Lucene search
GoogleOSV:CVE-2019-25044HistoryMay 14, 2021 - 11:15 p.m.
CVE-2019-25044
2021-05-1423:15:07
Google
osv.dev
5
The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blk_mq_free_rqs and blk_cleanup_queue.
| CPE | Name | Operator | Version |
|---|---|---|---|
| linux | eq | 2.6.29-rc8 | |
| linux | eq | 3.3-rc7 | |
| linux | eq | 4.16-rc7 | |
| linux | eq | 2.6.22-rc4 | |
| linux | eq | 2.6.29-rc5 | |
| linux | eq | 2.6.18-rc3 | |
| linux | eq | 4.1-rc8 | |
| linux | eq | 2.6.39 | |
| linux | eq | 4.18 | |
| linux | eq | 4.16-rc4 |
References
cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.2
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=c3e2219216c92919a6bd1711f340f5faa98695e6
security.netapp.com/advisory/ntap-20210629-0006/
sites.google.com/view/syzscope/kasan-use-after-free-read-in-blk_mq_free_rqs
syzkaller.appspot.com/bug?id=36fe241584203cf394d44560a42e3430434f1213
Related
ubuntucve
ubuntucve
CVE-2019-25044
2021-05-14 00:00:00
prion
prion
Cross site scripting
2021-05-14 23:15:00
f5
f5
K54647543 : Linux kernel vulnerability CVE-2019-25044
2022-05-16 00:00:00
debiancve
debiancve
CVE-2019-25044
2021-05-14 23:15:07
redhatcve
redhatcve
CVE-2019-25044
2021-05-19 00:24:19
cve
cve
CVE-2019-25044
2021-05-14 23:15:07
cvelist
cvelist
CVE-2019-25044
2021-05-14 22:57:29
nvd
nvd
CVE-2019-25044
2021-05-14 23:15:07