Home

CVE-2019-19813

Description

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and btrfs_insert_delayed_items in fs/btrfs/delayed-inode.c.

Risk Information

Base Score
5.5
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.708

Associated Vulnerability

VulnerabilityOS Platform
Linux kernel (USN-4414-1) linux-image-gcp_4.15.0.1078.80_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-gke_4.15.0.1064.66_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-gke_4.15.0.1078.80_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-kvm_4.15.0.1069.65_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-oem_4.15.0.107.112_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-oem_4.15.0.1091.94_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-oracle_4.15.0.1046.39_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-aws-hwe_4.15.0.1074.74_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-generic_4.15.0.109.97_i386.debLinux
Linux kernel (USN-4414-1) linux-image-generic_4.15.0.109.97_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-virtual_4.15.0.109.97_i386.debLinux
Linux kernel (USN-4414-1) linux-image-virtual_4.15.0.109.97_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-gke-4.15_4.15.0.1064.66_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-lowlatency_4.15.0.109.97_i386.debLinux
Linux kernel (USN-4414-1) linux-image-lowlatency_4.15.0.109.97_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-aws-lts-18.04_4.15.0.1077.79_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-gcp-lts-18.04_4.15.0.1078.94_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-1064-gke_4.15.0-1064.67_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-1069-kvm_4.15.0-1069.70_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-1074-aws_4.15.0-1074.78~16.04.1_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-1077-aws_4.15.0-1077.81_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-1078-gcp_4.15.0-1078.88_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-1078-gcp_4.15.0-1078.88~16.04.1_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-1091-oem_4.15.0-1091.101_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-oracle-lts-18.04_4.15.0.1048.57_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-generic-hwe-16.04_4.15.0.107.112_i386.debLinux
Linux kernel (USN-4414-1) linux-image-generic-hwe-16.04_4.15.0.107.112_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-virtual-hwe-16.04_4.15.0.107.112_i386.debLinux
Linux kernel (USN-4414-1) linux-image-virtual-hwe-16.04_4.15.0.107.112_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-1046-oracle_4.15.0-1046.50~16.04.1_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-1048-oracle_4.15.0-1048.52_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-107-generic_4.15.0-107.108~16.04.1_i386.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-107-generic_4.15.0-107.108~16.04.1_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-109-generic_4.15.0-109.110_i386.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-109-generic_4.15.0-109.110_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-lowlatency-hwe-16.04_4.15.0.107.112_i386.debLinux
Linux kernel (USN-4414-1) linux-image-lowlatency-hwe-16.04_4.15.0.107.112_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-107-lowlatency_4.15.0-107.108~16.04.1_i386.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-107-lowlatency_4.15.0-107.108~16.04.1_amd64.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-109-lowlatency_4.15.0-109.110_i386.debLinux
Linux kernel (USN-4414-1) linux-image-4.15.0-109-lowlatency_4.15.0-109.110_amd64.debLinux
Linux kernel (USN-4708-1) linux-image-generic_4.4.0.201.207_i386.debLinux
Linux kernel (USN-4708-1) linux-image-generic_4.4.0.201.207_amd64.debLinux
Linux kernel (USN-4708-1) linux-image-virtual_4.4.0.201.207_i386.debLinux
Linux kernel (USN-4708-1) linux-image-virtual_4.4.0.201.207_amd64.debLinux
Linux kernel (USN-4708-1) linux-image-lowlatency_4.4.0.201.207_i386.debLinux
Linux kernel (USN-4708-1) linux-image-lowlatency_4.4.0.201.207_amd64.debLinux
Linux kernel (USN-4708-1) linux-image-4.4.0-201-generic_4.4.0-201.233_i386.debLinux
Linux kernel (USN-4708-1) linux-image-4.4.0-201-generic_4.4.0-201.233_amd64.debLinux
Linux kernel (USN-4708-1) linux-image-4.4.0-201-lowlatency_4.4.0-201.233_i386.debLinux
Linux kernel (USN-4708-1) linux-image-4.4.0-201-lowlatency_4.4.0-201.233_amd64.debLinux
Linux kernel for cloud environments (USN-4709-1) linux-image-kvm_4.4.0.1087.85_amd64.debLinux
Linux kernel for cloud environments (USN-4709-1) linux-image-4.4.0-1087-kvm_4.4.0-1087.96_amd64.debLinux
Kernel-uek update (ELSA-2021-9534) kernel-uek-4.1.12-124.57.1.el7uek.x86_64.rpmLinux
Kernel-uek-debug update (ELSA-2021-9534) kernel-uek-debug-4.1.12-124.57.1.el7uek.x86_64.rpmLinux
Kernel-uek-debug-devel update (ELSA-2021-9534) kernel-uek-debug-devel-4.1.12-124.57.1.el7uek.x86_64.rpmLinux
Kernel-uek-devel update (ELSA-2021-9534) kernel-uek-devel-4.1.12-124.57.1.el7uek.x86_64.rpmLinux
Kernel-uek-doc update (ELSA-2021-9534) kernel-uek-doc-4.1.12-124.57.1.el7uek.noarch.rpmLinux
Kernel-uek-firmware update (ELSA-2021-9534) kernel-uek-firmware-4.1.12-124.57.1.el7uek.noarch.rpmLinux
kernel Security Update (ALAS-2021-1588) kernel-livepatch-4.14.214-160.339-1.0-0.amzn2.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234