PT-2019-4253 · Linux+2 · Linux Kernel+2

Publicado

2019-11-19

Atualizado

2025-09-29

CVE-2019-19039

CVSS v3.1

5.5

Média

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.3.12

Description The issue in the Linux kernel's btrfs free extent function allows local users to obtain potentially sensitive information about register values via the dmesg program in a certain ENOENT case. The BTRFS development team disputes this as not being a vulnerability, citing that the kernel provides facilities to restrict access to dmesg and that WARN/WARN ON macros are widely used in the Linux kernel.

Recommendations To mitigate this issue, consider setting the dmesg restrict sysctl option to 1 to restrict access to dmesg. This can help minimize the risk of sensitive information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Information Disclosure

Insertion into Log File

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-200CWE-532

Identificadores relacionados

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2019-3180

ALT-PU-2019-3268

ALT-PU-2019-3295

ALT-PU-2020-1198

ALT-PU-2020-1421

ALT-PU-2020-1450

ALT-PU-2020-1501

ALT-PU-2020-1714

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2019-04854

CVE-2019-19039

DLA-2483-1

USN-4414-1

Produtos afetados

Alt Linux

Linux Kernel

Ubuntu

PT-2019-4253 · Linux+2 · Linux Kernel+2

CVE-2019-19039

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 32