1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-4006-1

[USN-4006-1] Linux kernel vulnerability

Severity Low
Affected Packages 22
CVEs 1
Info Packages Vulnerabilities

A system hardening measure could be bypassed.

Federico Manuel Bento discovered that the Linux kernel did not properly
apply Address Space Layout Randomization (ASLR) in some situations for
setuid a.out binaries. A local attacker could use this to improve the
chances of exploiting an existing vulnerability in a setuid a.out binary.

As a hardening measure, this update disables a.out support.

Package Affected Version
pkg:deb/ubuntu/linux-image-virtual?distro=cosmic < 4.18.0.21.22
pkg:deb/ubuntu/linux-image-snapdragon?distro=cosmic < 4.18.0.21.22
pkg:deb/ubuntu/linux-image-raspi2?distro=cosmic < 4.18.0.1015.12
pkg:deb/ubuntu/linux-image-powerpc64-smp?distro=cosmic < 4.18.0.21.22
pkg:deb/ubuntu/linux-image-powerpc64-emb?distro=cosmic < 4.18.0.21.22
pkg:deb/ubuntu/linux-image-powerpc-smp?distro=cosmic < 4.18.0.21.22
pkg:deb/ubuntu/linux-image-powerpc-e500mc?distro=cosmic < 4.18.0.21.22
pkg:deb/ubuntu/linux-image-lowlatency?distro=cosmic < 4.18.0.21.22
pkg:deb/ubuntu/linux-image-kvm?distro=cosmic < 4.18.0.1013.13
pkg:deb/ubuntu/linux-image-gke?distro=cosmic < 4.18.0.1012.12
pkg:deb/ubuntu/linux-image-generic?distro=cosmic < 4.18.0.21.22
pkg:deb/ubuntu/linux-image-generic-lpae?distro=cosmic < 4.18.0.21.22
pkg:deb/ubuntu/linux-image-gcp?distro=cosmic < 4.18.0.1012.12
pkg:deb/ubuntu/linux-image-aws?distro=cosmic < 4.18.0.1017.17
pkg:deb/ubuntu/linux-image-4.18.0-21-snapdragon?distro=cosmic < 4.18.0-21.22
pkg:deb/ubuntu/linux-image-4.18.0-21-lowlatency?distro=cosmic < 4.18.0-21.22
pkg:deb/ubuntu/linux-image-4.18.0-21-generic?distro=cosmic < 4.18.0-21.22
pkg:deb/ubuntu/linux-image-4.18.0-21-generic-lpae?distro=cosmic < 4.18.0-21.22
pkg:deb/ubuntu/linux-image-4.18.0-1017-aws?distro=cosmic < 4.18.0-1017.19
pkg:deb/ubuntu/linux-image-4.18.0-1015-raspi2?distro=cosmic < 4.18.0-1015.17
pkg:deb/ubuntu/linux-image-4.18.0-1013-kvm?distro=cosmic < 4.18.0-1013.13
pkg:deb/ubuntu/linux-image-4.18.0-1012-gcp?distro=cosmic < 4.18.0-1012.13
ID
USN-4006-1
Severity
low
Severity from
CVE-2019-11191
URL
https://ubuntu.com/security/notices/USN-4006-1
Published
2019-06-04T22:44:54
(5 years ago)
Modified
2019-06-04T22:44:54
(5 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-image-virtual?distro=cosmic ubuntu linux-image-virtual < 4.18.0.21.22 cosmic
Affected pkg:deb/ubuntu/linux-image-snapdragon?distro=cosmic ubuntu linux-image-snapdragon < 4.18.0.21.22 cosmic
Affected pkg:deb/ubuntu/linux-image-raspi2?distro=cosmic ubuntu linux-image-raspi2 < 4.18.0.1015.12 cosmic
Affected pkg:deb/ubuntu/linux-image-powerpc64-smp?distro=cosmic ubuntu linux-image-powerpc64-smp < 4.18.0.21.22 cosmic
Affected pkg:deb/ubuntu/linux-image-powerpc64-emb?distro=cosmic ubuntu linux-image-powerpc64-emb < 4.18.0.21.22 cosmic
Affected pkg:deb/ubuntu/linux-image-powerpc-smp?distro=cosmic ubuntu linux-image-powerpc-smp < 4.18.0.21.22 cosmic
Affected pkg:deb/ubuntu/linux-image-powerpc-e500mc?distro=cosmic ubuntu linux-image-powerpc-e500mc < 4.18.0.21.22 cosmic
Affected pkg:deb/ubuntu/linux-image-lowlatency?distro=cosmic ubuntu linux-image-lowlatency < 4.18.0.21.22 cosmic
Affected pkg:deb/ubuntu/linux-image-kvm?distro=cosmic ubuntu linux-image-kvm < 4.18.0.1013.13 cosmic
Affected pkg:deb/ubuntu/linux-image-gke?distro=cosmic ubuntu linux-image-gke < 4.18.0.1012.12 cosmic
Affected pkg:deb/ubuntu/linux-image-generic?distro=cosmic ubuntu linux-image-generic < 4.18.0.21.22 cosmic
Affected pkg:deb/ubuntu/linux-image-generic-lpae?distro=cosmic ubuntu linux-image-generic-lpae < 4.18.0.21.22 cosmic
Affected pkg:deb/ubuntu/linux-image-gcp?distro=cosmic ubuntu linux-image-gcp < 4.18.0.1012.12 cosmic
Affected pkg:deb/ubuntu/linux-image-aws?distro=cosmic ubuntu linux-image-aws < 4.18.0.1017.17 cosmic
Affected pkg:deb/ubuntu/linux-image-4.18.0-21-snapdragon?distro=cosmic ubuntu linux-image-4.18.0-21-snapdragon < 4.18.0-21.22 cosmic
Affected pkg:deb/ubuntu/linux-image-4.18.0-21-lowlatency?distro=cosmic ubuntu linux-image-4.18.0-21-lowlatency < 4.18.0-21.22 cosmic
Affected pkg:deb/ubuntu/linux-image-4.18.0-21-generic?distro=cosmic ubuntu linux-image-4.18.0-21-generic < 4.18.0-21.22 cosmic
Affected pkg:deb/ubuntu/linux-image-4.18.0-21-generic-lpae?distro=cosmic ubuntu linux-image-4.18.0-21-generic-lpae < 4.18.0-21.22 cosmic
Affected pkg:deb/ubuntu/linux-image-4.18.0-1017-aws?distro=cosmic ubuntu linux-image-4.18.0-1017-aws < 4.18.0-1017.19 cosmic
Affected pkg:deb/ubuntu/linux-image-4.18.0-1015-raspi2?distro=cosmic ubuntu linux-image-4.18.0-1015-raspi2 < 4.18.0-1015.17 cosmic
Affected pkg:deb/ubuntu/linux-image-4.18.0-1013-kvm?distro=cosmic ubuntu linux-image-4.18.0-1013-kvm < 4.18.0-1013.13 cosmic
Affected pkg:deb/ubuntu/linux-image-4.18.0-1012-gcp?distro=cosmic ubuntu linux-image-4.18.0-1012-gcp < 4.18.0-1012.13 cosmic
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date