Use After Free The advisory has been revoked - it doesn't affect any version of package kernel-rt_debug-extra (opens in a new tab)
Threat Intelligence
EPSS
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
0.05% (23rd percentile)
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-SLES151-KERNELRTDEBUGEXTRA-2727293
- published14 Apr 2022
- disclosed9 Mar 2020
Introduced: 9 Mar 2020
CVE-2019-19319 (opens in a new tab)Common Vulnerabilities and Exposures (CVE) are common identifiers for publicly known security vulnerabilities
Common Weakness Enumeration (CWE) is a category system for software weaknesses
Common Weakness Enumeration (CWE) is a category system for software weaknesses
Amendment
The SLES security team deemed this advisory irrelevant for SLES:15.1.
NVD Description
Note: Versions mentioned in the description apply only to the upstream kernel-rt_debug-extra package and not the kernel-rt_debug-extra package as distributed by SLES.
In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30.
References
- https://www.suse.com/security/cve/CVE-2019-19319.html
- https://lists.suse.com/pipermail/sle-security-updates/2020-March/006585.html
- https://www.suse.com/support/update/announcement/2020/suse-su-20200613-1/
- https://bugzilla.suse.com/1046303
- https://bugzilla.suse.com/1050244
- https://bugzilla.suse.com/1051510
- https://bugzilla.suse.com/1051858
- https://bugzilla.suse.com/1061840
- https://bugzilla.suse.com/1065600
- https://bugzilla.suse.com/1065729
- https://bugzilla.suse.com/1071995
- https://bugzilla.suse.com/1078248
- https://bugzilla.suse.com/1083647
- https://bugzilla.suse.com/1085030
- https://bugzilla.suse.com/1086301
- https://bugzilla.suse.com/1086313
- https://bugzilla.suse.com/1086314
- https://bugzilla.suse.com/1089644
- https://bugzilla.suse.com/1090888
- https://bugzilla.suse.com/1103989
- https://bugzilla.suse.com/1103990
- https://bugzilla.suse.com/1103991
- https://bugzilla.suse.com/1104353
- https://bugzilla.suse.com/1104427
- https://bugzilla.suse.com/1104745
- https://bugzilla.suse.com/1108043
- https://bugzilla.suse.com/1109837
- https://bugzilla.suse.com/1111666
- https://bugzilla.suse.com/1112178
- https://bugzilla.suse.com/1112374
- https://bugzilla.suse.com/1113722
- https://bugzilla.suse.com/1113956
- https://bugzilla.suse.com/1113994
- https://bugzilla.suse.com/1114279
- https://bugzilla.suse.com/1114685
- https://bugzilla.suse.com/1115026
- https://bugzilla.suse.com/1117169
- https://bugzilla.suse.com/1118661
- https://bugzilla.suse.com/1119113
- https://bugzilla.suse.com/1120853
- https://bugzilla.suse.com/1123328
- https://bugzilla.suse.com/1126206
- https://bugzilla.suse.com/1126390
- https://bugzilla.suse.com/1127354
- https://bugzilla.suse.com/1127371
- https://bugzilla.suse.com/1127611
- https://bugzilla.suse.com/1127682
- https://bugzilla.suse.com/1129551
- https://bugzilla.suse.com/1129770
- https://bugzilla.suse.com/1134973
- https://bugzilla.suse.com/1134983
- https://bugzilla.suse.com/1137223
- https://bugzilla.suse.com/1137236
- https://bugzilla.suse.com/1138039
- https://bugzilla.suse.com/1140948
- https://bugzilla.suse.com/1141054
- https://bugzilla.suse.com/1142095
- https://bugzilla.suse.com/1142635
- https://bugzilla.suse.com/1142924
- https://bugzilla.suse.com/1143959
- https://bugzilla.suse.com/1144333
- https://bugzilla.suse.com/1146519
- https://bugzilla.suse.com/1146544
- https://bugzilla.suse.com/1151067
- https://bugzilla.suse.com/1151548
- https://bugzilla.suse.com/1151900
