CVE-2019-19449
Description
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
0.35
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Linux kernel for Microsoft Azure cloud systems (USN-5120-1) linux-image-azure_5.8.0.1043.46~20.04.15_amd64.deb | Linux |
| Linux kernel for Microsoft Azure cloud systems (USN-5120-1) linux-image-5.8.0-1043-azure_5.8.0-1043.46~20.04.1_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-kvm_4.15.0.1102.98_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-generic_4.15.0.162.151_i386.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-generic_4.15.0.162.151_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-virtual_4.15.0.162.151_i386.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-virtual_4.15.0.162.151_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-dell300x_4.15.0.1030.32_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-lowlatency_4.15.0.162.151_i386.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-lowlatency_4.15.0.162.151_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-aws-lts-18.04_4.15.0.1115.118_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-gcp-lts-18.04_4.15.0.1111.130_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-4.15.0-1102-kvm_4.15.0-1102.104_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-4.15.0-1111-gcp_4.15.0-1111.125_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-4.15.0-1115-aws_4.15.0-1115.122_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-azure-lts-18.04_4.15.0.1126.99_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-oracle-lts-18.04_4.15.0.1083.93_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-4.15.0-1126-azure_4.15.0-1126.139_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-4.15.0-1083-oracle_4.15.0-1083.91_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-4.15.0-162-generic_4.15.0-162.170_i386.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-4.15.0-162-generic_4.15.0-162.170_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-4.15.0-1030-dell300x_4.15.0-1030.35_amd64.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-4.15.0-162-lowlatency_4.15.0-162.170_i386.deb | Linux |
| Linux kernel (USN-5136-1) linux-image-4.15.0-162-lowlatency_4.15.0-162.170_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-aws_5.4.0.1059.42_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-gcp_5.4.0.1057.43_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-gke_5.4.0.1055.65_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-ibm_5.4.0.1007.8_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-kvm_5.4.0.1049.48_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-oem_5.4.0.90.94_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-oem_5.4.0.90.101~18.04.80_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-azure_5.4.0.1063.43_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-gkeop_5.4.0.1026.29_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-generic_5.4.0.90.94_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-gke-5.4_5.4.0.1055.65_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-virtual_5.4.0.90.94_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-oem-osp1_5.4.0.90.94_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-oem-osp1_5.4.0.90.101~18.04.80_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-gkeop-5.4_5.4.0.1026.29_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-gkeop-5.4_5.4.0.1026.27~18.04.27_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-lowlatency_5.4.0.90.94_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-aws-lts-20.04_5.4.0.1059.62_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-gcp-lts-20.04_5.4.0.1057.67_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-ibm-lts-20.04_5.4.0.1007.8_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-1007-ibm_5.4.0-1007.8_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-1049-kvm_5.4.0-1049.51_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-1055-gke_5.4.0-1055.58_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-1057-gcp_5.4.0-1057.61_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-1057-gcp_5.4.0-1057.61~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-1059-aws_5.4.0-1059.62_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-1059-aws_5.4.0-1059.62~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-azure-lts-20.04_5.4.0.1063.61_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-1026-gkeop_5.4.0-1026.27_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-1026-gkeop_5.4.0-1026.27~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-1063-azure_5.4.0-1063.66_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-1063-azure_5.4.0-1063.66~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-90-generic_5.4.0-90.101_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-90-generic_5.4.0-90.101~18.04.1_i386.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-90-generic_5.4.0-90.101~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-generic-hwe-18.04_5.4.0.90.101~18.04.80_i386.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-generic-hwe-18.04_5.4.0.90.101~18.04.80_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-virtual-hwe-18.04_5.4.0.90.101~18.04.80_i386.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-virtual-hwe-18.04_5.4.0.90.101~18.04.80_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-90-lowlatency_5.4.0-90.101_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-90-lowlatency_5.4.0-90.101~18.04.1_i386.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-5.4.0-90-lowlatency_5.4.0-90.101~18.04.1_amd64.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-lowlatency-hwe-18.04_5.4.0.90.101~18.04.80_i386.deb | Linux |
| Linux kernel (USN-5137-1) linux-image-lowlatency-hwe-18.04_5.4.0.90.101~18.04.80_amd64.deb | Linux |
| Linux kernel for NVIDIA BlueField platforms (USN-5137-2) linux-image-oracle_5.4.0.1057.61~18.04.37_amd64.deb | Linux |
| Linux kernel for NVIDIA BlueField platforms (USN-5137-2) linux-image-gke-5.4_5.4.0.1055.58~18.04.20_amd64.deb | Linux |
| Linux kernel for NVIDIA BlueField platforms (USN-5137-2) linux-image-5.4.0-1055-gke_5.4.0-1055.58~18.04.1_amd64.deb | Linux |
| Linux kernel for NVIDIA BlueField platforms (USN-5137-2) linux-image-oracle-lts-20.04_5.4.0.1057.57_amd64.deb | Linux |
| Linux kernel for NVIDIA BlueField platforms (USN-5137-2) linux-image-5.4.0-1057-oracle_5.4.0-1057.61_amd64.deb | Linux |
| Linux kernel for NVIDIA BlueField platforms (USN-5137-2) linux-image-5.4.0-1057-oracle_5.4.0-1057.61~18.04.1_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234