[USN-4017-2] Linux kernel vulnerabilities

Severity High

Affected Packages 66

CVEs 2

The system could be made to crash if it received specially crafted network traffic.

USN-4017-1 fixed vulnerabilities in the Linux kernel for Ubuntu.
This update provides the corresponding updates for the Linux kernel
for Ubuntu 16.04 ESM and Ubuntu 14.04 ESM.

Jonathan Looney discovered that the TCP retransmission queue implementation
in the Linux kernel could be fragmented when handling certain TCP Selective
Acknowledgment (SACK) sequences. A remote attacker could use this to cause
a denial of service. (CVE-2019-11478)

Jonathan Looney discovered that an integer overflow existed in the Linux
kernel when handling TCP Selective Acknowledgments (SACKs). A remote
attacker could use this to cause a denial of service (system crash).
(CVE-2019-11477)

Package	Affected Version
pkg:deb/ubuntu/linux-image-virtual?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-virtual?distro=precise	< 3.2.0.141.156
pkg:deb/ubuntu/linux-image-virtual-lts-xenial?distro=trusty	< 4.4.0.151.133
pkg:deb/ubuntu/linux-image-powerpc?distro=precise	< 3.2.0.141.156
pkg:deb/ubuntu/linux-image-powerpc64-smp?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-powerpc64-smp?distro=precise	< 3.2.0.141.156
pkg:deb/ubuntu/linux-image-powerpc64-smp-lts-xenial?distro=trusty	< 4.4.0.151.133
pkg:deb/ubuntu/linux-image-powerpc64-emb?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-powerpc64-emb-lts-xenial?distro=trusty	< 4.4.0.151.133
pkg:deb/ubuntu/linux-image-powerpc-smp?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-powerpc-smp?distro=precise	< 3.2.0.141.156
pkg:deb/ubuntu/linux-image-powerpc-smp-lts-xenial?distro=trusty	< 4.4.0.151.133
pkg:deb/ubuntu/linux-image-powerpc-e500mc?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-powerpc-e500mc-lts-xenial?distro=trusty	< 4.4.0.151.133
pkg:deb/ubuntu/linux-image-powerpc-e500?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-omap?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-omap?distro=precise	< 3.2.0.141.156
pkg:deb/ubuntu/linux-image-lowlatency?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-lowlatency-pae?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-lowlatency-lts-xenial?distro=trusty	< 4.4.0.151.133
pkg:deb/ubuntu/linux-image-highbank?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-highbank?distro=precise	< 3.2.0.141.156
pkg:deb/ubuntu/linux-image-generic?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-generic?distro=precise	< 3.2.0.141.156
pkg:deb/ubuntu/linux-image-generic-pae?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-generic-pae?distro=precise	< 3.2.0.141.156
pkg:deb/ubuntu/linux-image-generic-lts-xenial?distro=trusty	< 4.4.0.151.133
pkg:deb/ubuntu/linux-image-generic-lts-trusty?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-generic-lts-trusty?distro=precise	< 3.13.0.171.159
