CVE-2019-19448

In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure.

CVSS v3 7.8 HIGH
CVSS v2.0 6.8 MEDIUM

7.8^/10

CVSS v3 : HIGH

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

6.8^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability : 8.6 / Impact : 6.4

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19448	Exploit Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html	Mailing List Third Party Advisory
https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html	Mailing List Third Party Advisory
https://security.netapp.com/advisory/ntap-20200103-0001/	Third Party Advisory
https://usn.ubuntu.com/4578-1/	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::
	cpe:2.3:o:linux:linux_kernel::::::::

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm:::
	cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts:::

Configuration 4 (hide)

OR	cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere::
	cpe:2.3:a:netapp:cloud_backup:-:::::::*
	cpe:2.3:a:netapp:data_availability_services:-:::::::*
	cpe:2.3:a:netapp:hci_management_node:-:::::::*
	cpe:2.3:a:netapp:solidfire:-:::::::*
	cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::*

Configuration 5 (hide)

AND

cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND

cpe:2.3:o:netapp:fas_8300_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas_8300:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND

cpe:2.3:o:netapp:fas_8700_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas_8700:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND

cpe:2.3:o:netapp:fas_a400_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:fas_a400:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND

cpe:2.3:o:netapp:aff_8300_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_8300:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND

cpe:2.3:o:netapp:aff_8700_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_8700:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND

cpe:2.3:o:netapp:aff_a400_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:aff_a400:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND

cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND

cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*

cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*

History

03 Oct 2023, 15:39

Type	Values Removed	Values Added
CPE	cpe:2.3:o:linux:linux_kernel:5.3.11:::::::* cpe:2.3:o:linux:linux_kernel:5.0.21:::::::*	cpe:2.3:o:linux:linux_kernel::::::::

27 Feb 2023, 15:30

Type	Values Removed	Values Added
First Time		Netapp a700s Firmware Canonical Debian Netapp cloud Backup Netapp solidfire Baseboard Management Controller Canonical ubuntu Linux Netapp aff 8300 Firmware Netapp fas 8300 Firmware Netapp aff A400 Firmware Netapp h610s Netapp fas A400 Firmware Netapp fas A400 Netapp h610s Firmware Netapp steelstore Cloud Integrated Storage Netapp active Iq Unified Manager Netapp solidfire Baseboard Management Controller Firmware Netapp fas 8700 Firmware Netapp a700s Netapp Netapp solidfire Netapp fas 8300 Netapp fas 8700 Netapp aff A400 Netapp hci Management Node Netapp aff 8300 Netapp aff 8700 Debian debian Linux Netapp data Availability Services Netapp aff 8700 Firmware
CPE		cpe:2.3:o:netapp:aff_8300_firmware:-:::::::* cpe:2.3:a:netapp:solidfire:-:::::::* cpe:2.3:o:canonical:ubuntu_linux:16.04::::esm::: cpe:2.3:h:netapp:a700s:-:::::::* cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:::::::* cpe:2.3:o:netapp:h610s_firmware:-:::::::* cpe:2.3:a:netapp:hci_management_node:-:::::::* cpe:2.3:a:netapp:cloud_backup:-:::::::* cpe:2.3:o:debian:debian_linux:9.0:::::::* cpe:2.3:o:canonical:ubuntu_linux:14.04::::esm::: cpe:2.3:h:netapp:aff_8300:-:::::::* cpe:2.3:h:netapp:fas_8700:-:::::::* cpe:2.3:h:netapp:fas_8300:-:::::::* cpe:2.3:o:netapp:a700s_firmware:-:::::::* cpe:2.3:o:netapp:fas_a400_firmware:-:::::::* cpe:2.3:o:netapp:fas_8300_firmware:-:::::::* cpe:2.3:h:netapp:aff_8700:-:::::::* cpe:2.3:a:netapp:data_availability_services:-:::::::* cpe:2.3:a:netapp:active_iq_unified_manager:-:::::vmware_vsphere:: cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:::::::* cpe:2.3:o:canonical:ubuntu_linux:18.04::::lts::: cpe:2.3:o:netapp:fas_8700_firmware:-:::::::* cpe:2.3:h:netapp:aff_a400:-:::::::* cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:::::::* cpe:2.3:h:netapp:h610s:-:::::::* cpe:2.3:h:netapp:fas_a400:-:::::::* cpe:2.3:o:netapp:aff_8700_firmware:-:::::::* cpe:2.3:o:netapp:aff_a400_firmware:-:::::::*
References	~~(UBUNTU) https://usn.ubuntu.com/4578-1/ -~~	(UBUNTU) https://usn.ubuntu.com/4578-1/ - Third Party Advisory
References	~~(MLIST) https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html -~~	(MLIST) https://lists.debian.org/debian-lts-announce/2020/10/msg00032.html - Mailing List, Third Party Advisory
References	~~(MLIST) https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html -~~	(MLIST) https://lists.debian.org/debian-lts-announce/2020/10/msg00034.html - Mailing List, Third Party Advisory
References	~~(MLIST) https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html -~~	(MLIST) https://lists.debian.org/debian-lts-announce/2020/09/msg00025.html - Mailing List, Third Party Advisory
References	~~(CONFIRM) https://security.netapp.com/advisory/ntap-20200103-0001/ -~~	(CONFIRM) https://security.netapp.com/advisory/ntap-20200103-0001/ - Third Party Advisory

Information

Published : 2019-12-08 02:15

Updated : 2023-12-10 13:13

NVD link : CVE-2019-19448

Mitre link : CVE-2019-19448

CVE.ORG link : CVE-2019-19448

JSON object : View

Products Affected

netapp

a700s_firmware
aff_a400
fas_8300_firmware
solidfire_baseboard_management_controller
cloud_backup
fas_8700_firmware
data_availability_services
steelstore_cloud_integrated_storage
fas_a400
hci_management_node
solidfire
fas_a400_firmware
h610s
fas_8700
aff_8300
aff_8700_firmware
a700s
aff_8700
fas_8300
aff_8300_firmware
solidfire_baseboard_management_controller_firmware
active_iq_unified_manager
aff_a400_firmware
h610s_firmware

linux

linux_kernel

canonical

ubuntu_linux

debian

debian_linux

CWE

CWE-416

Use After Free

7.8 /10