1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-4005-1

[USN-4005-1] Linux kernel vulnerabilities

Severity High
Affected Packages 18
CVEs 2
Info Packages Vulnerabilities

Several security issues were fixed in the Linux kernel.

It was discovered that a null pointer dereference vulnerability existed in
the LSI Logic MegaRAID driver in the Linux kernel. A local attacker could
use this to cause a denial of service (system crash). (CVE-2019-11810)

It was discovered that a race condition leading to a use-after-free existed
in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux
kernel. The RDS protocol is disabled via blocklist by default in Ubuntu.
If enabled, a local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2019-11815)

Package Affected Version
pkg:deb/ubuntu/linux-image-virtual?distro=disco < 5.0.0.16.17
pkg:deb/ubuntu/linux-image-snapdragon?distro=disco < 5.0.0.1013.6
pkg:deb/ubuntu/linux-image-raspi2?distro=disco < 5.0.0.1009.6
pkg:deb/ubuntu/linux-image-lowlatency?distro=disco < 5.0.0.16.17
pkg:deb/ubuntu/linux-image-kvm?distro=disco < 5.0.0.1007.7
pkg:deb/ubuntu/linux-image-gke?distro=disco < 5.0.0.1007.7
pkg:deb/ubuntu/linux-image-generic?distro=disco < 5.0.0.16.17
pkg:deb/ubuntu/linux-image-generic-lpae?distro=disco < 5.0.0.16.17
pkg:deb/ubuntu/linux-image-gcp?distro=disco < 5.0.0.1007.7
pkg:deb/ubuntu/linux-image-aws?distro=disco < 5.0.0.1007.7
pkg:deb/ubuntu/linux-image-5.0.0-16-lowlatency?distro=disco < 5.0.0-16.17
pkg:deb/ubuntu/linux-image-5.0.0-16-generic?distro=disco < 5.0.0-16.17
pkg:deb/ubuntu/linux-image-5.0.0-16-generic-lpae?distro=disco < 5.0.0-16.17
pkg:deb/ubuntu/linux-image-5.0.0-1013-snapdragon?distro=disco < 5.0.0-1013.13
pkg:deb/ubuntu/linux-image-5.0.0-1009-raspi2?distro=disco < 5.0.0-1009.9
pkg:deb/ubuntu/linux-image-5.0.0-1007-kvm?distro=disco < 5.0.0-1007.7
pkg:deb/ubuntu/linux-image-5.0.0-1007-gcp?distro=disco < 5.0.0-1007.7
pkg:deb/ubuntu/linux-image-5.0.0-1007-aws?distro=disco < 5.0.0-1007.7
ID
USN-4005-1
Severity
high
Severity from
CVE-2019-11815
URL
https://ubuntu.com/security/notices/USN-4005-1
Published
2019-06-04T22:47:53
(5 years ago)
Modified
2019-06-04T22:47:53
(5 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-image-virtual?distro=disco ubuntu linux-image-virtual < 5.0.0.16.17 disco
Affected pkg:deb/ubuntu/linux-image-snapdragon?distro=disco ubuntu linux-image-snapdragon < 5.0.0.1013.6 disco
Affected pkg:deb/ubuntu/linux-image-raspi2?distro=disco ubuntu linux-image-raspi2 < 5.0.0.1009.6 disco
Affected pkg:deb/ubuntu/linux-image-lowlatency?distro=disco ubuntu linux-image-lowlatency < 5.0.0.16.17 disco
Affected pkg:deb/ubuntu/linux-image-kvm?distro=disco ubuntu linux-image-kvm < 5.0.0.1007.7 disco
Affected pkg:deb/ubuntu/linux-image-gke?distro=disco ubuntu linux-image-gke < 5.0.0.1007.7 disco
Affected pkg:deb/ubuntu/linux-image-generic?distro=disco ubuntu linux-image-generic < 5.0.0.16.17 disco
Affected pkg:deb/ubuntu/linux-image-generic-lpae?distro=disco ubuntu linux-image-generic-lpae < 5.0.0.16.17 disco
Affected pkg:deb/ubuntu/linux-image-gcp?distro=disco ubuntu linux-image-gcp < 5.0.0.1007.7 disco
Affected pkg:deb/ubuntu/linux-image-aws?distro=disco ubuntu linux-image-aws < 5.0.0.1007.7 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-16-lowlatency?distro=disco ubuntu linux-image-5.0.0-16-lowlatency < 5.0.0-16.17 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-16-generic?distro=disco ubuntu linux-image-5.0.0-16-generic < 5.0.0-16.17 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-16-generic-lpae?distro=disco ubuntu linux-image-5.0.0-16-generic-lpae < 5.0.0-16.17 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1013-snapdragon?distro=disco ubuntu linux-image-5.0.0-1013-snapdragon < 5.0.0-1013.13 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1009-raspi2?distro=disco ubuntu linux-image-5.0.0-1009-raspi2 < 5.0.0-1009.9 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1007-kvm?distro=disco ubuntu linux-image-5.0.0-1007-kvm < 5.0.0-1007.7 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1007-gcp?distro=disco ubuntu linux-image-5.0.0-1007-gcp < 5.0.0-1007.7 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1007-aws?distro=disco ubuntu linux-image-5.0.0-1007-aws < 5.0.0-1007.7 disco
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date