pkg:deb/ubuntu/linux-image-generic-lts-saucy?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-generic-lts-raring?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-generic-lts-quantal?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-generic-lpae?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-generic-lpae-lts-xenial?distro=trusty	< 4.4.0.151.133
pkg:deb/ubuntu/linux-image-generic-lpae-lts-trusty?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-generic-lpae-lts-trusty?distro=precise	< 3.13.0.171.159
pkg:deb/ubuntu/linux-image-generic-lpae-lts-saucy?distro=trusty	< 3.13.0.171.182
pkg:deb/ubuntu/linux-image-azure?distro=trusty	< 4.15.0.1047.34
pkg:deb/ubuntu/linux-image-aws?distro=trusty	< 4.4.0.1046.47
pkg:deb/ubuntu/linux-image-4.4.0-151-powerpc64-smp?distro=trusty	< 4.4.0-151.178~14.04.1
pkg:deb/ubuntu/linux-image-4.4.0-151-powerpc64-emb?distro=trusty	< 4.4.0-151.178~14.04.1
pkg:deb/ubuntu/linux-image-4.4.0-151-powerpc-smp?distro=trusty	< 4.4.0-151.178~14.04.1
pkg:deb/ubuntu/linux-image-4.4.0-151-powerpc-e500mc?distro=trusty	< 4.4.0-151.178~14.04.1
pkg:deb/ubuntu/linux-image-4.4.0-151-lowlatency?distro=trusty	< 4.4.0-151.178~14.04.1
pkg:deb/ubuntu/linux-image-4.4.0-151-generic?distro=trusty	< 4.4.0-151.178~14.04.1
pkg:deb/ubuntu/linux-image-4.4.0-151-generic-lpae?distro=trusty	< 4.4.0-151.178~14.04.1
pkg:deb/ubuntu/linux-image-4.4.0-1046-aws?distro=trusty	< 4.4.0-1046.50
pkg:deb/ubuntu/linux-image-4.15.0-1047-azure?distro=trusty	< 4.15.0-1047.51~14.04.1
pkg:deb/ubuntu/linux-image-3.2.0-141-virtual?distro=precise	< 3.2.0-141.188
pkg:deb/ubuntu/linux-image-3.2.0-141-powerpc64-smp?distro=precise	< 3.2.0-141.188
pkg:deb/ubuntu/linux-image-3.2.0-141-powerpc-smp?distro=precise	< 3.2.0-141.188
pkg:deb/ubuntu/linux-image-3.2.0-141-omap?distro=precise	< 3.2.0-141.188
pkg:deb/ubuntu/linux-image-3.2.0-141-highbank?distro=precise	< 3.2.0-141.188
pkg:deb/ubuntu/linux-image-3.2.0-141-generic?distro=precise	< 3.2.0-141.188
pkg:deb/ubuntu/linux-image-3.2.0-141-generic-pae?distro=precise	< 3.2.0-141.188
pkg:deb/ubuntu/linux-image-3.13.0-171-powerpc64-smp?distro=trusty	< 3.13.0-171.222
pkg:deb/ubuntu/linux-image-3.13.0-171-powerpc64-emb?distro=trusty	< 3.13.0-171.222
pkg:deb/ubuntu/linux-image-3.13.0-171-powerpc-smp?distro=trusty	< 3.13.0-171.222
pkg:deb/ubuntu/linux-image-3.13.0-171-powerpc-e500mc?distro=trusty	< 3.13.0-171.222
pkg:deb/ubuntu/linux-image-3.13.0-171-powerpc-e500?distro=trusty	< 3.13.0-171.222
pkg:deb/ubuntu/linux-image-3.13.0-171-lowlatency?distro=trusty	< 3.13.0-171.222
pkg:deb/ubuntu/linux-image-3.13.0-171-lowlatency?distro=precise	< 3.13.0-171.222~12.04.1
pkg:deb/ubuntu/linux-image-3.13.0-171-generic?distro=trusty	< 3.13.0-171.222
pkg:deb/ubuntu/linux-image-3.13.0-171-generic?distro=precise	< 3.13.0-171.222~12.04.1
pkg:deb/ubuntu/linux-image-3.13.0-171-generic-lpae?distro=trusty	< 3.13.0-171.222
pkg:deb/ubuntu/linux-image-3.13.0-171-generic-lpae?distro=precise	< 3.13.0-171.222~12.04.1

