Allele Security Alert
ASA-2019-00156
Identifier(s)
ASA-2019-00156, CVE-2019-9857
Title
Object fsnotify_mark refcount leak in inotify_update_existing_watch()
Vendor(s)
Linux foundation
Product(s)
Linux kernel
Affected version(s)
Linux kernel versions before 5.1
Linux kernel versions 5.0.x before 5.0.9
Linux kernel versions 4.19.x before 4.19.36
Linux kernel versions since the following commit:
inotify: Add flag IN_MASK_CREATE for inotify_add_watch()
https://github.com/torvalds/linux/commit/4d97f7d53da7dc830dbf416a3d2a6778d267ae68
Fixed version(s)
Linux kernel version 5.1
Linux kernel version 5.0.9
Linux kernel version 4.19.36
Linux kernel versions with the following commit applied:
inotify: Fix fsnotify_mark refcount leak in inotify_update_existing_watch()
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62c9d2674b31d4c8a674bee86b7edc6da2803aea
Proof of concept
Unknown
Description
In the Linux kernel since commit 4d97f7d53da7dc83 (“inotify: Add flag IN_MASK_CREATE for inotify_add_watch()”), the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak).
Technical details
Linux foundation
Credits
ZhangXiaoxu
Reference(s)
inotify: Fix fsnotify_mark refcount leak in inotify_update_existing_watch()
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=62c9d2674b31d4c8a674bee86b7edc6da2803aea
inotify: Add flag IN_MASK_CREATE for inotify_add_watch()
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=4d97f7d53da7dc830dbf416a3d2a6778d267ae68
inotify: Fix fsnotify_mark refcount leak in inotify_update_existing_watch
https://github.com/torvalds/linux/commit/62c9d2674b31d4c8a674bee86b7edc6da2803aea
inotify: Add flag IN_MASK_CREATE for inotify_add_watch()
https://github.com/torvalds/linux/commit/4d97f7d53da7dc830dbf416a3d2a6778d267ae68
Linux 5.1
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1
Linux 5.0.9
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.0.9
Linux 4.19.36
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.36
CVE-2019-9857 - Red Hat Customer Portal
https://access.redhat.com/security/cve/CVE-2019-9857
CVE-2019-9857 | SUSE
https://www.suse.com/security/cve/CVE-2019-9857
CVE-2019-9857
https://security-tracker.debian.org/tracker/CVE-2019-9857
https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9857.html
CVE-2019-9857
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9857
CVE-2019-9857
https://nvd.nist.gov/vuln/detail/CVE-2019-9857
If there is any error in this alert or you wish a comprehensive analysis, let us know.
Last modified: November 29, 2019