CVE-2019-10125

Published: 3/27/2019 Last updated: 8/4/2024 Reserved: 3/27/2019

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.

CNA assigner: mitre (8254265b-2729-46b6-b9e3-3dfca2d5bfca) Requested by: n/a

Opam packages affected (29)

albatross cdrom conf-bpftool conf-libbpf conf-linux-libc-dev core core_unix hvsock mirage-block-unix mm ocaml-probes ortools_solvers orun rawlink rawlink-eio rawlink-lwt restricted shell solo5 solo5-bindings-hvt solo5-bindings-spt solo5-cross-aarch64 solo5-kernel-ukvm tracy-client tuntap uring vhd-format vhd-format-lwt xapi-stdext-unix

Products affected (1)

Product	Vendor	Version
n/a	n/a	< 0cb21f1ea3a2e19ee314a8fcf95461b5c453c59e

References (16)

https://patchwork.kernel.org/patch/10828359/
http://www.securityfocus.com/bid/107655
https://security.netapp.com/advisory/ntap-20190411-0003/
https://support.f5.com/csp/article/K29215970
https://patchwork.kernel.org/patch/10828359/
http://www.securityfocus.com/bid/107655
https://security.netapp.com/advisory/ntap-20190411-0003/
https://support.f5.com/csp/article/K29215970
https://patchwork.kernel.org/patch/10828359/
http://www.securityfocus.com/bid/107655
https://security.netapp.com/advisory/ntap-20190411-0003/
https://support.f5.com/csp/article/K29215970
https://patchwork.kernel.org/patch/10828359/
http://www.securityfocus.com/bid/107655
https://security.netapp.com/advisory/ntap-20190411-0003/
https://support.f5.com/csp/article/K29215970