UBUNTU-CVE-2019-15792

See a problem?
Please try reporting it to the source first.
Source
https://ubuntu.com/security/CVE-2019-15792
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-15792.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2019-15792
Upstream
  • CVE-2019-15792
Downstream
Related
Published
2019-11-12T18:00:00Z
Modified
2025-07-18T16:45:18Z
Severity
  • 7.8 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
  • 7.1 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace() calls fdget(oldfd), then without further checks passes the resulting file* into shiftfsrealfdget(), which casts file->privatedata, a void* that points to a filesystem-dependent type, to a "struct shiftfsfileinfo *". As the privatedata is not required to be a pointer, an attacker can use this to cause a denial of service or possibly execute arbitrary code.

References

Affected packages

Ubuntu:Pro:16.04:LTS / linux-hwe-edge

Package

Name
linux-hwe-edge
Purl
pkg:deb/ubuntu/linux-hwe-edge@4.15.0-23.25~16.04.1?arch=source&distro=esm-infra/xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.8.0-28.30~16.04.1
4.8.0-30.32~16.04.1
4.8.0-32.34~16.04.1
4.8.0-34.36~16.04.1
4.10.0-14.16~16.04.1
4.10.0-19.21~16.04.1
4.10.0-20.22~16.04.1
4.10.0-21.23~16.04.1
4.10.0-22.24~16.04.1
4.10.0-24.28~16.04.1
4.10.0-26.30~16.04.1
4.11.0-13.19~16.04.1
4.11.0-14.20~16.04.1
4.13.0-16.19~16.04.3
4.13.0-17.20~16.04.1
4.13.0-19.22~16.04.1
4.13.0-21.24~16.04.1
4.13.0-25.29~16.04.2
4.15.0-13.14~16.04.1
4.15.0-15.16~16.04.1
4.15.0-20.21~16.04.1
4.15.0-22.24~16.04.1
4.15.0-23.25~16.04.1

Ubuntu:Pro:18.04:LTS / linux-azure-edge

Package

Name
linux-azure-edge
Purl
pkg:deb/ubuntu/linux-azure-edge@5.0.0-1012.12~18.04.2?arch=source&distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.18.0-1006.6~18.04.1
4.18.0-1007.7~18.04.1
4.18.0-1008.8~18.04.1

5.*

5.0.0-1012.12~18.04.2

Ubuntu:Pro:18.04:LTS / linux-gcp-edge

Package

Name
linux-gcp-edge
Purl
pkg:deb/ubuntu/linux-gcp-edge@5.0.0-1013.13~18.04.1?arch=source&distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.18.0-1004.5~18.04.1
4.18.0-1005.6~18.04.1
4.18.0-1006.7~18.04.1
4.18.0-1007.8~18.04.1
4.18.0-1008.9~18.04.1
4.18.0-1009.10~18.04.1
4.18.0-1011.12~18.04.1
4.18.0-1012.13~18.04.1
4.18.0-1013.14~18.04.1
4.18.0-1015.16~18.04.1

5.*

5.0.0-1011.11~18.04.1
5.0.0-1013.13~18.04.1

Ubuntu:Pro:18.04:LTS / linux-hwe-edge

Package

Name
linux-hwe-edge
Purl
pkg:deb/ubuntu/linux-hwe-edge@5.3.0-24.26~18.04.2?arch=source&distro=esm-infra/bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.0.0-15.16~18.04.1
5.0.0-16.17~18.04.1
5.0.0-17.18~18.04.1
5.0.0-19.20~18.04.1
5.0.0-20.21~18.04.1
5.3.0-19.20~18.04.2
5.3.0-22.24~18.04.1
5.3.0-23.25~18.04.1
5.3.0-23.25~18.04.2
5.3.0-24.26~18.04.2

Ubuntu:Pro:20.04:LTS / linux-azure-fde

Package

Name
linux-azure-fde
Purl
pkg:deb/ubuntu/linux-azure-fde@5.4.0-1103.109+cvm1.1?arch=source&distro=esm-infra/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.4.0-1063.66+cvm2.2
5.4.0-1063.66+cvm3.2
5.4.0-1064.67+cvm1.1
5.4.0-1065.68+cvm2.1
5.4.0-1067.70+cvm1.1
5.4.0-1068.71+cvm1.1
5.4.0-1069.72+cvm1.1
5.4.0-1070.73+cvm1.1
5.4.0-1072.75+cvm1.1
5.4.0-1073.76+cvm1.1
5.4.0-1074.77+cvm1.1
5.4.0-1076.79+cvm1.1
5.4.0-1078.81+cvm1.1
5.4.0-1080.83+cvm1.1
5.4.0-1083.87+cvm1.1
5.4.0-1085.90+cvm1.1
5.4.0-1085.90+cvm2.1
5.4.0-1086.91+cvm1.1
5.4.0-1089.94+cvm1.2
5.4.0-1090.95+cvm1.1
5.4.0-1091.96+cvm1.1
5.4.0-1092.97+cvm1.1
5.4.0-1095.101+cvm1.1
5.4.0-1098.104+cvm1.1
5.4.0-1100.106+cvm1.1
5.4.0-1103.109+cvm1.1

