ALT-PU-2020-1905-1
Package kernel-image-std-def updated to version 5.4.35-alt1 for branch p9 in task 250790.
Closed vulnerabilities
Published: 2019-11-28
BDU:2022-05179
Уязвимость функции btrfs_queue_work ядра операционной системы Linux, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации
Severity: HIGH (7.8)
Vector: AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
Published: 2019-11-29
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2019-19377
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
Severity: HIGH (7.8)
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
References:
- https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19377
- https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19377
- [debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update
- [debian-lts-announce] 20201210 [SECURITY] [DLA 2483-1] linux-4.19 security update
- https://security.netapp.com/advisory/ntap-20200103-0001/
- https://security.netapp.com/advisory/ntap-20200103-0001/
- USN-4367-1
- USN-4367-1
- USN-4369-1
- USN-4369-1
- USN-4414-1
- USN-4414-1