Описание
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-11833
- https://github.com/torvalds/linux/commit/592acbf16821288ecdc4192c47e3774a4c48bb64
- https://www.debian.org/security/2019/dsa-4465
- https://usn.ubuntu.com/4118-1
- https://usn.ubuntu.com/4095-2
- https://usn.ubuntu.com/4076-1
- https://usn.ubuntu.com/4069-2
- https://usn.ubuntu.com/4069-1
- https://usn.ubuntu.com/4068-2
- https://usn.ubuntu.com/4068-1
- https://seclists.org/bugtraq/2019/Jun/26
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GJGZIMGB72TL7OGWRMHIL43WHXFQWU4X
- https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html
- https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html
- https://access.redhat.com/errata/RHSA-2019:3517
- https://access.redhat.com/errata/RHSA-2019:3309
- https://access.redhat.com/errata/RHSA-2019:2043
- https://access.redhat.com/errata/RHSA-2019:2029
- http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00071.html
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html
- http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html
- http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
- http://www.securityfocus.com/bid/108372
Связанные уязвимости
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out ...
Уязвимость файла fs/ext4/extents.c ядра операционной системы Linux, позволяющая нарушителю раскрыть защищаемую информацию