Palo Alto Networks Security Advisories / CVE-2019-8912

CVE-2019-8912 Privilege Escalation in PAN-OS

Severity 7.8 · HIGH
Attack Vector LOCAL
Attack Complexity LOW
Confidentiality Impact HIGH
Privileges Required LOW
Integrity Impact HIGH
User Interaction NONE
Availability Impact HIGH


Palo Alto Networks is aware of a use-after-free (UAF) vulnerability in the Linux kernel's sockfs_setattr. (Ref: PAN-113631/ CVE-2019-8912)

Successful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system.

This issue affects PAN-OS 7.1.23 and earlier, PAN-OS 8.0.17 and earlier, PAN-OS 8.1.8 and earlier, and PAN-OS 9.0.2 and earlier.

Product Status

PAN-OS 9.0<= 9.0.2>= 9.0.3
PAN-OS 8.1<= 8.1.8>= 8.1.9
PAN-OS 8.0<= 8.0.17>= 8.0.18
PAN-OS 7.1<= 7.1.23>= 7.1.24

Severity: HIGH

CVSSv3.1 Base Score: 7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Weakness Type

CWE-416 Use After Free


PAN-OS 7.1.24 and later, PAN-OS 8.0.18 and later, PAN-OS 8.1.9 and later, and PAN-OS 9.0.3 and later.

Workarounds and Mitigations


© 2024 Palo Alto Networks, Inc. All rights reserved.