Ubuntu:Pro:20.04:LTS / linux-gke

Package

Name
linux-gke
Purl
pkg:deb/ubuntu/linux-gke@5.4.0-1105.112?arch=source&distro=esm-infra/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.4.0-1033.35
5.4.0-1035.37
5.4.0-1036.38
5.4.0-1037.39
5.4.0-1039.41
5.4.0-1041.43
5.4.0-1042.44
5.4.0-1043.45
5.4.0-1044.46
5.4.0-1046.48
5.4.0-1049.52
5.4.0-1051.54
5.4.0-1052.55
5.4.0-1053.56
5.4.0-1054.57
5.4.0-1055.58
5.4.0-1056.59
5.4.0-1057.60
5.4.0-1059.62
5.4.0-1061.64
5.4.0-1062.65
5.4.0-1063.66
5.4.0-1065.68
5.4.0-1066.69
5.4.0-1067.70
5.4.0-1068.71
5.4.0-1071.76
5.4.0-1072.77
5.4.0-1074.79
5.4.0-1076.82
5.4.0-1078.84
5.4.0-1080.86
5.4.0-1081.87
5.4.0-1083.89
5.4.0-1084.90
5.4.0-1086.93
5.4.0-1087.94
5.4.0-1090.97
5.4.0-1091.98
5.4.0-1094.101
5.4.0-1095.102
5.4.0-1096.103
5.4.0-1097.104
5.4.0-1098.105
5.4.0-1099.106
5.4.0-1100.107
5.4.0-1101.108
5.4.0-1102.109
5.4.0-1103.110
5.4.0-1104.111
5.4.0-1105.112

Ubuntu:Pro:20.04:LTS / linux-gkeop

Package

Name
linux-gkeop
Purl
pkg:deb/ubuntu/linux-gkeop@5.4.0-1102.106?arch=source&distro=esm-infra/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.4.0-1008.9
5.4.0-1009.10
5.4.0-1010.11
5.4.0-1011.12
5.4.0-1012.13
5.4.0-1013.14
5.4.0-1014.15
5.4.0-1015.16
5.4.0-1016.17
5.4.0-1018.19
5.4.0-1021.22
5.4.0-1022.23
5.4.0-1023.24
5.4.0-1024.25
5.4.0-1025.26
5.4.0-1026.27
5.4.0-1027.28
5.4.0-1029.30
5.4.0-1031.32
5.4.0-1032.33
5.4.0-1033.34
5.4.0-1034.35
5.4.0-1036.37
5.4.0-1037.38
5.4.0-1038.39
5.4.0-1039.40
5.4.0-1040.41
5.4.0-1043.44
5.4.0-1046.48
5.4.0-1048.51
5.4.0-1049.52
5.4.0-1051.54
5.4.0-1052.55
5.4.0-1053.56
5.4.0-1054.57
5.4.0-1056.60
5.4.0-1057.61
5.4.0-1060.64
5.4.0-1061.65
5.4.0-1062.66
5.4.0-1064.68
5.4.0-1065.69
5.4.0-1066.70
5.4.0-1067.71
5.4.0-1068.72
5.4.0-1069.73
5.4.0-1070.74
5.4.0-1071.75
5.4.0-1072.76
5.4.0-1073.77
5.4.0-1074.78
5.4.0-1075.79
5.4.0-1076.80
5.4.0-1077.81
5.4.0-1078.82
5.4.0-1079.83
5.4.0-1080.84
5.4.0-1081.85
5.4.0-1083.87
5.4.0-1084.88
5.4.0-1085.89
5.4.0-1086.90
5.4.0-1087.91
5.4.0-1088.92
5.4.0-1089.93
5.4.0-1090.94
5.4.0-1091.95
5.4.0-1092.96
5.4.0-1093.97
5.4.0-1094.98
5.4.0-1095.99
5.4.0-1096.100
5.4.0-1097.101
5.4.0-1098.102
5.4.0-1099.103
5.4.0-1100.104
5.4.0-1101.105
5.4.0-1102.106

