PT-2019-5312 · Linux+4 · Linux Kernel+4

Published

2019-04-16

Updated

2021-05-28

CVE-2019-15919

CVSS v3.1

3.3

Low

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 5.0.10

Description An issue in the Linux kernel is related to a use-after-free in the SMB2 write function, located in fs/cifs/smb2pdu.c. This issue may allow an attacker to disclose protected information.

Recommendations For Linux kernel versions prior to 5.0.10, update to version 5.0.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the SMB2 write function until a patch is available.

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

ALT-PU-2019-1762

ALT-PU-2019-1767

ALT-PU-2020-1198

ALT-PU-2020-1501

ALT-PU-2020-2410

ALT-PU-2020-2433

ALT-PU-2021-1870

BDU:2020-02259

CESA-2019_3517

CVE-2019-15919

OPENSUSE-SU-2019:2173-1

OPENSUSE-SU-2019:2181-1

OPENSUSE-SU-2019_2173-1

OPENSUSE-SU-2019_2181-1

RHSA-2019:3517

RHSA-2019_3517

SUSE-SU-2019:2412-1

SUSE-SU-2019:2414-1

SUSE-SU-2019:2424-1

SUSE-SU-2019:2648-1

SUSE-SU-2019:2651-1

SUSE-SU-2019:2658-1

SUSE-SU-2019:2738-1

SUSE-SU-2019:2756-1

Affected Products

Alt Linux

Centos

Linux Kernel

Red Hat

Suse

PT-2019-5312 · Linux+4 · Linux Kernel+4

CVE-2019-15919

Weakness Enumeration

Related Identifiers

Affected Products

References · 556