In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check for the wrong task. CREATE(Triage): {Link=https://nvd.nist.gov/vuln/detail/CVE-2019-9213 User=admin}