VYPR
Unrated severityNVD Advisory· Published Apr 23, 2020· Updated Sep 16, 2024

Reference counting error in overlayfs/shiftfs error path when used in conjuction with aufs

CVE-2019-15794

Description

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Ubuntu/Shiftfsllm-fuzzy
  • Ubuntu/Linux Kernelllm-fuzzy2 versions
    5.0 and 5.3 kernel series+ 1 more
    • (no CPE)range: 5.0 and 5.3 kernel series
    • (no CPE)range: 5.3 kernel

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.