netapp active-iq-unified-manager CVE-2019-19813 vulnerability in NetApp and Other Products
Published on December 17, 2019

product logo product logo product logo product logo
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and btrfs_insert_delayed_items in fs/btrfs/delayed-inode.c.

Vendor Advisory NVD


Products Associated with CVE-2019-19813

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-19813 are published in these products:

NetApp Active Iq Unified Manager
 
NetApp Data Availability Services
 
NetApp Hci Management Node
 
NetApp Solidfire
 
NetApp Steelstore Cloud Integrated Storage
 
Canonical Ubuntu Linux
 
Debian Linux
 
Linux Kernel
 

Exploit Probability

EPSS
0.71%
Percentile
71.85%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.