Published: 25/08/2019 Updated: 07/11/2023

CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 694

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C

An issue exists in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel up to and including 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 5.3
linux linux kernel
canonical ubuntu linux 18.04
canonical ubuntu linux 19.04
canonical ubuntu linux 16.04
netapp data availability services -
netapp solidfire -
netapp hci management node -
netapp aff_a700s_firmware -
netapp h300s_firmware -
netapp h500s_firmware -
netapp h700s_firmware -
netapp h300e_firmware -
netapp h500e_firmware -
netapp h700e_firmware -
netapp h410s_firmware -
netapp h410c_firmware -
netapp h610s_firmware -
opensuse leap 15.0
opensuse leap 15.1
debian debian linux 8.0
fedoraproject fedora 29
fedoraproject fedora 30

Synopsis Important: kernel-alt security and bug fix update Type/Severity Security Advisory: Important Topic An update for kernel-alt is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System ...

Several security issues were fixed in the Linux kernel ...

A backporting error was discovered in the Linux stable/longterm kernel 44x through 44190, 49x through 49190, 414x through 414141, 419x through 41969, and 52x through 5211 Misuse of the upstream "x86/ptrace: Fix possible spectre-v1 in ptrace_get_debugreg()" commit reintroduced the Spectre vulnerability that it aimed to eliminate ...

Impact: Moderate Public Date: 2019-08-25 CWE: CWE-400 Bugzilla: 1746777: CVE-2019-15538 kernel: denial ...

CWE-400 https://github.com/torvalds/linux/commit/1fb254aa983bf190cfd685d40c64a480a9bafaee https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=1fb254aa983bf190cfd685d40c64a480a9bafaee https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html https://usn.ubuntu.com/4144-1/https://security.netapp.com/advisory/ntap-20191004-0001/https://usn.ubuntu.com/4147-1/https://lore.kernel.org/linux-xfs/20190823035528.GH1037422%40magnolia/https://lore.kernel.org/linux-xfs/20190823192433.GA8736%40eldamar.local https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/https://support.f5.com/csp/article/K32592426?utm_source=f5support&%3Butm_medium=RSS https://access.redhat.com/errata/RHSA-2020:2104 https://nvd.nist.gov https://usn.ubuntu.com/4144-1/

CVE-2019-15538

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect