CVE-2019-15791

Name of the Vulnerable Software and Affected Versions Linux kernel versions 5.0 and 5.3

Description The issue is related to an uncontrolled resource consumption in the shiftfs component of the Linux kernel. Exploitation of this issue may allow an attacker to cause a denial of service. The problem arises from the shiftfs btrfs ioctl fd replace() function, which installs an fd referencing a file from the lower filesystem without taking an additional reference to that file, leading to a refcount underflow after the btrfs ioctl completes and the fd is closed.

Recommendations For Linux kernel versions 5.0 and 5.3, consider disabling the shiftfs btrfs ioctl fd replace() function as a temporary workaround until a patch is available. Restrict access to the shiftfs component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.