CVE-2019-0211: Apache HTTP Server Privilege Escalation Vulnerability
First published: Tue Apr 02 2019(Updated: )
Apache HTTP Server, with MPM event, worker or prefork, code executing in less-privileged child processes or threads (including scripts executed by an in-process scripting interpreter) could execute code with the privileges of the parent process (usually root) by manipulating the scoreboard.
Credit: security@apache.org security@apache.org security@apache.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Apache HTTP server | >=2.4.17<=2.4.38 | |
| Fedoraproject Fedora | =29 | |
| Fedoraproject Fedora | =30 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =16.04 | |
| Canonical Ubuntu Linux | =18.04 | |
| Canonical Ubuntu Linux | =18.10 | |
| Debian Debian Linux | =9.0 | |
| openSUSE Leap | =15.0 | |
| openSUSE Leap | =42.3 | |
| Fedoraproject Fedora | =28 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =16.04 | |
| Canonical Ubuntu Linux | =18.04 | |
| Netapp Oncommand Unified Manager 7-mode | ||
| Redhat Jboss Core Services | =1.0 | |
| Redhat Openshift Container Platform | =3.11 | |
| Redhat Openshift Container Platform For Power | =3.11_ppc64le | |
| Redhat Software Collections | =1.0 | |
| Redhat Enterprise Linux | =8.0 | |
| Redhat Enterprise Linux Eus | =8.1 | |
| Redhat Enterprise Linux Eus | =8.2 | |
| Redhat Enterprise Linux Eus | =8.4 | |
| Redhat Enterprise Linux Eus | =8.6 | |
| Redhat Enterprise Linux Eus | =8.8 | |
| Redhat Enterprise Linux For Arm 64 | =8.0_aarch64 | |
| Redhat Enterprise Linux For Arm 64 Eus | =8.1_aarch64 | |
| Redhat Enterprise Linux For Arm 64 Eus | =8.2_aarch64 | |
| Redhat Enterprise Linux For Arm 64 Eus | =8.4_aarch64 | |
| Redhat Enterprise Linux For Arm 64 Eus | =8.6_aarch64 | |
| Redhat Enterprise Linux For Arm 64 Eus | =8.8_aarch64 | |
| Redhat Enterprise Linux For Ibm Z Systems | =8.0_s390x | |
| Redhat Enterprise Linux For Ibm Z Systems Eus | =8.1_s390x | |
| Redhat Enterprise Linux For Ibm Z Systems Eus | =8.2_s390x | |
| Redhat Enterprise Linux For Ibm Z Systems Eus | =8.4_s390x | |
| Redhat Enterprise Linux For Ibm Z Systems Eus | =8.6_s390x | |
| Redhat Enterprise Linux For Ibm Z Systems Eus | =8.8_s390x | |
| Redhat Enterprise Linux For Power Little Endian | =8.0_ppc64le | |
| Redhat Enterprise Linux For Power Little Endian Eus | =8.1_ppc64le | |
| Redhat Enterprise Linux For Power Little Endian Eus | =8.2_ppc64le | |
| Redhat Enterprise Linux For Power Little Endian Eus | =8.4_ppc64le | |
| Redhat Enterprise Linux For Power Little Endian Eus | =8.6_ppc64le | |
| Redhat Enterprise Linux For Power Little Endian Eus | =8.8_ppc64le | |
| Redhat Enterprise Linux Server Aus | =8.2 | |
| Redhat Enterprise Linux Server Aus | =8.4 | |
| Redhat Enterprise Linux Server Aus | =8.6 | |
| Redhat Enterprise Linux Server Tus | =8.2 | |
| Redhat Enterprise Linux Server Tus | =8.4 | |
| Redhat Enterprise Linux Server Tus | =8.6 | |
| Redhat Enterprise Linux Server Tus | =8.8 | |
| Redhat Enterprise Linux Update Services For Sap Solutions | =8.0 | |
| Redhat Enterprise Linux Update Services For Sap Solutions | =8.1 | |
| Redhat Enterprise Linux Update Services For Sap Solutions | =8.4 | |
| Redhat Enterprise Linux Update Services For Sap Solutions | =8.6 | |
| Redhat Enterprise Linux Update Services For Sap Solutions | =8.8 | |
| Oracle Communications Session Report Manager | =8.0.0 | |
