PT-2019-4446 · Linux+3 · Linux Kernel+3

Michael Hanselmann

·

Published

2019-10-05

·

Updated

2022-11-03

·

CVE-2019-10220

CVSS v2.0

10

High

VectorAV:N/AC:L/Au:N/C:C/I:C/A:C
Name of the Vulnerable Software and Affected Versions Linux kernel version 4.9.0
Description The issue concerns a relative paths injection in directory entry lists within the Linux kernel CIFS implementation. It is caused by incorrect restriction of the directory path name with limited access. Exploitation of this issue may allow a remote attacker to manipulate files in the client's directory.
Recommendations For Linux kernel version 4.9.0, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Path traversal

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-22

Related Identifiers

ALT-PU-2019-3059
ALT-PU-2019-3061
ALT-PU-2019-3066
ALT-PU-2020-1009
ALT-PU-2020-1042
ALT-PU-2020-1189
ALT-PU-2020-1421
ALT-PU-2020-1450
ALT-PU-2020-1714
ALT-PU-2020-2410
ALT-PU-2020-2433
BDU:2020-00233
CVE-2019-10220
DLA-2068-1
DLA-2114-1
OPENSUSE-SU-2019:2503-1
OPENSUSE-SU-2019:2507-1
OPENSUSE-SU-2019_2503-1
OPENSUSE-SU-2019_2507-1
SUSE-SU-2019:14218-1
SUSE-SU-2019:2821-1
SUSE-SU-2019:2829-1
SUSE-SU-2019:2859-1
SUSE-SU-2019:2864-1
SUSE-SU-2019:2946-1
SUSE-SU-2019:2947-1
SUSE-SU-2019:2948-1
SUSE-SU-2019:2949-1
SUSE-SU-2019:2950-1
SUSE-SU-2019:2951-1
SUSE-SU-2019:2952-1
SUSE-SU-2019:2953-1
SUSE-SU-2019:2984-1
SUSE-SU-2019:3019-1
SUSE-SU-2019:3200-1
SUSE-SU-2019:3215-1
SUSE-SU-2019:3216-1
SUSE-SU-2019:3223-1
SUSE-SU-2019:3224-1
SUSE-SU-2019:3225-1
SUSE-SU-2019:3228-1
SUSE-SU-2019:3230-1
SUSE-SU-2019:3232-1
SUSE-SU-2019:3233-1
SUSE-SU-2019:3246-1
SUSE-SU-2019:3247-1
SUSE-SU-2019:3248-1
SUSE-SU-2019:3249-1
SUSE-SU-2019:3252-1
SUSE-SU-2019:3255-1
SUSE-SU-2019:3258-1
SUSE-SU-2019:3260-1
SUSE-SU-2019:3261-1
SUSE-SU-2019:3263-1
SUSE-SU-2019:3294-1
SUSE-SU-2019:3295-1
SUSE-SU-2019_14218-1
SUSE-SU-2019_2829-1
SUSE-SU-2019_2859-1
SUSE-SU-2019_2864-1
SUSE-SU-2019_3215-1
SUSE-SU-2019_3216-1
SUSE-SU-2019_3233-1
SUSE-SU-2020:0093-1
SUSE-SU-2020:0183-1
USN-4226-1

Affected Products

Alt Linux
Linux Kernel
Suse
Ubuntu