CVE-2019-19813

Public on 2019-12-17

Modified on 2021-01-26

Description

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and btrfs_insert_delayed_items in fs/btrfs/delayed-inode.c.

Severity

Medium

See what this means

CVSS v3 Base Score

5.5

See breakdown

Affected Packages

Platform	Package	Release Date	Advisory
Amazon Linux 1	kernel	2021-01-26 00:11	ALAS-2021-1477
Amazon Linux 2 - Core	kernel	2021-01-25 23:09	ALAS2-2021-1588

CVSS Scores

	Score Type	Score	Vector
Amazon Linux	CVSSv3	5.5	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
NVD	CVSSv2	7.1	AV:N/AC:M/Au:N/C:N/I:N/A:C
NVD	CVSSv3	5.5	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References

Red Hat: CVE-2019-19813 Mitre: CVE-2019-19813 FAQs regarding Amazon Linux ALAS/CVE Severity