- https://bugzilla.suse.com/1151910
- https://bugzilla.suse.com/1151927
- https://bugzilla.suse.com/1152107
- https://bugzilla.suse.com/1152631
- https://bugzilla.suse.com/1153535
- https://bugzilla.suse.com/1153628
- https://bugzilla.suse.com/1153811
- https://bugzilla.suse.com/1153917
- https://bugzilla.suse.com/1154043
- https://bugzilla.suse.com/1154058
- https://bugzilla.suse.com/1154243
- https://bugzilla.suse.com/1154355
- https://bugzilla.suse.com/1154601
- https://bugzilla.suse.com/1154768
- https://bugzilla.suse.com/1154916
- https://bugzilla.suse.com/1155331
- https://bugzilla.suse.com/1155334
- https://bugzilla.suse.com/1155689
- https://bugzilla.suse.com/1155897
- https://bugzilla.suse.com/1155921
- https://bugzilla.suse.com/1156258
- https://bugzilla.suse.com/1156259
- https://bugzilla.suse.com/1156286
- https://bugzilla.suse.com/1156462
- https://bugzilla.suse.com/1156471
- https://bugzilla.suse.com/1156928
- https://bugzilla.suse.com/1157032
- https://bugzilla.suse.com/1157038
- https://bugzilla.suse.com/1157042
- https://bugzilla.suse.com/1157044
- https://bugzilla.suse.com/1157045
- https://bugzilla.suse.com/1157046
- https://bugzilla.suse.com/1157049
- https://bugzilla.suse.com/1157070
- https://bugzilla.suse.com/1157115
- https://bugzilla.suse.com/1157143
- https://bugzilla.suse.com/1157145
- https://bugzilla.suse.com/1157155
- https://bugzilla.suse.com/1157157
- https://bugzilla.suse.com/1157158
- https://bugzilla.suse.com/1157160
- https://bugzilla.suse.com/1157162
- https://bugzilla.suse.com/1157169
- https://bugzilla.suse.com/1157171
- https://bugzilla.suse.com/1157173
- https://bugzilla.suse.com/1157178
- https://bugzilla.suse.com/1157180
- https://bugzilla.suse.com/1157182
- https://bugzilla.suse.com/1157183
- https://bugzilla.suse.com/1157184
- https://bugzilla.suse.com/1157191
- https://bugzilla.suse.com/1157193
- https://bugzilla.suse.com/1157197
- https://bugzilla.suse.com/1157298
- https://bugzilla.suse.com/1157303
- https://bugzilla.suse.com/1157304
- https://bugzilla.suse.com/1157307
- https://bugzilla.suse.com/1157324
- https://bugzilla.suse.com/1157333
- https://bugzilla.suse.com/1157386
- https://bugzilla.suse.com/1157424
- https://bugzilla.suse.com/1157463
- https://bugzilla.suse.com/1157499
- https://bugzilla.suse.com/1157678
- https://bugzilla.suse.com/1157692
- https://bugzilla.suse.com/1157698
- https://bugzilla.suse.com/1157778
- https://bugzilla.suse.com/1157853
- https://bugzilla.suse.com/1157895
- https://bugzilla.suse.com/1157908
- https://bugzilla.suse.com/1158013
- https://bugzilla.suse.com/1158021
- https://bugzilla.suse.com/1158026
- https://bugzilla.suse.com/1158049
- https://bugzilla.suse.com/1158063
- https://bugzilla.suse.com/1158064
- https://bugzilla.suse.com/1158065
- https://bugzilla.suse.com/1158066
- https://bugzilla.suse.com/1158067
- https://bugzilla.suse.com/1158068
- https://bugzilla.suse.com/1158071
- https://bugzilla.suse.com/1158082
- https://bugzilla.suse.com/1158094
- https://bugzilla.suse.com/1158132
- https://bugzilla.suse.com/1158381
- https://bugzilla.suse.com/1158394
- https://bugzilla.suse.com/1158398
- https://bugzilla.suse.com/1158407
- https://bugzilla.suse.com/1158410
- https://bugzilla.suse.com/1158413
- https://bugzilla.suse.com/1158417
- https://bugzilla.suse.com/1158427
- https://bugzilla.suse.com/1158445
- https://bugzilla.suse.com/1158533
- https://bugzilla.suse.com/1158637
- https://bugzilla.suse.com/1158638
- https://bugzilla.suse.com/1158639