| Oracle Communications Session Report Manager | =8.1.0 | |
| Oracle Communications Session Report Manager | =8.1.1 | |
| Oracle Communications Session Report Manager | =8.2.0 | |
| Oracle Communications Session Route Manager | =8.0.0 | |
| Oracle Communications Session Route Manager | =8.1.0 | |
| Oracle Communications Session Route Manager | =8.1.1 | |
| Oracle Communications Session Route Manager | =8.2.0 | |
| Oracle Enterprise Manager Ops Center | =12.3.3 | |
| Oracle Enterprise Manager Ops Center | =12.4.0 | |
| Oracle HTTP Server | =12.2.1.3.0 | |
| Oracle Instantis Enterprisetrack | =17.1 | |
| Oracle Instantis Enterprisetrack | =17.2 | |
| Oracle Instantis Enterprisetrack | =17.3 | |
| Oracle Retail Xstore Point of Service | =7.0 | |
| Oracle Retail Xstore Point of Service | =7.1 | |
| Apache HTTP server | ||
| debian/apache2 | 2.4.62-1~deb11u1 2.4.62-1~deb11u2 2.4.62-1~deb12u1 2.4.62-1~deb12u2 2.4.62-3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00051.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00061.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00084.html
- http://packetstormsecurity.com/files/152386/Apache-2.4.38-Root-Privilege-Escalation.html
- http://packetstormsecurity.com/files/152415/Slackware-Security-Advisory-httpd-Updates.html
- http://packetstormsecurity.com/files/152441/CARPE-DIEM-Apache-2.4.x-Local-Privilege-Escalation.html
- http://www.apache.org/dist/httpd/CHANGES_2.4.39
- http://www.openwall.com/lists/oss-security/2019/04/02/3
- http://www.openwall.com/lists/oss-security/2019/07/26/7
- http://www.securityfocus.com/bid/107666
- https://access.redhat.com/errata/RHBA-2019:0959
- https://access.redhat.com/errata/RHSA-2019:0746
- https://access.redhat.com/errata/RHSA-2019:0980
- https://access.redhat.com/errata/RHSA-2019:1296
- https://access.redhat.com/errata/RHSA-2019:1297
- https://access.redhat.com/errata/RHSA-2019:1543
- https://httpd.apache.org/security/vulnerabilities_24.html
- https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/890507b85c30adf133216b299cc35cd8cd0346a885acfc671c04694e@%3Cdev.community.apache.org%3E
- https://lists.apache.org/thread.html/b1613d44ec364c87bb7ee8c5939949f9b061c05c06e0e90098ebf7aa@%3Cusers.httpd.apache.org%3E
- https://lists.apache.org/thread.html/b2bdb308dc015e771ba79c0586b2de6fb50caa98b109833f5d4daf28@%3Cdev.community.apache.org%3E
- https://lists.apache.org/thread.html/de881a130bc9cb2f3a9ff220784520556884fb8ea80e69400a45509e@%3Cdev.community.apache.org%3E
- https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c@%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9@%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/
- https://seclists.org/bugtraq/2019/Apr/16
- https://seclists.org/bugtraq/2019/Apr/5
- https://security.gentoo.org/glsa/201904-20
- https://security.netapp.com/advisory/ntap-20190423-0001/
- https://support.f5.com/csp/article/K32957101
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us
- https://usn.ubuntu.com/3937-1/
- https://www.debian.org/security/2019/dsa-4422
- https://www.exploit-db.com/exploits/46676/
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
- https://www.synology.com/security/advisory/Synology_SA_19_14
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03950en_us
- https://launchpad.net/bugs/cve/CVE-2019-0211
- https://httpd.apache.org/security/vulnerabilities_24.html#CVE-2019-0211
