CVE-2019-19813 - Vulnerability Details

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and btrfs_insert_delayed_items in fs/btrfs/delayed-inode.c.

No CVSS v4.0

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.00708.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

cpe:2.3:o:linux:linux_kernel:5.0.21:*:*:*:*:*:*:*

Configuration 2 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

Configuration 3 [-]

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 4 [-]

OR	cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere::*
	cpe:2.3:a:netapp:data_availability_services:-:::::::*
	cpe:2.3:a:netapp:hci_management_node:-:::::::*
	cpe:2.3:a:netapp:solidfire:-:::::::*
	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*

Configuration 5 [-]

AND

cpe:2.3:o:netapp:aff_a700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_a700s:-:*:*:*:*:*:*:*

Configuration 6 [-]

AND

cpe:2.3:o:netapp:fas8300_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas8300:-:*:*:*:*:*:*:*

Configuration 7 [-]

AND

cpe:2.3:o:netapp:fas8700_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas8700:-:*:*:*:*:*:*:*

Configuration 8 [-]

AND

cpe:2.3:o:netapp:aff_a400_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_a400:-:*:*:*:*:*:*:*

Configuration 9 [-]

AND

cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*

No data.

Project Subscriptions

Vendors	Products
Canonical Subscribe	Ubuntu Linux Subscribe
Debian Subscribe	Debian Linux Subscribe
Linux Subscribe	Linux Kernel Subscribe
Netapp Subscribe	Active Iq Unified Manager Subscribe Aff A400 Subscribe Aff A400 Firmware Subscribe Aff A700s Subscribe Aff A700s Firmware Subscribe Data Availability Services Subscribe Fas8300 Subscribe Fas8300 Firmware Subscribe Fas8700 Subscribe Fas8700 Firmware Subscribe H610s Subscribe H610s Firmware Subscribe Hci Management Node Subscribe Solidfire Subscribe Steelstore Cloud Integrated Storage Subscribe

Advisories

Source	ID	Title
Debian DLA	DLA-2385-1	linux-4.19 security update
Debian DLA	DLA-2586-1	linux security update
EUVD	EUVD-2019-9411	In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and btrfs_insert_delayed_items in fs/btrfs/delayed-inode.c.
Ubuntu USN	USN-4414-1	Linux kernel vulnerabilities
Ubuntu USN	USN-4708-1	Linux kernel vulnerabilities
Ubuntu USN	USN-4709-1	Linux kernel vulnerabilities

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19813
https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html
https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html
https://nvd.nist.gov/vuln/detail/CVE-2019-19813
https://security.netapp.com/advisory/ntap-20200103-0001/
https://usn.ubuntu.com/4414-1/
https://www.cve.org/CVERecord?id=CVE-2019-19813

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2019-12-17T05:43:52

Updated: 2024-08-05T02:25:12.703Z

Reserved: 2019-12-16T00:00:00

Link: CVE-2019-19813

Vulnrichment

No data.

NVD

Status : Modified

Published: 2019-12-17T06:15:12.780

Modified: 2024-11-21T04:35:26.520

Link: CVE-2019-19813

Redhat

Severity : Moderate

Publid Date: 2019-12-17T00:00:00Z

Links: CVE-2019-19813 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-416

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Complete

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object