Freebsd	Freebsd	11.2
Freebsd	Freebsd	12.0

References

https://security.FreeBSD.org/advisories/FreeBSD-SA-19:01.syscall.ascPatch, Vendor Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/156624Third Party Advisory
https://security.FreeBSD.org/advisories/FreeBSD-SA-19:01.syscall.ascPatch, Vendor Advisory

Timeline

Published: Feb 12, 2019
Last Modified: Jun 17, 2026
Status: Modified

Frequently Asked Questions

What is CVE-2019-5595?

How severe is CVE-2019-5595?

Severity scoring for CVE-2019-5595 is pending analysis. The EPSS model estimates a 0.35% probability of exploitation in the next 30 days.

How do I fix CVE-2019-5595?

Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2019-5595?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST