Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-19318
HistoryNov 28, 2019 - 12:00 a.m.

CVE-2019-19318

2019-11-2800:00:00
ubuntu.com
ubuntu.com
12

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

22.8%

In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause
an rwsem_down_write_slowpath use-after-free because (in
rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags
returns an already freed pointer,

Bugs

Notes

Author Note
tyhicks Exploiting this vulnerability requires a crafted filesystem image to be mounted
sbeattie possibly fixed by btrfs tree checker, which would mean it’s addressed for all kernels 4.4.x and newer.

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:N/I:N/A:P

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

0.001 Low

EPSS

Percentile

22.8%