PT-2019-4254 · Linux+1 · Linux Kernel+1

Published

2019-11-20

Updated

2025-09-29

CVE-2019-19037

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Linux kernel versions through 5.3.12

Description The issue is related to a NULL pointer dereference in the ext4 empty dir function in the Linux kernel. This can occur because ext4 read dirblock(inode,0,DIRENT HTREE) can return zero. The problem allows an attacker to cause a denial of service.

Recommendations For Linux kernel versions through 5.3.12, update to a version newer than 5.3.12 to resolve the issue. At the moment, there is no information about other specific fixes for this vulnerability.

Exploit

Fix

NULL Pointer Dereference

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-476

Related Identifiers

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_16880

ALT-PU-2019-3180

ALT-PU-2019-3268

ALT-PU-2019-3295

ALT-PU-2020-1002

ALT-PU-2020-1003

ALT-PU-2020-1025

ALT-PU-2020-1028

ALT-PU-2020-1042

ALT-PU-2020-1043

ALT-PU-2020-1070

ALT-PU-2020-1198

ALT-PU-2020-1421

ALT-PU-2020-1450

ALT-PU-2020-1501

ALT-PU-2020-1714

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1745

ALT-PU-2021-1870

BDU:2019-04855

CVE-2019-19037

DLA-2114-1

ELSA-2020-5804

ELSA-2021-9002

MGASA-2020-0036

MGASA-2020-0089

Affected Products

Alt Linux

Linux Kernel

PT-2019-4254 · Linux+1 · Linux Kernel+1

CVE-2019-19037

Weakness Enumeration

Related Identifiers

Affected Products

References · 57