Description
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
References (6)
Core 6
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19377
Third Party Advisory, VDB Entry x_refsource_confirm
https://security.netapp.com/advisory/ntap-20200103-0001/
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4367-1/
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4369-1/
Third Party Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4414-1/
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2020/12/msg00015.html
Scores
CVSS v3
7.8
EPSS
0.0039
EPSS Percentile
60.4%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-416
Status
published
Products (5)
linux/linux_kernel
2.6.12 - 4.19.156
netapp/active_iq_unified_manager
netapp/cloud_backup
netapp/solidfire_baseboard_management_controller
netapp/steelstore_cloud_integrated_storage
Published
Nov 29, 2019
Tracked Since
Feb 18, 2026