Description: btrfs: crafted image causes use-after-free in rwsem_can_spin_on_owner
References:
 https://github.com/bobfuzzer/CVE/tree/master/CVE-2019-19318
Notes:
 carnil> Introduced in 78134300579a ("locking/rwsem: Don't call
 carnil> owner_on_cpu() on read-owner") in 5.3-rc2?
 bwh> I don't think so.  That commit did not introduce the dereference of
 bwh> the owner pointer, and the issue is also said to be reproducible on
 bwh> 5.0.21 (which does not have a backport of it).
Bugs:
upstream: released (5.4)
4.19-upstream-stable:
4.9-upstream-stable:
3.16-upstream-stable: ignored "EOL"
sid: released (5.4.6-1)
4.19-buster-security:
4.9-stretch-security:
3.16-jessie-security: ignored "EOL"