CVE-2019-19318

MEDIUM

Linux kernel <5.3.11 - Use After Free

Title source: llm

Description

In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,

References (5)

Core 5

Core References

Exploit, Third Party Advisory x_refsource_misc

https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19318

View Exploit ZIP pw:eip

Third Party Advisory x_refsource_confirm

https://security.netapp.com/advisory/ntap-20200103-0001/

Mailing List, Third Party Advisory vendor-advisory x_refsource_suse

http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/4414-1/

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

https://lists.debian.org/debian-lts-announce/2021/03/msg00010.html

Scores

CVSS v3 4.4

EPSS 0.0035

EPSS Percentile 57.8%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Details

CWE

CWE-416

Status published

Products (17)

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 18.04

debian/debian_linux 9.0

linux/linux_kernel 5.0.21

linux/linux_kernel 5.3.11

netapp/active_iq_unified_manager 9.5

netapp/aff_a400_firmware

netapp/aff_a700s_firmware

netapp/data_availability_services

... and 7 more

Published Nov 28, 2019

Tracked Since Feb 18, 2026