Main Vulnerability Database Exploits ID:10052 - Exploit for Operation on a resource after expiration or release in Linux kernel - CVE-2019-15794

ID:10052 - Exploit for Operation on a resource after expiration or release in Linux kernel - CVE-2019-15794

Published: June 20, 2024

Vulnerability identifier: #VU92769

Vulnerability risk: Low

CVE-ID: CVE-2019-15794

CWE-ID: CWE-672

Exploitation vector: Local access

Vulnerable software:
Linux kernel

Link to public exploit:

https://www.exploit-db.com/exploits/47692/

Vulnerability description

The vulnerability allows a local privileged user to execute arbitrary code.

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.

Remediation

Install update from vendor's repository.

ID:10052 - Exploit for Operation on a resource after expiration or release in Linux kernel - CVE-2019-15794

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human