CVE-2019-10125 — Use After Free in Kernel

CWE-416 — Use After Free CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer8 documents7 sources

Severity

9.8CRITICALNVD

EPSS

3.4%

top 12.52%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Netapp Active IQ Unified Manager

Timeline

PublishedMar 27

Latest updateMay 13

Description

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

▶NVDlinux/linux_kernel4.19 — 4.19.38+2

▶Debianlinux/linux_kernel< 4.19.37-1+3

▶NVDnetapp/active_iq_unified_manager

Patches

Patch: patchwork.kernel.org ↗Patch: patchwork.kernel.org ↗

🔴Vulnerability Details

GHSA

GHSA-xg7j-75jq-gm7f: An issue was discovered in aio_poll() in fs/aio↗2022-05-13

▶

CVEList

CVE-2019-10125: An issue was discovered in aio_poll() in fs/aio↗2019-03-27

▶

OSV

CVE-2019-10125: An issue was discovered in aio_poll() in fs/aio↗2019-03-27

▶

📋Vendor Advisories

Red Hat

kernel: use-after-free in aio_poll() in fs/aio.c↗2019-02-25

▶

Debian

CVE-2019-10125: linux - An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5....↗2019

▶

💬Community

Bugzilla

CVE-2019-10125 kernel: use-after-free in aio_poll() in fs/aio.c↗2019-04-02

▶

Bugzilla

CVE-2019-10125 kernel: use-after-free in aio_poll() in fs/aio.c [fedora-all]↗2019-04-02

▶