- https://bugzilla.suse.com/1158640
- https://bugzilla.suse.com/1158641
- https://bugzilla.suse.com/1158643
- https://bugzilla.suse.com/1158644
- https://bugzilla.suse.com/1158645
- https://bugzilla.suse.com/1158646
- https://bugzilla.suse.com/1158647
- https://bugzilla.suse.com/1158649
- https://bugzilla.suse.com/1158651
- https://bugzilla.suse.com/1158652
- https://bugzilla.suse.com/1158819
- https://bugzilla.suse.com/1158823
- https://bugzilla.suse.com/1158824
- https://bugzilla.suse.com/1158827
- https://bugzilla.suse.com/1158834
- https://bugzilla.suse.com/1158893
- https://bugzilla.suse.com/1158900
- https://bugzilla.suse.com/1158903
- https://bugzilla.suse.com/1158904
- https://bugzilla.suse.com/1158954
- https://bugzilla.suse.com/1159024
- https://bugzilla.suse.com/1159028
- https://bugzilla.suse.com/1159297
- https://bugzilla.suse.com/1159377
- https://bugzilla.suse.com/1159394
- https://bugzilla.suse.com/1159483
- https://bugzilla.suse.com/1159484
- https://bugzilla.suse.com/1159500
- https://bugzilla.suse.com/1159569
- https://bugzilla.suse.com/1159588
- https://bugzilla.suse.com/1159841
- https://bugzilla.suse.com/1159908
- https://bugzilla.suse.com/1159909
- https://bugzilla.suse.com/1159910
- https://bugzilla.suse.com/1159911
- https://bugzilla.suse.com/1159955
- https://bugzilla.suse.com/1160147
- https://bugzilla.suse.com/1160195
- https://bugzilla.suse.com/1160210
- https://bugzilla.suse.com/1160211
- https://bugzilla.suse.com/1160433
- https://bugzilla.suse.com/1160442
- https://bugzilla.suse.com/1160469
- https://bugzilla.suse.com/1160470
- https://bugzilla.suse.com/1160476
- https://bugzilla.suse.com/1160560
- https://bugzilla.suse.com/1160618
- https://bugzilla.suse.com/1160678
- https://bugzilla.suse.com/1160755
- https://bugzilla.suse.com/1160756
- https://bugzilla.suse.com/1160784
- https://bugzilla.suse.com/1160787
- https://bugzilla.suse.com/1160802
- https://bugzilla.suse.com/1160803
- https://bugzilla.suse.com/1160804
- https://bugzilla.suse.com/1160917
- https://bugzilla.suse.com/1160966
- https://bugzilla.suse.com/1161087
- https://bugzilla.suse.com/1161243
- https://bugzilla.suse.com/1161472
- https://bugzilla.suse.com/1161514
- https://bugzilla.suse.com/1161518
- https://bugzilla.suse.com/1161522
- https://bugzilla.suse.com/1161523
- https://bugzilla.suse.com/1161549
- https://bugzilla.suse.com/1161552
- https://bugzilla.suse.com/1161674
- https://bugzilla.suse.com/1161931
- https://bugzilla.suse.com/1161933
- https://bugzilla.suse.com/1161934
- https://bugzilla.suse.com/1161935
- https://bugzilla.suse.com/1161936
- https://bugzilla.suse.com/1161937
- https://bugzilla.suse.com/1162028
- https://bugzilla.suse.com/1162067
- https://bugzilla.suse.com/1162109
- https://bugzilla.suse.com/1162139
- https://www.suse.com/security/cve/CVE-2019-14615/
- https://www.suse.com/security/cve/CVE-2019-14895/
- https://www.suse.com/security/cve/CVE-2019-14896/
- https://www.suse.com/security/cve/CVE-2019-14897/
- https://www.suse.com/security/cve/CVE-2019-14901/
- https://www.suse.com/security/cve/CVE-2019-15213/
- https://www.suse.com/security/cve/CVE-2019-16746/
- https://www.suse.com/security/cve/CVE-2019-16994/
- https://www.suse.com/security/cve/CVE-2019-18660/
- https://www.suse.com/security/cve/CVE-2019-18683/
- https://www.suse.com/security/cve/CVE-2019-18808/
- https://www.suse.com/security/cve/CVE-2019-18809/
- https://www.suse.com/security/cve/CVE-2019-19036/
- https://www.suse.com/security/cve/CVE-2019-19045/
