retired/CVE-2019-9857


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16

Description: inotify: Fix fsnotify_mark refcount leak in inotify_update_existing_watch()
References:
 https://patchwork.kernel.org/patch/10836283/
 https://git.kernel.org/pub/scm/linux/kernel/git/jack/linux-fs.git/commit/?h=fsnotify&id=62c9d2674b31d4c8a674bee86b7edc6da2803aea
Notes:
 carnil> fixes 4d97f7d53da7dc83 ("inotify: Add flag IN_MASK_CREATE for
 carnil> inotify_add_watch()") in 4.19-rc1 and does not seem to be
 carnil> backported to older versions.
Bugs:
upstream: released (5.1-rc2) [62c9d2674b31d4c8a674bee86b7edc6da2803aea]
4.19-upstream-stable: released (4.19.36) [ca306c17d2edcc8aa3bf1724a5cb1ecefc31ef3b]
4.9-upstream-stable: N/A "Vulnerable code not present"
3.16-upstream-stable: N/A "Vulnerable code not present"
sid: released (4.19.37-1)
4.9-stretch-security: N/A "Vulnerable code not present"
3.16-jessie-security: N/A "Vulnerable code not present"