Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-19036
HistoryNov 21, 2019 - 12:00 a.m.

CVE-2019-19036

2019-11-2100:00:00
ubuntu.com
ubuntu.com
9

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

54.2%

btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12
allows a NULL pointer dereference because rcu_dereference(root->node) can
be zero.

Bugs

Notes

Author Note
tyhicks Exploiting this vulnerability requires a crafted filesystem image to be mounted
sbeattie likely addressed by the btrfs write time tree-checker, which would mean it is addressed for kernels back through 4.4.x
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-109.110UNKNOWN
ubuntu19.10noarchlinux< 5.3.0-22.24UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1077.81UNKNOWN
ubuntu19.10noarchlinux-aws< 5.3.0-1007.8UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1079.83~16.04.1UNKNOWN
ubuntu19.10noarchlinux-azure< 5.3.0-1007.8UNKNOWN
ubuntu14.04noarchlinux-azure< 4.15.0-1091.101~14.04.1UNKNOWN
ubuntu16.04noarchlinux-azure< 4.15.0-1091.101~16.04.1UNKNOWN
ubuntu18.04noarchlinux-azure-4.15< 4.15.0-1091.101UNKNOWN
ubuntu19.10noarchlinux-gcp< 5.3.0-1008.9UNKNOWN
Rows per page:
1-10 of 261

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

0.002 Low

EPSS

Percentile

54.2%