CVE-2019-9857

Опубликовано: 21 мар. 2019

Источник: ubuntu

Приоритет: medium

CVSS2: 4.9

CVSS3: 5.5

Описание

In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak). Finally, this will cause a denial of service.

Релиз	Статус	Примечание
bionic	not-affected	4.13.0-16.19
cosmic	not-affected	4.15.0-20.21
devel	not-affected	5.0.0-11.12
esm-infra-legacy/trusty	not-affected	3.11.0-12.19
esm-infra/bionic	not-affected	4.13.0-16.19
esm-infra/xenial	not-affected	4.2.0-16.19
precise/esm	ignored	end of life, was needs-triage
trusty	not-affected	3.11.0-12.19
trusty/esm	not-affected	3.11.0-12.19
upstream	released	5.1~rc2

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.15.0-1001.1
cosmic	not-affected	4.15.0-1007.7
devel	not-affected	5.0.0-1002.2
esm-infra-legacy/trusty	not-affected	4.4.0-1002.2
esm-infra/bionic	not-affected	4.15.0-1001.1
esm-infra/xenial	not-affected	4.4.0-1001.10
precise/esm	DNE
trusty	not-affected	4.4.0-1002.2
trusty/esm	not-affected	4.4.0-1002.2
upstream	released	5.1~rc2

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/xenial	not-affected	4.15.0-1030.31~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc2
xenial	not-affected	4.15.0-1030.31~16.04.1

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.15.0-1002.2
cosmic	not-affected	4.15.0-1009.9
devel	not-affected	5.0.0-1002.2
esm-infra-legacy/trusty	not-affected	4.15.0-1023.24~14.04.1
esm-infra/bionic	not-affected	4.15.0-1002.2
esm-infra/xenial	not-affected	4.11.0-1009.9
precise/esm	DNE
trusty	not-affected	4.15.0-1023.24~14.04.1
trusty/esm	not-affected	4.15.0-1023.24~14.04.1
upstream	released	5.1~rc2

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.15.0-1002.2
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1002.2
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc2
xenial	not-affected	4.11.0-1009.9

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc2
xenial	ignored	end of standard support, was needs-triage

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	5.1~rc2
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.15.0-1001.1
cosmic	not-affected	4.15.0-1006.6
devel	not-affected	5.0.0-1002.2
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1001.1
esm-infra/xenial	not-affected	4.10.0-1004.4
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc2

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.18.0-1004.5~18.04.1
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.18.0-1004.5~18.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	not-affected
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc2
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	5.1~rc2
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	5.1~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.18.0-13.14~18.04.1
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.18.0-13.14~18.04.1
esm-infra/xenial	not-affected	4.8.0-36.36~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc2

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	5.0.0-13.14~18.04.1
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	5.0.0-13.14~18.04.1
esm-infra/xenial	not-affected	4.8.0-36.36~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc2

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.15.0-1002.2
cosmic	not-affected	4.15.0-1008.8
devel	not-affected	5.0.0-1002.2
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1002.2
esm-infra/xenial	not-affected	4.4.0-1004.9
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc2

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE
precise/esm	ignored	end of life, was needs-triage
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	5.1~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	5.1~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [end of standard support]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [end of standard support]
upstream	released	5.1~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	not-affected	4.4.0-13.29~14.04.1
precise/esm	DNE
trusty	not-affected	4.4.0-13.29~14.04.1
trusty/esm	not-affected	4.4.0-13.29~14.04.1
upstream	released	5.1~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	5.1~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-apps/xenial	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	5.1~rc2
xenial	ignored	end of standard support

Показывать по

Релиз	Статус	Примечание
bionic	DNE
cosmic	DNE
devel	DNE
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was ignored [abandoned]]
precise/esm	DNE
trusty	ignored	end of standard support
trusty/esm	DNE	trusty was ignored [abandoned]
upstream	released	5.1~rc2
xenial	DNE

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.15.0-1002.3
cosmic	not-affected	4.15.0-1004.5
devel	not-affected	4.15.0-1021.24
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1002.3
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc2
xenial	ignored	end of standard support, was needs-triage

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.15.0-1007.9
cosmic	not-affected	4.15.0-1007.9
devel	not-affected	4.15.0-1007.9
esm-infra-legacy/trusty	DNE
esm-infra/bionic	not-affected	4.15.0-1007.9
esm-infra/xenial	not-affected	4.15.0-1007.9~16.04.1
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc2

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.13.0-1005.5
cosmic	not-affected	4.15.0-1010.11
devel	not-affected	5.0.0-1005.5
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc2
xenial	not-affected	4.2.0-1013.19

Показывать по

Релиз	Статус	Примечание
bionic	not-affected	4.4.0-1077.82
cosmic	DNE
devel	not-affected	5.0.0-1010.10
esm-infra-legacy/trusty	DNE
precise/esm	DNE
trusty	DNE
trusty/esm	DNE
upstream	released	5.1~rc2
xenial	not-affected	4.4.0-1012.12

Показывать по

Ссылки на источники

4.9 Medium

CVSS2

5.5 Medium

CVSS3

Связанные уязвимости

CVE-2019-9857

CVSS3: 5.7

redhat

почти 7 лет назад

CVE-2019-9857

CVSS3: 5.5

nvd

почти 7 лет назад

CVE-2019-9857

CVSS3: 5.5

debian

почти 7 лет назад

In the Linux kernel through 5.0.2, the function inotify_update_existin ...

GHSA-p54v-5qqx-fv5f

CVSS3: 5.5

github

больше 3 лет назад

BDU:2021-03399

CVSS3: 5.5

fstec

почти 7 лет назад

Уязвимость функции inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c ядра операционной системы Linux, связанная с недостатком механизма освобождения памяти, позволяющая нарушителю вызвать отказ в обслуживании

4.9 Medium

CVSS2

5.5 Medium

CVSS3

CVE-2019-9857

Описание

Пакет linux

Пакет linux-aws

Пакет linux-aws-hwe

Пакет linux-azure

Пакет linux-azure-edge

Пакет linux-euclid

Пакет linux-flo

Пакет linux-gcp

Пакет linux-gcp-edge

Пакет linux-gke

Пакет linux-goldfish

Пакет linux-grouper

Пакет linux-hwe

Пакет linux-hwe-edge

Пакет linux-kvm

Пакет linux-lts-trusty

Пакет linux-lts-utopic

Пакет linux-lts-vivid

Пакет linux-lts-wily

Пакет linux-lts-xenial

Пакет linux-maguro

Пакет linux-mako

Пакет linux-manta

Пакет linux-oem

Пакет linux-oracle

Пакет linux-raspi2

Пакет linux-snapdragon

Ссылки на источники

Связанные уязвимости