ID

USN-4017-2

Severity

high

URL

https://ubuntu.com/security/notices/USN-4017-2

Published

2019-06-17T17:58:37
(5 years ago)

Modified

2019-06-17T17:58:37
(5 years ago)

Other Advisories

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:deb/ubuntu/linux-image-virtual?distro=trusty	ubuntu	linux-image-virtual	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-virtual?distro=precise	ubuntu	linux-image-virtual	< 3.2.0.141.156	precise
Affected	pkg:deb/ubuntu/linux-image-virtual-lts-xenial?distro=trusty	ubuntu	linux-image-virtual-lts-xenial	< 4.4.0.151.133	trusty
Affected	pkg:deb/ubuntu/linux-image-powerpc?distro=precise	ubuntu	linux-image-powerpc	< 3.2.0.141.156	precise
Affected	pkg:deb/ubuntu/linux-image-powerpc64-smp?distro=trusty	ubuntu	linux-image-powerpc64-smp	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-powerpc64-smp?distro=precise	ubuntu	linux-image-powerpc64-smp	< 3.2.0.141.156	precise
Affected	pkg:deb/ubuntu/linux-image-powerpc64-smp-lts-xenial?distro=trusty	ubuntu	linux-image-powerpc64-smp-lts-xenial	< 4.4.0.151.133	trusty
Affected	pkg:deb/ubuntu/linux-image-powerpc64-emb?distro=trusty	ubuntu	linux-image-powerpc64-emb	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-powerpc64-emb-lts-xenial?distro=trusty	ubuntu	linux-image-powerpc64-emb-lts-xenial	< 4.4.0.151.133	trusty
Affected	pkg:deb/ubuntu/linux-image-powerpc-smp?distro=trusty	ubuntu	linux-image-powerpc-smp	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-powerpc-smp?distro=precise	ubuntu	linux-image-powerpc-smp	< 3.2.0.141.156	precise
Affected	pkg:deb/ubuntu/linux-image-powerpc-smp-lts-xenial?distro=trusty	ubuntu	linux-image-powerpc-smp-lts-xenial	< 4.4.0.151.133	trusty
Affected	pkg:deb/ubuntu/linux-image-powerpc-e500mc?distro=trusty	ubuntu	linux-image-powerpc-e500mc	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-powerpc-e500mc-lts-xenial?distro=trusty	ubuntu	linux-image-powerpc-e500mc-lts-xenial	< 4.4.0.151.133	trusty
Affected	pkg:deb/ubuntu/linux-image-powerpc-e500?distro=trusty	ubuntu	linux-image-powerpc-e500	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-omap?distro=trusty	ubuntu	linux-image-omap	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-omap?distro=precise	ubuntu	linux-image-omap	< 3.2.0.141.156	precise
Affected	pkg:deb/ubuntu/linux-image-lowlatency?distro=trusty	ubuntu	linux-image-lowlatency	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-lowlatency-pae?distro=trusty	ubuntu	linux-image-lowlatency-pae	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-lowlatency-lts-xenial?distro=trusty	ubuntu	linux-image-lowlatency-lts-xenial	< 4.4.0.151.133	trusty
Affected	pkg:deb/ubuntu/linux-image-highbank?distro=trusty	ubuntu	linux-image-highbank	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-highbank?distro=precise	ubuntu	linux-image-highbank	< 3.2.0.141.156	precise
Affected	pkg:deb/ubuntu/linux-image-generic?distro=trusty	ubuntu	linux-image-generic	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-generic?distro=precise	ubuntu	linux-image-generic	< 3.2.0.141.156	precise
Affected	pkg:deb/ubuntu/linux-image-generic-pae?distro=trusty	ubuntu	linux-image-generic-pae	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-pae?distro=precise	ubuntu	linux-image-generic-pae	< 3.2.0.141.156	precise
Affected	pkg:deb/ubuntu/linux-image-generic-lts-xenial?distro=trusty	ubuntu	linux-image-generic-lts-xenial	< 4.4.0.151.133	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lts-trusty?distro=trusty	ubuntu	linux-image-generic-lts-trusty	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lts-trusty?distro=precise	ubuntu	linux-image-generic-lts-trusty	< 3.13.0.171.159	precise
Affected	pkg:deb/ubuntu/linux-image-generic-lts-saucy?distro=trusty	ubuntu	linux-image-generic-lts-saucy	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lts-raring?distro=trusty	ubuntu	linux-image-generic-lts-raring	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lts-quantal?distro=trusty	ubuntu	linux-image-generic-lts-quantal	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lpae?distro=trusty	ubuntu	linux-image-generic-lpae	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lpae-lts-xenial?distro=trusty	ubuntu	linux-image-generic-lpae-lts-xenial	< 4.4.0.151.133	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lpae-lts-trusty?distro=trusty	ubuntu	linux-image-generic-lpae-lts-trusty	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-generic-lpae-lts-trusty?distro=precise	ubuntu	linux-image-generic-lpae-lts-trusty	< 3.13.0.171.159	precise
