CVE-2019-15794
Description
Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
Risk Information
Base Score
6.7
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.375
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel (USN-4208-1) linux-image-aws_5.3.0.1008.10_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-gcp_5.3.0.1009.10_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-gke_5.3.0.1009.10_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-kvm_5.3.0.1008.10_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-oracle_5.3.0.1007.8_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-generic_5.3.0.24.28_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-virtual_5.3.0.24.28_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-gcp-edge_5.3.0.1009.9_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-lowlatency_5.3.0.24.28_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-5.3.0-1008-aws_5.3.0-1008.9_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-5.3.0-1008-kvm_5.3.0-1008.9_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-5.3.0-1009-gcp_5.3.0-1009.10_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-5.3.0-1009-gcp_5.3.0-1009.10~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-5.3.0-24-generic_5.3.0-24.26_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-5.3.0-1007-oracle_5.3.0-1007.8_amd64.deb | Linux |
| Linux kernel (USN-4208-1) linux-image-5.3.0-24-lowlatency_5.3.0-24.26_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-aws_5.0.0.1022.24_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-gcp_5.0.0.1026.30_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-gcp_5.0.0.1026.51_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-gke_5.0.0.1026.51_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-kvm_5.0.0.1023.24_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-oracle_5.0.0.1008.34_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-generic_5.0.0.37.39_i386.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-generic_5.0.0.37.39_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-gke-5.0_5.0.0.1026.15_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-virtual_5.0.0.37.39_i386.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-virtual_5.0.0.37.39_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-aws-edge_5.0.0.1022.36_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-oem-osp1_5.0.0.1030.34_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-lowlatency_5.0.0.37.39_i386.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-lowlatency_5.0.0.37.39_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-oracle-edge_5.0.0.1008.7_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-1022-aws_5.0.0-1022.25_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-1022-aws_5.0.0-1022.25~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-1023-kvm_5.0.0-1023.25_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-1026-gcp_5.0.0-1026.27_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-1026-gcp_5.0.0-1026.27~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-1026-gke_5.0.0-1026.27~18.04.2_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-37-generic_5.0.0-37.40_i386.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-37-generic_5.0.0-37.40_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-37-generic_5.0.0-37.40~18.04.1_i386.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-37-generic_5.0.0-37.40~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-1008-oracle_5.0.0-1008.13_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-1008-oracle_5.0.0-1008.13~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-generic-hwe-18.04_5.0.0.37.95_i386.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-generic-hwe-18.04_5.0.0.37.95_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-virtual-hwe-18.04_5.0.0.37.95_i386.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-virtual-hwe-18.04_5.0.0.37.95_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-1030-oem-osp1_5.0.0-1030.34_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-37-lowlatency_5.0.0-37.40_i386.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-37-lowlatency_5.0.0-37.40_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-37-lowlatency_5.0.0-37.40~18.04.1_i386.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-5.0.0-37-lowlatency_5.0.0-37.40~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-lowlatency-hwe-18.04_5.0.0.37.95_i386.deb | Linux |
| Linux kernel (USN-4209-1) linux-image-lowlatency-hwe-18.04_5.0.0.37.95_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234