blob: 7874fa97f8c44f44599e082490e24a1a8fa51d78 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
Description: btrfs: crafted image triggers WARN() in __btrfs_free_extent
References:
https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19039
Notes:
bwh> The reporter describes this as an information leak because a WARN()
bwh> causes register contents to be logged. This is mitigated on stretch
bwh> onward because we restrict access to the kernel log by default.
bwh> However this can still be a denial-of-service if panic_on_warn is
bwh> enabled.
Bugs:
upstream: released (5.7-rc1) [b3ff8f1d380e65dddd772542aa9bff6c86bf715a]
4.19-upstream-stable:
4.9-upstream-stable:
3.16-upstream-stable: ignored "EOL"
sid: released (5.6.7-1)
4.19-buster-security:
4.9-stretch-security:
3.16-jessie-security: ignored "EOL"
|
