PT-2019-4253 · Linux+2 · Linux Kernel+2

Published

2019-11-19

Updated

2025-09-29

CVE-2019-19039

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.3.12

Description The issue in the Linux kernel's btrfs free extent function allows local users to obtain potentially sensitive information about register values via the dmesg program in a certain ENOENT case. The BTRFS development team disputes this as not being a vulnerability, citing that the kernel provides facilities to restrict access to dmesg and that WARN/WARN ON macros are widely used in the Linux kernel.

Recommendations To mitigate this issue, consider setting the dmesg restrict sysctl option to 1 to restrict access to dmesg. This can help minimize the risk of sensitive information disclosure. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Information Disclosure

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-532

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2019-3180

ALT-PU-2019-3268

ALT-PU-2019-3295

ALT-PU-2020-1198

ALT-PU-2020-1421

ALT-PU-2020-1450

ALT-PU-2020-1501

ALT-PU-2020-1714

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2019-04854

CVE-2019-19039

DLA-2483-1

USN-4414-1

Affected Products

Alt Linux

Linux Kernel

Ubuntu

PT-2019-4253 · Linux+2 · Linux Kernel+2

CVE-2019-19039

Weakness Enumeration

Related Identifiers

Affected Products

References · 32