vulnerability

Ubuntu: (Multiple Advisories) (CVE-2019-19039): Linux kernel vulnerabilities

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
2	(AV:L/AC:M/Au:N/C:P/I:N/A:N)	Nov 21, 2019	Aug 5, 2020	Nov 7, 2024

Severity

CVSS

(AV:L/AC:M/Au:N/C:P/I:N/A:N)

Published

Nov 21, 2019

Added

Aug 5, 2020

Modified

Nov 7, 2024

Description

__btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as not being a vulnerability because “1) The kernel provide facilities to restrict access to dmesg - dmesg_restrict=1 sysctl option. So it's really up to the system administrator to judge whether dmesg access shall be disallowed or not. 2) WARN/WARN_ON are widely used macros in the linux kernel. If this CVE is considered valid this would mean there are literally thousands CVE lurking in the kernel - something which clearly is not the case.

Solution(s)

ubuntu-upgrade-linux-image-4-15-0-1046-oracleubuntu-upgrade-linux-image-4-15-0-1048-oracleubuntu-upgrade-linux-image-4-15-0-1064-gkeubuntu-upgrade-linux-image-4-15-0-1065-raspi2ubuntu-upgrade-linux-image-4-15-0-1069-kvmubuntu-upgrade-linux-image-4-15-0-107-genericubuntu-upgrade-linux-image-4-15-0-107-generic-lpaeubuntu-upgrade-linux-image-4-15-0-107-lowlatencyubuntu-upgrade-linux-image-4-15-0-1074-awsubuntu-upgrade-linux-image-4-15-0-1077-awsubuntu-upgrade-linux-image-4-15-0-1078-gcpubuntu-upgrade-linux-image-4-15-0-1081-snapdragonubuntu-upgrade-linux-image-4-15-0-109-genericubuntu-upgrade-linux-image-4-15-0-109-generic-lpaeubuntu-upgrade-linux-image-4-15-0-109-lowlatencyubuntu-upgrade-linux-image-4-15-0-1091-azureubuntu-upgrade-linux-image-4-15-0-1091-oemubuntu-upgrade-linux-image-aws-hweubuntu-upgrade-linux-image-aws-lts-18-04ubuntu-upgrade-linux-image-azureubuntu-upgrade-linux-image-azure-lts-18-04ubuntu-upgrade-linux-image-gcpubuntu-upgrade-linux-image-gcp-lts-18-04ubuntu-upgrade-linux-image-genericubuntu-upgrade-linux-image-generic-hwe-16-04ubuntu-upgrade-linux-image-generic-lpaeubuntu-upgrade-linux-image-generic-lpae-hwe-16-04ubuntu-upgrade-linux-image-gkeubuntu-upgrade-linux-image-gke-4-15ubuntu-upgrade-linux-image-kvmubuntu-upgrade-linux-image-lowlatencyubuntu-upgrade-linux-image-lowlatency-hwe-16-04ubuntu-upgrade-linux-image-oemubuntu-upgrade-linux-image-oracleubuntu-upgrade-linux-image-oracle-lts-18-04ubuntu-upgrade-linux-image-raspi2ubuntu-upgrade-linux-image-snapdragonubuntu-upgrade-linux-image-virtualubuntu-upgrade-linux-image-virtual-hwe-16-04

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today