CVE-2019-19319

MEDIUM Year: 2019
CVSS v3 Score
6.5
Medium
CVSS v2 Score
4.4
Medium
Weakness Type
CWE-416
View all →

Vulnerability Description

In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a memset call, aka CID-345c0dbf3a30.

Related Vulnerabilities

CVE-2009-2416

MEDIUM
CVSS:6.5(Medium)

Multiple use-after-free vulnerabilities in libxml2 2.5.10, 2.6.16, 2.6.26, 2.6.27, and 2.6.32, and libxml 1.8.17, allow context-dependent attackers to cause a denial of service (application crash) via...

CWE-4162009

CVE-2010-0629

MEDIUM
CVSS:6.5(Medium)

Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5) 1.5 through 1.6.3 allows remote authenticated users to cause a denial of service (daemon crash) via...

CWE-4162010

CVE-2011-2334

MEDIUM
CVSS:6.5(Medium)

Use after free vulnerability exists in WebKit in Google Chrome before Blink M12 in RenderLayerwhen removing elements with reflections.

CWE-4162011

CVE-2011-2353

MEDIUM
CVSS:6.5(Medium)

Use after free vulnerability in documentloader in WebKit in Google Chrome before Blink M13 in DocumentWriter::replaceDocument function.

CWE-4162011

CVE-2014-9482

MEDIUM
CVSS:6.5(Medium)

Use-after-free vulnerability in dwarfdump in libdwarf 20130126 through 20140805 might allow remote attackers to cause a denial of service (program crash) via a crafted ELF file.

CWE-4162014

CVE-2016-7591

MEDIUM
CVSS:6.5(Medium)

An issue was discovered in certain Apple products. iOS before 10.2 is affected. macOS before 10.12.2 is affected. watchOS before 3.1.3 is affected. The issue involves the "IOHIDFamily" component. It a...

CWE-4162016