Security tracker / CVE-2019-15794

CVE-2019-15794

Reference counting error in overlayfs/shiftfs error path when used in conjuction with aufs

References

• Debian security tracker
• cve.org
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15794
• https://usn.ubuntu.com/usn/usn-4208-1
• https://usn.ubuntu.com/usn/usn-4209-1
• https://bugs.launchpad.net/bugs/1850994

Notes

 bwh> We no longer carry the aufs support patch.

Bugs

Status

Branch	Status
upstream	N/A "introduced by aufs support patch"
6.18-upstream-stable
6.17-upstream-stable
6.12-upstream-stable
6.6-upstream-stable
6.1-upstream-stable	N/A "introduced by aufs support patch"
5.10-upstream-stable	N/A "introduced by aufs support patch"
4.19-upstream-stable	N/A "introduced by aufs support patch"
4.9-upstream-stable	N/A "introduced by aufs support patch"
3.16-upstream-stable	N/A "introduced by aufs support patch"
sid	released (5.16.7-1)
6.12-trixie-security
6.1-bookworm-security	N/A "Fixed before branch point"
5.10-bullseye-security	needed
4.9-stretch-security	N/A "overlayfs passes through mmap"
3.16-jessie-security	N/A "overlayfs not present"