CVE-2019-11833
published 2019-05-15CVE-2019-11833: fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to…
medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
Affected
40 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | linux | < linux 4.19.37-4 (bookworm) | linux 4.19.37-4 (bookworm) |
| fedoraproject | fedora | — | — |
| android | — | — | |
| linux | linux_kernel | <= 5.1.2 | — |
| linux | linux_kernel | >= 0 < 4.19.37-4 | 4.19.37-4 |
| linux | linux_kernel | >= 0 < 4.19.37-4 | 4.19.37-4 |
| linux | linux_kernel | >= 0 < 4.19.37-4 | 4.19.37-4 |
| linux | linux_kernel | >= 0 < 4.19.37-4 | 4.19.37-4 |
| linux | linux_kernel | >= 0 < 4.4.0-157.185 | 4.4.0-157.185 |
| linux | linux_kernel | >= 0 < 4.15.0-55.60 | 4.15.0-55.60 |
| redhat | enterprise_linux | — | — |
| redhat | enterprise_linux_desktop | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_eus | — | — |
| redhat | enterprise_linux_for_real_time | — | — |
| redhat | enterprise_linux_for_real_time | — | — |
| redhat | enterprise_linux_for_real_time_for_nfv | — | — |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
osv8.1HIGH