UBUNTU-CVE-2019-19816
Vulnerability Summary
Timeline
Description
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled.
CVSS Metrics
- v3.1•HIGH•Score: 7.8CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Systems
- ubuntu•linux
all | < 4.4.0-201.233 | < 4.15.0-109.110
- ubuntu•linux-aws
< 4.4.0-1085.89 | < 4.4.0-1121.135 | < 4.15.0-1077.81
- ubuntu•linux-aws-5.0
all
- ubuntu•linux-aws-fips
< 4.15.0-2022.22 | all
- ubuntu•linux-aws-hwe
< 4.15.0-1079.83~16.04.1
- ubuntu•linux-azure
< 4.15.0-1091.101~14.04.1 | < 4.15.0-1091.101~16.04.1 | all
- ubuntu•linux-azure-4.15
< 4.15.0-1091.101
- ubuntu•linux-azure-edge
all
- ubuntu•linux-azure-fde
all
- ubuntu•linux-azure-fde-5.15
all
- ubuntu•linux-azure-fips
< 4.15.0-2006.7 | all
- ubuntu•linux-bluefield
all
- ubuntu•linux-fips
< 4.4.0-1055.61 | all | < 4.15.0-1037.42
- ubuntu•linux-gcp
< 4.15.0-1080.90~16.04.1 | all
- ubuntu•linux-gcp-4.15
< 4.15.0-1080.90
- ubuntu•linux-gcp-edge
all
- ubuntu•linux-gcp-fips
all
- ubuntu•linux-gke
all
- ubuntu•linux-gke-4.15
< 4.15.0-1066.69
- ubuntu•linux-hwe
< 4.15.0-112.113~16.04.1 | < 5.3.0-26.28~18.04.1
- ubuntu•linux-hwe-edge
all | < 5.3.0-19.20~18.04.2
- ubuntu•linux-intel-iot-realtime
all
- ubuntu•linux-kvm
< 4.4.0-1087.96 | < 4.15.0-1069.70
- ubuntu•linux-lts-xenial
< 4.4.0-201.233~14.04.1
- ubuntu•linux-nvidia
all
- ubuntu•linux-oem
< 4.15.0-1091.101
- ubuntu•linux-oracle
< 4.15.0-1050.54~16.04.1 | < 4.15.0-1048.52
- ubuntu•linux-oracle-5.0
all
- ubuntu•linux-raspi-realtime
all
- ubuntu•linux-raspi2
< 4.4.0-1145.155 | < 4.15.0-1065.69 | all
- ubuntu•linux-realtime
all
- ubuntu•linux-riscv
all
- ubuntu•linux-snapdragon
< 4.4.0-1149.159 | < 4.15.0-1083.91