Vulnerability Details CVE-2019-19318
In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,
Exploit prediction scoring system (EPSS) score
EPSS Score 0.004
EPSS Ranking 57.4%
CVSS Severity
CVSS v3 Score 4.4
CVSS v2 Score 2.1
References
- http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html
- https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19318
- https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html
- https://security.netapp.com/advisory/ntap-20200103-0001/
- https://usn.ubuntu.com/4414-1/
- http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html
- https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19318
- https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html
- https://security.netapp.com/advisory/ntap-20200103-0001/
- https://usn.ubuntu.com/4414-1/
Products affected by CVE-2019-19318
-
cpe:2.3:a:netapp:active_iq_unified_manager:9.10
-
cpe:2.3:a:netapp:active_iq_unified_manager:9.5
-
cpe:2.3:a:netapp:active_iq_unified_manager:9.6
-
cpe:2.3:a:netapp:data_availability_services:-
-
cpe:2.3:a:netapp:hci_management_node:-
-
cpe:2.3:a:netapp:solidfire:-
-
cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-
-
cpe:2.3:h:netapp:aff_a400:-
-
cpe:2.3:h:netapp:aff_a700s:-
-
cpe:2.3:h:netapp:fas8300:-
-
cpe:2.3:h:netapp:fas8700:-
-
cpe:2.3:h:netapp:h610s:-
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:canonical:ubuntu_linux:16.04
-
cpe:2.3:o:canonical:ubuntu_linux:18.04
-
cpe:2.3:o:debian:debian_linux:9.0
-
cpe:2.3:o:linux:linux_kernel:5.0.21
-
cpe:2.3:o:linux:linux_kernel:5.3.11
-
cpe:2.3:o:netapp:aff_a400_firmware:-
-
cpe:2.3:o:netapp:aff_a700s_firmware:-
-
cpe:2.3:o:netapp:fas8300_firmware:-
-
cpe:2.3:o:netapp:fas8700_firmware:-
-
cpe:2.3:o:netapp:h610s_firmware:-
-
cpe:2.3:o:opensuse:leap:15.1