CVE-2019-19767

Published: Dec 12, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

The Linux kernel before 5.4.2 mishandles ext4_expand_extra_isize, as demonstrated by use-after-free errors in __ext4_expand_extra_isize and ext4_xattr_set_entry, related to fs/ext4/inode.c and fs/ext4/super.c, aka CID-4ea99936a163.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.2

x_refsource_MISC

https://bugzilla.kernel.org/show_bug.cgi?id=205707

x_refsource_MISC

https://bugzilla.kernel.org/show_bug.cgi?id=205609

x_refsource_MISC

https://github.com/torvalds/linux/commit/4ea99936a1630f51fc3a2d61a58ec4a1c4b7d55a

x_refsource_MISC

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=4ea99936a1630f51fc3a2d61a58ec4a1c4b7d55a

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20200103-0001/

x_refsource_CONFIRM

[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update

mailing-list

x_refsource_MLIST

USN-4258-1

vendor-advisory

x_refsource_UBUNTU

USN-4287-1

vendor-advisory

x_refsource_UBUNTU

USN-4287-2

vendor-advisory

x_refsource_UBUNTU

[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update

mailing-list

x_refsource_MLIST

USN-4284-1

vendor-advisory

x_refsource_UBUNTU

openSUSE-SU-2020:0336

vendor-advisory

x_refsource_SUSE

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-19767

Description

Affected Products

References