PT-2019-14255 · Linux+3 · Linux Kernel+3

Benjamin Moody

Published

2017-03-17

Updated

2021-06-02

CVE-2019-15538

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.2.9

Description An issue was discovered in xfs setattr nonsize in fs/xfs/xfs iops.c. XFS partially wedges when a chgrp fails due to being out of disk quota. xfs setattr nonsize is failing to unlock the ILOCK after the xfs qm vop chown reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported, for instance, via NFS.

Recommendations For Linux kernel versions through 5.2.9, consider upgrading to a version that includes a fix for this issue, as no specific workaround is provided for these versions. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-400

Related Identifiers

ALT-PU-2017-1299

ALT-PU-2018-1557

ALT-PU-2019-1139

ALT-PU-2019-1363

ALT-PU-2019-2580

ALT-PU-2019-2581

ALT-PU-2019-2617

ALT-PU-2019-2618

ALT-PU-2019-2655

ALT-PU-2020-1024

CVE-2019-15538

DLA-1919-1

DLA-1919-2

OPENSUSE-SU-2019:2173-1

OPENSUSE-SU-2019:2181-1

OPENSUSE-SU-2019_2173-1

OPENSUSE-SU-2019_2181-1

RHSA-2020:2104

SUSE-SU-2019:2412-1

SUSE-SU-2019:2414-1

SUSE-SU-2019:2424-1

SUSE-SU-2019:2648-1

SUSE-SU-2019:2651-1

SUSE-SU-2019:2658-1

SUSE-SU-2019:2738-1

SUSE-SU-2019:2756-1

USN-4144-1

USN-4147-1

Affected Products

Alt Linux

Linux Kernel

Suse

Ubuntu

PT-2019-14255 · Linux+3 · Linux Kernel+3

CVE-2019-15538

Weakness Enumeration

Related Identifiers

Affected Products

References · 584