VDB
CVE-2019-19814
CVE-2019-19814
PUBLISHED
In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
EPSS 0.69% · 72.3th percentile
Risk Scores
EPSS Score
0.69%
72.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:Pro:14.04:LTS | linux-azure | 4.15.0-1196.211~14.04.1, 4.15.0-1195.210~14.04.1, 4.15.0-1108.120~14.04.1 |
| Ubuntu:22.04:LTS | linux-nvidia-tegra-igx | 5.15.0-1042.42, 0, 5.15.0-1001.1 |
| Ubuntu:25.10 | linux-riscv | 6.17.0-6.6.1, 6.17.0-4.4.1, 6.17.0-12.12.1 |
| Ubuntu:20.04:LTS | linux-oracle-5.11 | 5.11.0-1023.24~20.04.1, 5.11.0-1008.8~20.04.1, 5.11.0-1025.27~20.04.1 |
| Ubuntu:24.04:LTS | linux-azure | 6.8.0-1038.44, 6.8.0-1040.46, 6.8.0-1014.16 |
| Ubuntu:Pro:FIPS-updates:18.04:LTS | linux-azure-fips | 4.15.0-2071.77, 4.15.0-2070.76, 4.15.0-2068.74 |
| Ubuntu:24.04:LTS | linux-lowlatency | 6.8.0-54.56.1, 6.5.0-9.9.1, 6.8.0-7.7.1 |
| Ubuntu:25.10 | linux-azure-fde | 0, 6.17.0-1003.3, 6.17.0-1004.4 |
| Ubuntu:22.04:LTS | linux-aws | 5.15.0-1002.4, 5.15.0-1003.5, 5.15.0-1004.6 |
| Ubuntu:22.04:LTS | linux-allwinner-5.19 | 0, 5.19.0-1013.13~22.04.1, 5.19.0-1014.14~22.04.1 |
| Ubuntu:16.04:LTS | linux-hwe-edge | 4.13.0-17.20~16.04.1, *, * |
| Ubuntu:24.04:LTS | linux-azure-fde | 6.8.0-1041.48, 6.8.0-1046.53, 0 |
| Ubuntu:20.04:LTS | linux-gcp-5.8 | 0, 5.8.0-1039.41, 5.8.0-1032.34~20.04.1 |
| Ubuntu:22.04:LTS | linux-oem-6.1 | 6.1.0-1025.25, 6.1.0-1009.9, 6.1.0-1008.8 |
| Ubuntu:20.04:LTS | linux-raspi2 | 5.4.0-1006.6, 5.4.0-1004.4, 5.3.0-1017.19 |
| Ubuntu:22.04:LTS | linux-gcp-6.2 | 6.2.0-1013.13~22.04.1, 0, 6.2.0-1009.9~22.04.3 |
| Ubuntu:22.04:LTS | linux-intel-iot-realtime | 5.15.0-1073.75, 0 |
| Ubuntu:Pro:FIPS:18.04:LTS | linux-aws-fips | 0, 4.15.0-2000.4 |
| Ubuntu:22.04:LTS | linux-gcp-6.8 | 6.8.0-1021.23~22.04.1, 6.8.0-1020.22~22.04.1, 6.8.0-1019.21~22.04.1 |
| Ubuntu:Pro:20.04:LTS | linux-aws | 5.4.0-1032.33, 5.4.0-1030.31, 5.4.0-1028.29 |
…and 219 more
Exploit Intelligence
Timeline
- Dec 17, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
- Jan 8, 2023 EPSS Score
References
- https://ubuntu.com/security/CVE-2019-19814 third-party-advisory
- https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19814 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2019-19814 third-party-advisory