PT-2019-2822 · Linux+5 · Linux Kernel+5

Publicado

2019-05-10

·

Atualizado

2023-03-01

·

CVE-2019-11833

CVSS v3.1

5.5

Média

VetorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.1.2
Description The issue is related to the fs/ext4/extents.c file in the Linux kernel, which does not properly clear unused memory regions in the extent tree block. This might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. The vulnerability is associated with a lack of protection for internal data, which could be exploited to reveal protected information.
Recommendations For Linux kernel versions through 5.1.2, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Use of Uninitialized Resource

Information Disclosure

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-908CWE-200

Identificadores relacionados

ALT-PU-2019-1886
ALT-PU-2019-1887
ALT-PU-2019-1889
ALT-PU-2019-1892
ALT-PU-2019-1893
ALT-PU-2019-1896
ALT-PU-2019-2061
ALT-PU-2019-2063
ALT-PU-2019-2064
ALT-PU-2019-2077
ALT-PU-2019-2120
ALT-PU-2019-2213
ALT-PU-2019-2234
ALT-PU-2019-2311
ALT-PU-2020-1198
ALT-PU-2020-1501
ALT-PU-2020-2410
ALT-PU-2020-2433
ALT-PU-2021-1870
BDU:2019-02780
CESA-2019_2029
CESA-2019_3309
CESA-2019_3517
CVE-2019-11833
DLA-1823-1
DLA-1824-1
DSA-4465-1
MGASA-2019-0185
MGASA-2019-0196
MGASA-2019-0197
OPENSUSE-SU-2019:1479-1
OPENSUSE-SU-2019:1579-1
OPENSUSE-SU-2019_1479-1
OPENSUSE-SU-2019_1570-1
OPENSUSE-SU-2019_1579-1
RHSA-2019:2029
RHSA-2019:2043
RHSA-2019:3309
RHSA-2019:3517
RHSA-2019_2029
RHSA-2019_2043
RHSA-2019_3309
RHSA-2019_3517
SUSE-SU-2019:1527-1
SUSE-SU-2019:1529-1
SUSE-SU-2019:1530-1
SUSE-SU-2019:1532-1
SUSE-SU-2019:1533-1
SUSE-SU-2019:1534-1
SUSE-SU-2019:1535-1
SUSE-SU-2019:1536-1
SUSE-SU-2019:1550-1
SUSE-SU-2019:1692-1
SUSE-SU-2019:2430-1
USN-4068-1
USN-4068-2
USN-4069-1
USN-4069-2
USN-4076-1
USN-4095-2
USN-4118-1

Produtos afetados

Alt Linux
Centos
Linux Kernel
Red Hat
Suse
Ubuntu