Ubuntu:Pro:20.04:LTS / linux-gkeop-5.15

Package

Name
linux-gkeop-5.15
Purl
pkg:deb/ubuntu/linux-gkeop-5.15@5.15.0-1055.62~20.04.1?arch=source&distro=esm-infra/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.0-1003.5~20.04.2
5.15.0-1005.7~20.04.1
5.15.0-1007.10~20.04.1
5.15.0-1008.12~20.04.1
5.15.0-1011.15~20.04.2
5.15.0-1012.16~20.04.1
5.15.0-1013.17~20.04.1
5.15.0-1015.19~20.04.1
5.15.0-1016.21~20.04.1
5.15.0-1017.22~20.04.1
5.15.0-1018.23~20.04.1
5.15.0-1019.24~20.04.1
5.15.0-1020.25~20.04.1
5.15.0-1021.26~20.04.1
5.15.0-1022.27~20.04.1
5.15.0-1023.28~20.04.1
5.15.0-1024.29~20.04.1
5.15.0-1025.30~20.04.1
5.15.0-1026.31~20.04.1
5.15.0-1027.32~20.04.1
5.15.0-1028.33~20.04.1
5.15.0-1030.35~20.04.1
5.15.0-1031.37~20.04.1
5.15.0-1032.38~20.04.1
5.15.0-1033.39~20.04.1
5.15.0-1034.40~20.04.1
5.15.0-1035.41~20.04.1
5.15.0-1036.42~20.04.1
5.15.0-1037.43~20.04.1
5.15.0-1038.44~20.04.1
5.15.0-1039.45~20.04.1
5.15.0-1040.46~20.04.1
5.15.0-1043.50~20.04.1
5.15.0-1044.51~20.04.1
5.15.0-1045.52~20.04.1
5.15.0-1046.53~20.04.1
5.15.0-1047.54~20.04.1
5.15.0-1048.55~20.04.1
5.15.0-1049.56~20.04.1
5.15.0-1050.57~20.04.1
5.15.0-1051.58~20.04.1
5.15.0-1052.59~20.04.1
5.15.0-1053.60~20.04.1
5.15.0-1054.61~20.04.1
5.15.0-1055.62~20.04.1

Ubuntu:Pro:20.04:LTS / linux-raspi2

Package

Name
linux-raspi2
Purl
pkg:deb/ubuntu/linux-raspi2@5.4.0-1006.6?arch=source&distro=esm-infra/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.3.0-1007.8
5.3.0-1014.16
5.3.0-1015.17
5.3.0-1017.19
5.4.0-1004.4
5.4.0-1006.6

Ubuntu:Pro:20.04:LTS / linux-riscv

Package

Name
linux-riscv
Purl
pkg:deb/ubuntu/linux-riscv@5.4.0-40.45?arch=source&distro=esm-infra/focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.4.0-24.28
5.4.0-26.30
5.4.0-27.31
5.4.0-28.32
5.4.0-30.34
5.4.0-31.35
5.4.0-33.37
5.4.0-34.38
5.4.0-36.41
5.4.0-37.42
5.4.0-39.44
5.4.0-40.45

Ubuntu:22.04:LTS / linux-intel-iot-realtime

Package

Name
linux-intel-iot-realtime
Purl
pkg:deb/ubuntu/linux-intel-iot-realtime@5.15.0-1073.75?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.0-1073.75

Ubuntu:22.04:LTS / linux-realtime

Package

Name
linux-realtime
Purl
pkg:deb/ubuntu/linux-realtime@5.15.0-1032.35?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.15.0-1032.35

Ubuntu:22.04:LTS / linux-riscv

Package

Name
linux-riscv
Purl
pkg:deb/ubuntu/linux-riscv@5.15.0-1028.32?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.13.0-1004.4
5.13.0-1006.6+22.04.1
5.13.0-1007.7+22.04.1
5.13.0-1010.11+22.04.1
5.15.0-1004.4
5.15.0-1005.5
5.15.0-1006.6
5.15.0-1007.7
5.15.0-1008.8
5.15.0-1011.12
5.15.0-1012.13
5.15.0-1014.16
5.15.0-1015.17
5.15.0-1016.18
5.15.0-1017.19
5.15.0-1018.21
5.15.0-1019.22
5.15.0-1020.23
5.15.0-1022.26
5.15.0-1023.27
5.15.0-1026.30
5.15.0-1027.31
5.15.0-1028.32

Ubuntu:24.04:LTS / linux-raspi-realtime

Package

Name
linux-raspi-realtime
Purl
pkg:deb/ubuntu/linux-raspi-realtime@6.8.0-2019.20?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

6.*

6.8.0-2019.20