CVE-2019-19449
Summary
| CVE | CVE-2019-19449 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2019-12-08 02:15:00 UTC |
|---|
| Updated | 2020-01-03 11:15:00 UTC |
|---|
| Description | In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated). |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| CVE/CVE-2019-19449 at master · bobfuzzer/CVE · GitHub |
MISC |
github.com |
Exploit, Third Party Advisory |
| December 2019 Linux Kernel Vulnerabilities in NetApp Products | NetApp Product Security |
CONFIRM |
security.netapp.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 198548 Ubuntu Security Notification for Linux kernel (Azure) Vulnerabilities (USN-5120-1)
- 198562 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5136-1)
- 198563 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5137-1)
- 198565 Ubuntu Security Notification for Linux kernel Vulnerabilities (USN-5137-2)
