1. Home
  2. Vulnerabilities
  3. CVE-2019-19377

CVE-2019-19377

CVSS v3.1 7.8 (High)
78% Progress
CVSS v2.0 6.8 (Medium)
68% Progress
EPSS 0.23 % (62th)
0.23% Progress
Affected Products 5
Advisories 19
Info CVSS EPSS Affected Configurations References Security Advisories Packages & Software OVAL Tools, Exploits & PoC Graph Web & Social Timeline

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.

Weaknesses
CWE-416
Use After Free
CVE Status
PUBLISHED
CNA
MITRE
Published Date
2019-11-29 16:15:10
(4 years ago)
Updated Date
2023-10-03 15:39:14
(11 months ago)

Affected Products

Linux

Netapp

Configuration #1

    CPE23 From Up To
  Linux Kernel from 2.6.12 version and prior 4.19.156 version cpe:2.3:o:linux:linux_kernel >= 2.6.12 < 4.19.156
  Linux Kernel from 4.20 version and prior 5.4.33 version cpe:2.3:o:linux:linux_kernel >= 4.20 < 5.4.33
  Linux Kernel from 5.5.0 version and prior 5.5.18 version cpe:2.3:o:linux:linux_kernel >= 5.5.0 < 5.5.18
  Linux Kernel from 5.6 version and prior 5.6.5 version cpe:2.3:o:linux:linux_kernel >= 5.6 < 5.6.5

Configuration #2

    CPE23 From Up To
  Netapp Active Iq Unified Manager for Vmware Vsphere cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere
  Netapp Cloud Backup cpe:2.3:a:netapp:cloud_backup:-
  Netapp Steelstore Cloud Integrated Storage cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-
  Netapp Solidfire Baseboard Management Controller cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-