CVE-2019-19319 — Use After Free in Linux

CWE-416 — Use After Free CWE-787 — Out-of-bounds Write10 documents8 sources

Severity

6.5MEDIUMNVD

EPSS

0.4%

top 37.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Linux Kernel Debian Linux Opensuse Leap +1 more

Timeline

PublishedNov 27

Latest updateMay 24

Description

In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:HExploitability: 0.6 | Impact: 5.9

Affected Packages5 packages

▶Debianlinux/linux_kernel< 5.2.6-1+3

▶Ubuntulinux/linux_kernel< 4.4.0-184.214

▶NVDlinux/linux_kernel5.0.21

▶debiandebian/linux< linux 5.2.6-1 (bookworm)

▶NVDopensuse/leap15.1

Also affects: Enterprise Linux 7.0, 8.0

🔴Vulnerability Details

GHSA

GHSA-hj7c-hmhf-f2jq: In the Linux kernel 5↗2022-05-24

▶

OSV

linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities↗2020-06-11

▶

OSV

CVE-2019-19319: In the Linux kernel before 5↗2019-11-27

▶

📋Vendor Advisories

Ubuntu

Linux kernel vulnerabilities↗2020-06-11

▶

Red Hat

kernel: out-of-bounds write in ext4_xattr_set_entry in fs/ext4/xattr.c↗2019-11-27

▶

Debian

CVE-2019-19319: linux - In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted...↗2019

▶

📄Research Papers

arXiv

Well Begun is Half Done: An Empirical Study of Exploitability & Impact of Base-Image Vulnerabilities↗2021-12-21

▶

💬Community

Bugzilla

CVE-2019-19319 kernel: out-of-bounds write in ext4_xattr_set_entry in fs/ext4/xattr.c↗2019-12-16

▶

Bugzilla

CVE-2019-19319 kernel: out-of-bounds write in ext4_xattr_set_entry in fs/ext4/xattr.c [fedora-all]↗2019-12-16

▶