- http://www.apache.org/dist/httpd/CHANGES_2.4
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1694986
- https://twitter.com/iamamoose/status/1112966189276389376
- http://svn.apache.org/viewvc?view=revision&revision=1855378
- https://cfreal.github.io/carpe-diem-cve-2019-0211-apache-local-root.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1694980#c14
- https://bugzilla.redhat.com/show_bug.cgi?id=1694980
- https://lists.apache.org/thread.html/56c2e7cc9deb1c12a843d0dc251ea7fd3e7e80293cde02fcd65286ba%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/84a3714f0878781f6ed84473d1a503d2cc382277e100450209231830%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/890507b85c30adf133216b299cc35cd8cd0346a885acfc671c04694e%40%3Cdev.community.apache.org%3E
- https://lists.apache.org/thread.html/b1613d44ec364c87bb7ee8c5939949f9b061c05c06e0e90098ebf7aa%40%3Cusers.httpd.apache.org%3E
- https://lists.apache.org/thread.html/b2bdb308dc015e771ba79c0586b2de6fb50caa98b109833f5d4daf28%40%3Cdev.community.apache.org%3E
- https://lists.apache.org/thread.html/de881a130bc9cb2f3a9ff220784520556884fb8ea80e69400a45509e%40%3Cdev.community.apache.org%3E
- https://lists.apache.org/thread.html/fd110f4ace2d8364c7d9190e1993cde92f79e4eb85576ed9285686ac%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r03ee478b3dda3e381fd6189366fa7af97c980d2f602846eef935277d%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r06f0d87ebb6d59ed8379633f36f72f5b1f79cadfda72ede0830b42cf%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r6d03e45b81eab03580cf7f8bb51cb3e9a1b10a2cc0c6a2d3cc92ed0c%40%3Cannounce.apache.org%3E
- https://lists.apache.org/thread.html/r76142b8c5119df2178be7c2dba88fde552eedeec37ea993dfce68d1d%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rc998b18880df98bafaade071346690c2bc1444adaa1a1ea464b93f0a%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rd18c3c43602e66f9cdcf09f1de233804975b9572b0456cc582390b6f%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rd2fb621142e7fa187cfe12d7137bf66e7234abcbbcd800074c84a538%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/re3d27b6250aa8548b8845d314bb8a350b3df326cacbbfdfe4d455234%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/re473305a65b4db888e3556e4dae10c2a04ee89dcff2e26ecdbd860a9%40%3Ccvs.httpd.apache.org%3E
- https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ALIR5S3O7NRHEGFMIDMUSYQIZOE4TJJN/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EZRMTEIGZKYFNGIDOTXN3GNEJTLVCYU7/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WETXNQWNQLWHV6XNW6YTO5UGDTIWAQGT/
- https://svn.apache.org/r1855378
- https://security-tracker.debian.org/tracker/CVE-2019-0211
- https://nvd.nist.gov/vuln/detail/CVE-2019-0211
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-0211
- https://ubuntu.com/security/CVE-2019-0211
Frequently Asked Questions
What is CVE-2019-0211?
CVE-2019-0211 is a vulnerability in Apache HTTP Server that allows code execution with escalated privileges.
Which versions of Apache HTTP Server are affected?
Apache HTTP Server versions 2.4.17 to 2.4.38 are affected.
What is the severity of CVE-2019-0211?
CVE-2019-0211 has a severity rating of high.
How can I fix CVE-2019-0211?
Update Apache HTTP Server to version 2.4.39 or later to fix the vulnerability.
Where can I find more information about CVE-2019-0211?
You can find more information about CVE-2019-0211 on the Apache HTTP Server security page.
