PT-2019-4494 · Linux+2 · Linux Kernel+2

Publicado

2019-06-21

Atualizado

2026-05-26

CVE-2019-19814

CVSS v2.0

9.3

Alta

Vetor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.0.21

Description The issue is related to the remove dirty segment function in the Linux kernel, which is vulnerable to a slab-out-of-bounds write access. This occurs when mounting a crafted f2fs filesystem image, allowing an attacker to cause a denial of service. The problem arises because an array is bounded by the number of dirty types (8), but the array index can exceed this.

Recommendations For Linux kernel version 5.0.21 and earlier, consider restricting access to the remove dirty segment function until a patch is available. As a temporary workaround, avoid using crafted f2fs filesystem images to minimize the risk of exploitation.

Exploit

Correção

Memory Corruption

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-787

Identificadores relacionados

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2019-2120

ALT-PU-2019-2311

BDU:2020-00353

CVE-2019-19814

ECHO-80DA-5A07-B637

Produtos afetados

Alt Linux

Debian

Linux Kernel

PT-2019-4494 · Linux+2 · Linux Kernel+2

CVE-2019-19814

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 19