PT-2019-4692 · Linux+6 · Linux Kernel+6

Jungyeon

Published

2019-04-09

Updated

2025-09-29

CVE-2019-19319

CVSS v2.0

6.8

Medium

Vector

AV:L/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.2

Description The issue is related to a use-after-free in the ext4 xattr set entry function in fs/ext4/xattr.c, which can cause a slab-out-of-bounds write access. This can occur when a large old size value is used in a memset call after mounting a crafted ext4 image. The exploitation of this issue may allow a remote attacker to execute arbitrary code.

Recommendations For Linux kernel versions prior to 5.2, update to version 5.2 or later to resolve the issue. At the moment, there is no information about additional mitigation measures for this vulnerability.

Exploit

Fix

Memory Corruption

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-416

Related Identifiers

ALSA-2020:4431

ALSA-2025_12746

ALSA-2025_12752

ALSA-2025_12753

ALSA-2025_13589

ALSA-2025_13590

ALSA-2025_16880

ALT-PU-2019-2120

ALT-PU-2019-2311

BDU:2020-01064

CESA-2020_4431

CESA-2020_4609

CVE-2019-19319

DLA-2241-1

DLA-2241-2

DLA-2242-1

DSA-4698-1

ELSA-2020-4431

OPENSUSE-SU-2020:0336-1

OPENSUSE-SU-2020_0336-1

RHSA-2020:4431

RHSA-2020:4609

RHSA-2020_4431

RHSA-2020_4609

SUSE-SU-2020:0093-1

SUSE-SU-2020:0511-1

SUSE-SU-2020:0559-1

SUSE-SU-2020:0560-1

SUSE-SU-2020:0580-1

SUSE-SU-2020:0584-1

SUSE-SU-2020:0599-1

SUSE-SU-2020:0613-1

SUSE-SU-2020:1255-1

SUSE-SU-2020:1275-1

SUSE-SU-2020:1663-1

SUSE-SU-2020_1275-1

SUSE-SU-2020_1663-1

USN-4391-1

Affected Products

Alt Linux

Almalinux

Centos

Linux Kernel

Red Hat

Suse

Ubuntu

PT-2019-4692 · Linux+6 · Linux Kernel+6

CVE-2019-19319

Weakness Enumeration

Related Identifiers

Affected Products

References · 879