retired/CVE-2019-10125


1
2
3
4
5
6
7
8
9
10
11
12
13
14

Description: aio: take an extra file reference before call vfs_poll()
References:
 https://patchwork.kernel.org/patch/10828359/
Notes:
 carnil> Fixes bfe4037e722e ("aio: implement IOCB_CMD_POLL") which is in
 carnil> 4.19-rc1 onwards.
Bugs:
upstream: released (5.1-rc1) [84c4e1f89fefe70554da0ab33be72c9be7994379]
4.19-upstream-stable: released (4.19.38) [d6b2615f7d31d8e58b685d42dbafcc7dc1204bbd]
4.9-upstream-stable: N/A "Vulnerable code introduced later"
3.16-upstream-stable: N/A "Vulnerable code introduced later"
sid: released (4.19.37-1) [bugfix/all/0009-aio-simplify-and-fix-fget-fput-for-io_submit.patch]
4.9-stretch-security: N/A "Vulnerable code introduced later"
3.16-jessie-security: N/A "Vulnerable code introduced later"