← Back

CVE-2019-11833

nvd nist
Published: May 15, 2019Modified: Nov 21, 2024

JSON object

Loading...
5.5
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Exploitability: 1.8 / Impact: 3.6
Source: NVD

Description

fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.

Affected (32)

Show all products
Linux: Linux Kernel · Fedoraproject: Fedora · Debian: Debian Linux · Canonical: Ubuntu Linux · Redhat: Enterprise Linux, Enterprise Linux Desktop, Enterprise Linux Eus, Enterprise Linux For Real Time, Enterprise Linux For Real Time For Nfv, Enterprise Linux For Real Time For Nfv Tus, Enterprise Linux For Real Time Tus, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Tus, Enterprise Linux Workstation
Linux
1 product
Linux Kernel
Fedoraproject
1 product
Fedora
Debian
1 product
Debian Linux
Canonical
1 product
Ubuntu Linux
Redhat
11 products
Enterprise Linux
Enterprise Linux Desktop
Enterprise Linux Eus
Enterprise Linux For Real Time
Enterprise Linux For Real Time For Nfv
Enterprise Linux For Real Time For Nfv Tus
Enterprise Linux For Real Time Tus
Enterprise Linux Server
Enterprise Linux Server Aus
Enterprise Linux Server Tus
Enterprise Linux Workstation
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Linux Kernel
Up to 5.1.2
Configuration B
1 vulnerable
Vulnerable SoftwareAffected Versions
Fedora
Version 29
Configuration C
2 vulnerable
Vulnerable SoftwareAffected Versions
Debian
Debian Linux
Version 8.0
Debian Linux
Version 9.0
Configuration D
4 vulnerable
Vulnerable SoftwareAffected Versions
Canonical
Ubuntu Linux
Version 14.04
Ubuntu Linux
Version 16.04
Ubuntu Linux
Version 18.04
Ubuntu Linux
Version 19.04
Configuration E
24 vulnerable
Vulnerable SoftwareAffected Versions
Enterprise Linux
Version 8.0
Enterprise Linux Desktop
Version 7.0
Redhat
Enterprise Linux Eus
Version 8.1
Enterprise Linux Eus
Version 8.2
Enterprise Linux Eus
Version 8.4
Enterprise Linux Eus
Version 8.6
Redhat
Enterprise Linux For Real Time
Version 7
Enterprise Linux For Real Time
Version 8.0
Redhat
Enterprise Linux For Real Time For Nfv
Version 7
Enterprise Linux For Real Time For Nfv
Version 8.0
Redhat
Enterprise Linux For Real Time For Nfv Tus
Version 8.2
Enterprise Linux For Real Time For Nfv Tus
Version 8.4
Enterprise Linux For Real Time For Nfv Tus
Version 8.6
Redhat
Enterprise Linux For Real Time Tus
Version 8.2
Enterprise Linux For Real Time Tus
Version 8.4
Enterprise Linux For Real Time Tus
Version 8.6
Enterprise Linux Server
Version 7.0
Redhat
Enterprise Linux Server Aus
Version 8.2
Enterprise Linux Server Aus
Version 8.4
Enterprise Linux Server Aus
Version 8.6
Redhat
Enterprise Linux Server Tus
Version 8.2
Enterprise Linux Server Tus
Version 8.4
Enterprise Linux Server Tus
Version 8.6
Enterprise Linux Workstation
Version 7.0

Related CWEs

CWE-908
Use of Uninitialized Resource
The product uses or accesses a resource that has not been initialized.

References (44)

Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Third Party AdvisoryVDB Entry
Source: cve@mitre.org
Broken LinkThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
PatchThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Mailing ListThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
PatchThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Mailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.