QwikSec

Security Database

CVE

CWE

Training

CVE-2019-19813

Published: Dec 17, 2019

Modified: Aug 5, 2024

PUBLISHED

Description

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and btrfs_insert_delayed_items in fs/btrfs/delayed-inode.c.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19813

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20200103-0001/

x_refsource_CONFIRM

vendor-advisory

x_refsource_UBUNTU

[debian-lts-announce] 20200928 [SECURITY] [DLA 2385-1] linux-4.19 security update

mailing-list

x_refsource_MLIST

[debian-lts-announce] 20210309 [SECURITY] [DLA 2586-1] linux security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.