LOW
fs/btrfs/volumes.c in the Linux kernel before 5.1 allows a btrfs_verify_dev_extents NULL pointer dereference via a crafted btrfs image because fs_devices->devices is mishandled within find_device, aka CID-09ba3bc9dd15.
http://packetstormsecurity.com/files/156185/Kernel-Live-Patch-Security-Notice-LSN-0062-1.html
https://github.com/bobfuzzer/CVE-2019-18885
https://github.com/torvalds/linux/commit/09ba3bc9dd150457c506e4661380a6183af651c1
https://lists.debian.org/debian-lts-announce/2020/08/msg00019.html
https://security.netapp.com/advisory/ntap-20191205-0001/
https://usn.ubuntu.com/4254-1/
https://usn.ubuntu.com/4254-2/
https://usn.ubuntu.com/4258-1/
Source: MITRE
Published: 2019-11-14
Updated: 2020-08-12
Type: CWE-476
Base Score: 2.1
Vector: AV:L/AC:L/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 3.9
Severity: LOW
Base Score: 5.5
Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 1.8
Severity: MEDIUM