Fixed
Created: Dec 8, 2019
Updated: Apr 22, 2022
Resolved Date: Jul 31, 2020
Found In Version: 10.17.41.1
Fix Version: 10.17.41.22
Severity: Standard
Applicable for: Wind River Linux LTS 17
Component/s: Kernel
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
CREATE(Triage):(User=admin) CVE-2019-19447 (https://nvd.nist.gov/vuln/detail/CVE-2019-19447)