Privilege Escalation in PAN-OS (PAN-SA-2019-0017)

Last revised: 07/15/2019


Palo Alto Networks is aware of a use-after-free (UAF) vulnerability in the Linux kernel's sockfs_setattr. (Ref: PAN-113631/ CVE-2019-8912)

Severity: Medium

Successful exploitation of this issue may allow an unprivileged local user to escalate their privileges on the system.

Products Affected

PAN-OS 7.1.23 and earlier, PAN-OS 8.0.17 and earlier, PAN-OS 8.1.8 and earlier, and PAN-OS 9.0.2 and earlier.

Available Updates

PAN-OS 7.1.24 and later, PAN-OS 8.0.18 and later, PAN-OS 8.1.9 and later, and PAN-OS 9.0.3 and later.

Workarounds and Mitigations