- https://www.suse.com/security/cve/CVE-2019-19046/
- https://www.suse.com/security/cve/CVE-2019-19049/
- https://www.suse.com/security/cve/CVE-2019-19051/
- https://www.suse.com/security/cve/CVE-2019-19052/
- https://www.suse.com/security/cve/CVE-2019-19054/
- https://www.suse.com/security/cve/CVE-2019-19056/
- https://www.suse.com/security/cve/CVE-2019-19057/
- https://www.suse.com/security/cve/CVE-2019-19058/
- https://www.suse.com/security/cve/CVE-2019-19060/
- https://www.suse.com/security/cve/CVE-2019-19062/
- https://www.suse.com/security/cve/CVE-2019-19063/
- https://www.suse.com/security/cve/CVE-2019-19065/
- https://www.suse.com/security/cve/CVE-2019-19066/
- https://www.suse.com/security/cve/CVE-2019-19067/
- https://www.suse.com/security/cve/CVE-2019-19068/
- https://www.suse.com/security/cve/CVE-2019-19073/
- https://www.suse.com/security/cve/CVE-2019-19074/
- https://www.suse.com/security/cve/CVE-2019-19075/
- https://www.suse.com/security/cve/CVE-2019-19077/
- https://www.suse.com/security/cve/CVE-2019-19078/
- https://www.suse.com/security/cve/CVE-2019-19080/
- https://www.suse.com/security/cve/CVE-2019-19081/
- https://www.suse.com/security/cve/CVE-2019-19082/
- https://www.suse.com/security/cve/CVE-2019-19083/
- https://www.suse.com/security/cve/CVE-2019-19227/
- https://www.suse.com/security/cve/CVE-2019-19318/
- https://www.suse.com/security/cve/CVE-2019-19319/
- https://www.suse.com/security/cve/CVE-2019-19332/
- https://www.suse.com/security/cve/CVE-2019-19338/
- https://www.suse.com/security/cve/CVE-2019-19447/
- https://www.suse.com/security/cve/CVE-2019-19523/
- https://www.suse.com/security/cve/CVE-2019-19524/
- https://www.suse.com/security/cve/CVE-2019-19525/
- https://www.suse.com/security/cve/CVE-2019-19526/
- https://www.suse.com/security/cve/CVE-2019-19527/
- https://www.suse.com/security/cve/CVE-2019-19528/
- https://www.suse.com/security/cve/CVE-2019-19529/
- https://www.suse.com/security/cve/CVE-2019-19530/
- https://www.suse.com/security/cve/CVE-2019-19531/
- https://www.suse.com/security/cve/CVE-2019-19532/
- https://www.suse.com/security/cve/CVE-2019-19533/
- https://www.suse.com/security/cve/CVE-2019-19534/
- https://www.suse.com/security/cve/CVE-2019-19535/
- https://www.suse.com/security/cve/CVE-2019-19536/
- https://www.suse.com/security/cve/CVE-2019-19537/
- https://www.suse.com/security/cve/CVE-2019-19543/
- https://www.suse.com/security/cve/CVE-2019-19767/
- https://www.suse.com/security/cve/CVE-2019-19927/
- https://www.suse.com/security/cve/CVE-2019-19965/
- https://www.suse.com/security/cve/CVE-2019-19966/
- https://www.suse.com/security/cve/CVE-2019-20054/
- https://www.suse.com/security/cve/CVE-2019-20095/
- https://www.suse.com/security/cve/CVE-2019-20096/
- https://www.suse.com/security/cve/CVE-2020-7053/
- https://www.suse.com/security/cve/CVE-2020-8428/
- https://www.suse.com/support/security/rating/
- http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00021.html
- https://bugzilla.suse.com/show_bug.cgi?id=1158021
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=345c0dbf3a30
- https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19319
- https://lists.debian.org/debian-lts-announce/2020/06/msg00011.html
- https://lists.debian.org/debian-lts-announce/2020/06/msg00012.html
- https://lists.debian.org/debian-lts-announce/2020/06/msg00013.html
- https://security.netapp.com/advisory/ntap-20200103-0001/
- https://usn.ubuntu.com/4391-1/
- https://www.debian.org/security/2020/dsa-4698