Vulnerability CVE-2019-19377 in Linux Kernel 5.0.21

Posted on 2019-12-04 by guenni

The Linux kernel 5.0.21 contains a use after free vulnerability CVE-2019-19377. The vulnerability documented on 29.11.2019 with a CVE number is currently awaiting analysis.

Advertising

The following tweet mentions to the vulnerability CVE-2019-19377 in the Linux kernel 5.0.21.

The problem: The Linux kernel 5.0.21 has a use-after-free vulnerability which can be exploited by operations like mounting a prepared btrfs file system image, performing some operations and unmounting. The error is in btrfs_queue_work in fs/btrfs/async-thread.c.

Advertising
This entry was posted in Linux, Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).