{"id":"CVE-2019-8912","details":"In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.","modified":"2026-03-12T23:30:28.614628Z","published":"2019-02-18T18:29:00.380Z","related":["SUSE-SU-2019:0726-1","SUSE-SU-2019:0740-1","SUSE-SU-2019:0745-1","SUSE-SU-2019:0765-1","SUSE-SU-2019:0767-1","SUSE-SU-2019:0784-1","SUSE-SU-2019:0785-1","SUSE-SU-2019:0845-1","openSUSE-SU-2019:1193-1","openSUSE-SU-2024:10728-1","openSUSE-SU-2024:13704-1"],"references":[{"type":"ADVISORY","url":"https://usn.ubuntu.com/3931-2/"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00052.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/107063"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2020:0174"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3930-2/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3931-1/"},{"type":"ADVISORY","url":"https://usn.ubuntu.com/3930-1/"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-8912"},{"type":"FIX","url":"http://patchwork.ozlabs.org/patch/1042902/"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"4.10"},{"fixed":"4.14.103"}]},{"events":[{"introduced":"4.19"},{"fixed":"4.19.25"}]},{"events":[{"introduced":"4.20"},{"fixed":"4.20.12"}]},{"events":[{"introduced":"0"},{"last_affected":"5.0-rc1"}]},{"events":[{"introduced":"0"},{"last_affected":"5.0-rc2"}]},{"events":[{"introduced":"0"},{"last_affected":"5.0-rc3"}]},{"events":[{"introduced":"0"},{"last_affected":"5.0-rc4"}]},{"events":[{"introduced":"0"},{"last_affected":"5.0-rc5"}]},{"events":[{"introduced":"0"},{"last_affected":"5.0-rc6"}]},{"events":[{"introduced":"0"},{"last_affected":"5.0-rc7"}]},{"events":[{"introduced":"0"},{"last_affected":"5.0-rc8"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"14.04"}]},{"events":[{"introduced":"0"},{"last_affected":"16.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.04"}]},{"events":[{"introduced":"0"},{"last_affected":"18.10"}]},{"events":[{"introduced":"0"},{"last_affected":"15.0"}]}],"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-8912.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}]}