CVE-2019-15794

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
Configurations

Configuration 1

cpe:2.3:o:linux:linux_kernel:5.0:*:*:*:*:*:*:*
cpe:2.3:o:linux:linux_kernel:5.3:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*

Information

Published : 2020-04-24 12:15

Updated : 2020-05-26 03:18


NVD link : CVE-2019-15794

Mitre link : CVE-2019-15794

Products Affected
No products.
CWE