Affected	pkg:deb/ubuntu/linux-image-generic-lpae-lts-saucy?distro=trusty	ubuntu	linux-image-generic-lpae-lts-saucy	< 3.13.0.171.182	trusty
Affected	pkg:deb/ubuntu/linux-image-azure?distro=trusty	ubuntu	linux-image-azure	< 4.15.0.1047.34	trusty
Affected	pkg:deb/ubuntu/linux-image-aws?distro=trusty	ubuntu	linux-image-aws	< 4.4.0.1046.47	trusty
Affected	pkg:deb/ubuntu/linux-image-4.4.0-151-powerpc64-smp?distro=trusty	ubuntu	linux-image-4.4.0-151-powerpc64-smp	< 4.4.0-151.178~14.04.1	trusty
Affected	pkg:deb/ubuntu/linux-image-4.4.0-151-powerpc64-emb?distro=trusty	ubuntu	linux-image-4.4.0-151-powerpc64-emb	< 4.4.0-151.178~14.04.1	trusty
Affected	pkg:deb/ubuntu/linux-image-4.4.0-151-powerpc-smp?distro=trusty	ubuntu	linux-image-4.4.0-151-powerpc-smp	< 4.4.0-151.178~14.04.1	trusty
Affected	pkg:deb/ubuntu/linux-image-4.4.0-151-powerpc-e500mc?distro=trusty	ubuntu	linux-image-4.4.0-151-powerpc-e500mc	< 4.4.0-151.178~14.04.1	trusty
Affected	pkg:deb/ubuntu/linux-image-4.4.0-151-lowlatency?distro=trusty	ubuntu	linux-image-4.4.0-151-lowlatency	< 4.4.0-151.178~14.04.1	trusty
Affected	pkg:deb/ubuntu/linux-image-4.4.0-151-generic?distro=trusty	ubuntu	linux-image-4.4.0-151-generic	< 4.4.0-151.178~14.04.1	trusty
Affected	pkg:deb/ubuntu/linux-image-4.4.0-151-generic-lpae?distro=trusty	ubuntu	linux-image-4.4.0-151-generic-lpae	< 4.4.0-151.178~14.04.1	trusty
Affected	pkg:deb/ubuntu/linux-image-4.4.0-1046-aws?distro=trusty	ubuntu	linux-image-4.4.0-1046-aws	< 4.4.0-1046.50	trusty
Affected	pkg:deb/ubuntu/linux-image-4.15.0-1047-azure?distro=trusty	ubuntu	linux-image-4.15.0-1047-azure	< 4.15.0-1047.51~14.04.1	trusty
Affected	pkg:deb/ubuntu/linux-image-3.2.0-141-virtual?distro=precise	ubuntu	linux-image-3.2.0-141-virtual	< 3.2.0-141.188	precise
Affected	pkg:deb/ubuntu/linux-image-3.2.0-141-powerpc64-smp?distro=precise	ubuntu	linux-image-3.2.0-141-powerpc64-smp	< 3.2.0-141.188	precise
Affected	pkg:deb/ubuntu/linux-image-3.2.0-141-powerpc-smp?distro=precise	ubuntu	linux-image-3.2.0-141-powerpc-smp	< 3.2.0-141.188	precise
Affected	pkg:deb/ubuntu/linux-image-3.2.0-141-omap?distro=precise	ubuntu	linux-image-3.2.0-141-omap	< 3.2.0-141.188	precise
Affected	pkg:deb/ubuntu/linux-image-3.2.0-141-highbank?distro=precise	ubuntu	linux-image-3.2.0-141-highbank	< 3.2.0-141.188	precise
Affected	pkg:deb/ubuntu/linux-image-3.2.0-141-generic?distro=precise	ubuntu	linux-image-3.2.0-141-generic	< 3.2.0-141.188	precise
Affected	pkg:deb/ubuntu/linux-image-3.2.0-141-generic-pae?distro=precise	ubuntu	linux-image-3.2.0-141-generic-pae	< 3.2.0-141.188	precise
Affected	pkg:deb/ubuntu/linux-image-3.13.0-171-powerpc64-smp?distro=trusty	ubuntu	linux-image-3.13.0-171-powerpc64-smp	< 3.13.0-171.222	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-171-powerpc64-emb?distro=trusty	ubuntu	linux-image-3.13.0-171-powerpc64-emb	< 3.13.0-171.222	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-171-powerpc-smp?distro=trusty	ubuntu	linux-image-3.13.0-171-powerpc-smp	< 3.13.0-171.222	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-171-powerpc-e500mc?distro=trusty	ubuntu	linux-image-3.13.0-171-powerpc-e500mc	< 3.13.0-171.222	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-171-powerpc-e500?distro=trusty	ubuntu	linux-image-3.13.0-171-powerpc-e500	< 3.13.0-171.222	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-171-lowlatency?distro=trusty	ubuntu	linux-image-3.13.0-171-lowlatency	< 3.13.0-171.222	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-171-lowlatency?distro=precise	ubuntu	linux-image-3.13.0-171-lowlatency	< 3.13.0-171.222~12.04.1	precise
Affected	pkg:deb/ubuntu/linux-image-3.13.0-171-generic?distro=trusty	ubuntu	linux-image-3.13.0-171-generic	< 3.13.0-171.222	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-171-generic?distro=precise	ubuntu	linux-image-3.13.0-171-generic	< 3.13.0-171.222~12.04.1	precise
Affected	pkg:deb/ubuntu/linux-image-3.13.0-171-generic-lpae?distro=trusty	ubuntu	linux-image-3.13.0-171-generic-lpae	< 3.13.0-171.222	trusty
Affected	pkg:deb/ubuntu/linux-image-3.13.0-171-generic-lpae?distro=precise	ubuntu	linux-image-3.13.0-171-generic-lpae	< 3.13.0-171.222~12.04.1	precise

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date