ID CVE-2019-19815
Summary In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h.
References
Vulnerable Configurations
  • cpe:2.3:o:linux:linux_kernel:5.0.21:*:*:*:*:*:*:*
    cpe:2.3:o:linux:linux_kernel:5.0.21:*:*:*:*:*:*:*
CVSS
Base: 7.1 (as of 03-01-2020 - 11:15)
Impact:
Exploitability:
CWE CWE-476
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:C
refmap via4
confirm https://security.netapp.com/advisory/ntap-20200103-0001/
misc
Last major update 03-01-2020 - 11:15
Published 17-12-2019 - 07:15
Last modified 03-01-2020 - 11:15
Back to Top