Home

CVE-2019-15538

Description

An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
16.428

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel (USN-4144-1) linux-image-aws_4.15.0.1051.50_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-kvm_4.15.0.1047.47_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-oem_4.15.0.65.85_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-oem_4.15.0.1057.61_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-azure_4.15.0.1060.63_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-oracle_4.15.0.1026.19_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-oracle_4.15.0.1026.29_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-aws-hwe_4.15.0.1051.51_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-generic_4.15.0.65.67_i386.debLinux
Linux kernel (USN-4144-1) linux-image-generic_4.15.0.65.67_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-virtual_4.15.0.65.67_i386.debLinux
Linux kernel (USN-4144-1) linux-image-virtual_4.15.0.65.67_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-lowlatency_4.15.0.65.67_i386.debLinux
Linux kernel (USN-4144-1) linux-image-lowlatency_4.15.0.65.67_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-1047-kvm_4.15.0-1047.47_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-1051-aws_4.15.0-1051.53_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-1051-aws_4.15.0-1051.53~16.04.1_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-1057-oem_4.15.0-1057.66_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-1060-azure_4.15.0-1060.65_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-65-generic_4.15.0-65.74_i386.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-65-generic_4.15.0-65.74_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-65-generic_4.15.0-65.74~16.04.1_i386.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-65-generic_4.15.0-65.74~16.04.1_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-generic-hwe-16.04_4.15.0.65.85_i386.debLinux
Linux kernel (USN-4144-1) linux-image-generic-hwe-16.04_4.15.0.65.85_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-virtual-hwe-16.04_4.15.0.65.85_i386.debLinux
Linux kernel (USN-4144-1) linux-image-virtual-hwe-16.04_4.15.0.65.85_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-1026-oracle_4.15.0-1026.29_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-1026-oracle_4.15.0-1026.29~16.04.1_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-65-lowlatency_4.15.0-65.74_i386.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-65-lowlatency_4.15.0-65.74_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-65-lowlatency_4.15.0-65.74~16.04.1_i386.debLinux
Linux kernel (USN-4144-1) linux-image-4.15.0-65-lowlatency_4.15.0-65.74~16.04.1_amd64.debLinux
Linux kernel (USN-4144-1) linux-image-lowlatency-hwe-16.04_4.15.0.65.85_i386.debLinux
Linux kernel (USN-4144-1) linux-image-lowlatency-hwe-16.04_4.15.0.65.85_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-aws_5.0.0.1018.19_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-gcp_5.0.0.1020.46_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-gke_5.0.0.1020.46_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-kvm_5.0.0.1019.19_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-azure_5.0.0.1022.21_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-generic_5.0.0.31.32_i386.debLinux
Linux kernel (USN-4147-1) linux-image-generic_5.0.0.31.32_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-gke-5.0_5.0.0.1020.9_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-virtual_5.0.0.31.32_i386.debLinux
Linux kernel (USN-4147-1) linux-image-virtual_5.0.0.31.32_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-lowlatency_5.0.0.31.32_i386.debLinux
Linux kernel (USN-4147-1) linux-image-lowlatency_5.0.0.31.32_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-5.0.0-1018-aws_5.0.0-1018.20_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-5.0.0-1019-kvm_5.0.0-1019.20_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-5.0.0-1020-gcp_5.0.0-1020.20_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-5.0.0-1020-gke_5.0.0-1020.20~18.04.1_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-5.0.0-1022-azure_5.0.0-1022.23_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-5.0.0-31-generic_5.0.0-31.33_i386.debLinux
Linux kernel (USN-4147-1) linux-image-5.0.0-31-generic_5.0.0-31.33_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-5.0.0-31-generic_5.0.0-31.33~18.04.1_i386.debLinux
Linux kernel (USN-4147-1) linux-image-5.0.0-31-generic_5.0.0-31.33~18.04.1_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-generic-hwe-18.04_5.0.0.31.88_i386.debLinux
Linux kernel (USN-4147-1) linux-image-generic-hwe-18.04_5.0.0.31.88_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-virtual-hwe-18.04_5.0.0.31.88_i386.debLinux
Linux kernel (USN-4147-1) linux-image-virtual-hwe-18.04_5.0.0.31.88_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-5.0.0-31-lowlatency_5.0.0-31.33_i386.debLinux
Linux kernel (USN-4147-1) linux-image-5.0.0-31-lowlatency_5.0.0-31.33_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-5.0.0-31-lowlatency_5.0.0-31.33~18.04.1_i386.debLinux
Linux kernel (USN-4147-1) linux-image-5.0.0-31-lowlatency_5.0.0-31.33~18.04.1_amd64.debLinux
Linux kernel (USN-4147-1) linux-image-lowlatency-hwe-18.04_5.0.0.31.88_i386.debLinux
Linux kernel (USN-4147-1) linux-image-lowlatency-hwe-18.04_5.0.0.31.88_amd64.debLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234