QwikSec

Security Database

CVE

CWE

Training

CVE-2019-15538

Published: Aug 25, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://lore.kernel.org/linux-xfs/20190823035528.GH1037422%40magnolia/

x_refsource_MISC

https://lore.kernel.org/linux-xfs/20190823192433.GA8736%40eldamar.local

x_refsource_MISC

https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee

x_refsource_MISC

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee

x_refsource_MISC

FEDORA-2019-4c91a2f76e

vendor-advisory

x_refsource_FEDORA

FEDORA-2019-97380355ae

vendor-advisory

x_refsource_FEDORA

[debian-lts-announce] 20190914 [SECURITY] [DLA 1919-1] linux-4.9 security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20190915 [SECURITY] [DLA 1919-2] linux-4.9 security update

mailing-list

x_refsource_MLIST

openSUSE-SU-2019:2173

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2019:2181

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_UBUNTU

https://security.netapp.com/advisory/ntap-20191004-0001/

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

https://support.f5.com/csp/article/K32592426?utm_source=f5support&amp%3Butm_medium=RSS

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.