CVE-2019-19448

Home/CVE/In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then m

CVE

In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then m

In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure.

HIGH · CVSS 7.8 EPSS 0.00777

Act now

Public exploit or PoC is available
CVSS base score ≥ 7.0

Sigma rules0 YARA rules0

⬡

Weakness Classification

CWE-416Use After Free

▤

Affected Products & Versions

linux kernel>= 2.6.31 and < 4.4.233
linux kernel>= 4.5.0 and < 4.9.233
linux kernel>= 4.10 and < 4.14.194
linux kernel>= 4.15 and < 4.19.141
linux kernel>= 4.20 and < 5.4.60
linux kernel>= 5.5.0 and < 5.7.17
linux kernel>= 5.8 and < 5.8.3
debian linuxall versions
Show all 24 affected productscanonical ubuntu linuxall versions
netapp active iq unified managerall versions
netapp cloud backupall versions
netapp data availability servicesall versions
netapp hci management nodeall versions
netapp solidfireall versions
netapp steelstore cloud integrated storageall versions
netapp a700s firmwareall versions
netapp fas 8300 firmwareall versions
netapp fas 8700 firmwareall versions
netapp fas a400 firmwareall versions
netapp aff 8300 firmwareall versions
netapp aff 8700 firmwareall versions
netapp aff a400 firmwareall versions
netapp h610s firmwareall versions
netapp solidfire baseboard management controller firmwareall versions