- collector/nvd-index
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2019-0211
- agent/title
- agent/weakness
- agent/description
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/severity
- agent/remedy
- agent/author
- collector/nvd-cve
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/references
- collector/security-tracker-debian
- source/Debian
- exploited/true
- collector/cisa-known-exploited
- source/CISA
- agent/softwarecombine
- agent/event
- collector/usn-cve
- source/Ubuntu
- vendor/apache
- canonical/apache http server
- version/apache http server/2.4.17
- version/apache http server/2.4.38
- vendor/fedoraproject
- canonical/fedoraproject fedora
- version/fedoraproject fedora/29
- version/fedoraproject fedora/30
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/16.04
- version/canonical ubuntu linux/18.04
- version/canonical ubuntu linux/18.10
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/9.0
- vendor/opensuse
- canonical/opensuse leap
- version/opensuse leap/15.0
- version/opensuse leap/42.3
- version/fedoraproject fedora/28
- vendor/netapp
- canonical/netapp oncommand unified manager 7-mode
- vendor/redhat
- canonical/redhat jboss core services
- version/redhat jboss core services/1.0
- canonical/redhat openshift container platform
- version/redhat openshift container platform/3.11
- canonical/redhat openshift container platform for power
- version/redhat openshift container platform for power/3.11_ppc64le
- canonical/redhat software collections
- version/redhat software collections/1.0
- canonical/redhat enterprise linux
- version/redhat enterprise linux/8.0
- canonical/redhat enterprise linux eus
- version/redhat enterprise linux eus/8.1
- version/redhat enterprise linux eus/8.2
- version/redhat enterprise linux eus/8.4
- version/redhat enterprise linux eus/8.6
- version/redhat enterprise linux eus/8.8
- canonical/redhat enterprise linux for arm 64
- version/redhat enterprise linux for arm 64/8.0_aarch64
- canonical/redhat enterprise linux for arm 64 eus
- version/redhat enterprise linux for arm 64 eus/8.1_aarch64
- version/redhat enterprise linux for arm 64 eus/8.2_aarch64
- version/redhat enterprise linux for arm 64 eus/8.4_aarch64
- version/redhat enterprise linux for arm 64 eus/8.6_aarch64
- version/redhat enterprise linux for arm 64 eus/8.8_aarch64
- canonical/redhat enterprise linux for ibm z systems
- version/redhat enterprise linux for ibm z systems/8.0_s390x
- canonical/redhat enterprise linux for ibm z systems eus
- version/redhat enterprise linux for ibm z systems eus/8.1_s390x
- version/redhat enterprise linux for ibm z systems eus/8.2_s390x
- version/redhat enterprise linux for ibm z systems eus/8.4_s390x
- version/redhat enterprise linux for ibm z systems eus/8.6_s390x
- version/redhat enterprise linux for ibm z systems eus/8.8_s390x
- canonical/redhat enterprise linux for power little endian
- version/redhat enterprise linux for power little endian/8.0_ppc64le
- canonical/redhat enterprise linux for power little endian eus
- version/redhat enterprise linux for power little endian eus/8.1_ppc64le
- version/redhat enterprise linux for power little endian eus/8.2_ppc64le
- version/redhat enterprise linux for power little endian eus/8.4_ppc64le
- version/redhat enterprise linux for power little endian eus/8.6_ppc64le
- version/redhat enterprise linux for power little endian eus/8.8_ppc64le
- canonical/redhat enterprise linux server aus
- version/redhat enterprise linux server aus/8.2
- version/redhat enterprise linux server aus/8.4
- version/redhat enterprise linux server aus/8.6
- canonical/redhat enterprise linux server tus
- version/redhat enterprise linux server tus/8.2
- version/redhat enterprise linux server tus/8.4
- version/redhat enterprise linux server tus/8.6
- version/redhat enterprise linux server tus/8.8
- canonical/redhat enterprise linux update services for sap solutions
- version/redhat enterprise linux update services for sap solutions/8.0
- version/redhat enterprise linux update services for sap solutions/8.1
- version/redhat enterprise linux update services for sap solutions/8.4
- version/redhat enterprise linux update services for sap solutions/8.6
- version/redhat enterprise linux update services for sap solutions/8.8
- vendor/oracle
- canonical/oracle communications session report manager
- version/oracle communications session report manager/8.0.0
- version/oracle communications session report manager/8.1.0
- version/oracle communications session report manager/8.1.1
- version/oracle communications session report manager/8.2.0
- canonical/oracle communications session route manager
- version/oracle communications session route manager/8.0.0
- version/oracle communications session route manager/8.1.0
- version/oracle communications session route manager/8.1.1
- version/oracle communications session route manager/8.2.0
- canonical/oracle enterprise manager ops center
- version/oracle enterprise manager ops center/12.3.3
- version/oracle enterprise manager ops center/12.4.0
- canonical/oracle http server
- version/oracle http server/12.2.1.3.0
- canonical/oracle instantis enterprisetrack
- version/oracle instantis enterprisetrack/17.1
- version/oracle instantis enterprisetrack/17.2
- version/oracle instantis enterprisetrack/17.3
- canonical/oracle retail xstore point of service
- version/oracle retail xstore point of service/7.0
- version/oracle retail xstore point of service/7.1
- package-manager/debian