CVE-2019-19318 — Use After Free in Ubuntu Linux

CWE-416 — Use After Free10 documents8 sources

Severity

4.4MEDIUMNVD

EPSS

0.4%

top 42.26%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Canonical Ubuntu Linux Debian Linux +2 more

Timeline

PublishedNov 28

Latest updateMay 24

Description

In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:HExploitability: 0.8 | Impact: 3.6

Affected Packages4 packages

▶Debianlinux/linux_kernel< 5.4.6-1+3

▶NVDlinux/linux_kernel5.0.21, 5.3.11+1

▶NVDopensuse/leap15.1

▶NVDnetapp/active_iq_unified_manager

Also affects: Debian Linux 9.0, Ubuntu Linux 14.04, 16.04, 18.04

🔴Vulnerability Details

GHSA

GHSA-r6gp-mqm3-8pv6: In the Linux kernel 5↗2022-05-24

▶

OSV

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities↗2020-07-06

▶

OSV

CVE-2019-19318: In the Linux kernel 5↗2019-11-28

▶

CVEList

CVE-2019-19318: In the Linux kernel 5↗2019-11-27

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerabilities↗2020-07-06

▶

Red Hat

kernel: use-after-free in rwsem_down_write_slowpath in kernel/locking/rwsem.c↗2019-11-28

▶

Debian

CVE-2019-19318: linux - In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rw...↗2019

▶

💬Community

Bugzilla

CVE-2019-19318 kernel: use-after-free in rwsem_down_write_slowpath in kernel/locking/rwsem.c [fedora-all]↗2019-12-16

▶

Bugzilla

CVE-2019-19318 kernel: use-after-free in rwsem_down_write_slowpath in kernel/locking/rwsem.c↗2019-12-16

▶