PT-2019-14255 · Linux+3 · Linux Kernel+3

Benjamin Moody

Publicado

2017-03-17

Atualizado

2021-06-02

CVE-2019-15538

CVSS v2.0

7.8

Alta

Vetor

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.2.9

Description An issue was discovered in xfs setattr nonsize in fs/xfs/xfs iops.c. XFS partially wedges when a chgrp fails due to being out of disk quota. xfs setattr nonsize is failing to unlock the ILOCK after the xfs qm vop chown reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported, for instance, via NFS.

Recommendations For Linux kernel versions through 5.2.9, consider upgrading to a version that includes a fix for this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Resource Exhaustion

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-400

Identificadores relacionados

ALT-PU-2017-1299

ALT-PU-2018-1557

ALT-PU-2019-1139

ALT-PU-2019-1363

ALT-PU-2019-2580

ALT-PU-2019-2581

ALT-PU-2019-2617

ALT-PU-2019-2618

ALT-PU-2019-2655

ALT-PU-2020-1024

CVE-2019-15538

DLA-1919-1

DLA-1919-2

OPENSUSE-SU-2019:2173-1

OPENSUSE-SU-2019:2181-1

OPENSUSE-SU-2019_2173-1

OPENSUSE-SU-2019_2181-1

RHSA-2020:2104

SUSE-SU-2019:2412-1

SUSE-SU-2019:2414-1

SUSE-SU-2019:2424-1

SUSE-SU-2019:2648-1

SUSE-SU-2019:2651-1

SUSE-SU-2019:2658-1

SUSE-SU-2019:2738-1

SUSE-SU-2019:2756-1

USN-4144-1

USN-4147-1

Produtos afetados

Alt Linux

Linux Kernel

Suse

Ubuntu

PT-2019-14255 · Linux+3 · Linux Kernel+3

CVE-2019-15538

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 584