1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-4093-1

[USN-4093-1] Linux kernel vulnerabilities

Severity Medium
Affected Packages 28
CVEs 7
Info Packages Vulnerabilities

Several security issues were fixed in the Linux kernel.

It was discovered that a heap buffer overflow existed in the Marvell
Wireless LAN device driver for the Linux kernel. An attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2019-10126)

Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors
incorrectly handle SWAPGS instructions during speculative execution. A
local attacker could use this to expose sensitive information (kernel
memory). (CVE-2019-1125)

It was discovered that the PowerPC dlpar implementation in the Linux kernel
did not properly check for allocation errors in some situations. A local
attacker could possibly use this to cause a denial of service (system
crash). (CVE-2019-12614)

It was discovered that a NULL pointer dereference vulnerability existed in
the Near-field communication (NFC) implementation in the Linux kernel. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2019-12984)

Jann Horn discovered a use-after-free vulnerability in the Linux kernel
when accessing LDT entries in some situations. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2019-13233)

Jann Horn discovered that the ptrace implementation in the Linux kernel did
not properly record credentials in some situations. A local attacker could
use this to cause a denial of service (system crash) or possibly gain
administrative privileges. (CVE-2019-13272)

It was discovered that the Marvell Wireless LAN device driver in the Linux
kernel did not properly validate the BSS descriptor. A local attacker could
possibly use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2019-3846)

Package Affected Version
pkg:deb/ubuntu/linux-image-virtual?distro=disco < 5.0.0.25.26
pkg:deb/ubuntu/linux-image-virtual-hwe-18.04?distro=bionic < 5.0.0.25.82
pkg:deb/ubuntu/linux-image-snapdragon?distro=disco < 5.0.0.1018.11
pkg:deb/ubuntu/linux-image-snapdragon-hwe-18.04?distro=bionic < 5.0.0.25.82
pkg:deb/ubuntu/linux-image-raspi2?distro=disco < 5.0.0.1014.11
pkg:deb/ubuntu/linux-image-lowlatency?distro=disco < 5.0.0.25.26
pkg:deb/ubuntu/linux-image-lowlatency-hwe-18.04?distro=bionic < 5.0.0.25.82
pkg:deb/ubuntu/linux-image-kvm?distro=disco < 5.0.0.1013.13
pkg:deb/ubuntu/linux-image-gke?distro=disco < 5.0.0.1013.13
pkg:deb/ubuntu/linux-image-generic?distro=disco < 5.0.0.25.26
pkg:deb/ubuntu/linux-image-generic-lpae?distro=disco < 5.0.0.25.26
pkg:deb/ubuntu/linux-image-generic-lpae-hwe-18.04?distro=bionic < 5.0.0.25.82
pkg:deb/ubuntu/linux-image-generic-hwe-18.04?distro=bionic < 5.0.0.25.82
pkg:deb/ubuntu/linux-image-gcp?distro=disco < 5.0.0.1013.13
pkg:deb/ubuntu/linux-image-azure?distro=disco < 5.0.0.1014.13
pkg:deb/ubuntu/linux-image-azure?distro=bionic < 5.0.0.1014.25
pkg:deb/ubuntu/linux-image-5.0.0-25-lowlatency?distro=disco < 5.0.0-25.26
pkg:deb/ubuntu/linux-image-5.0.0-25-lowlatency?distro=bionic < 5.0.0-25.26~18.04.1
pkg:deb/ubuntu/linux-image-5.0.0-25-generic?distro=disco < 5.0.0-25.26
pkg:deb/ubuntu/linux-image-5.0.0-25-generic?distro=bionic < 5.0.0-25.26~18.04.1
pkg:deb/ubuntu/linux-image-5.0.0-25-generic-lpae?distro=disco < 5.0.0-25.26
pkg:deb/ubuntu/linux-image-5.0.0-25-generic-lpae?distro=bionic < 5.0.0-25.26~18.04.1
pkg:deb/ubuntu/linux-image-5.0.0-1018-snapdragon?distro=disco < 5.0.0-1018.19
pkg:deb/ubuntu/linux-image-5.0.0-1014-raspi2?distro=disco < 5.0.0-1014.14
pkg:deb/ubuntu/linux-image-5.0.0-1014-azure?distro=disco < 5.0.0-1014.14
pkg:deb/ubuntu/linux-image-5.0.0-1014-azure?distro=bionic < 5.0.0-1014.14~18.04.1
pkg:deb/ubuntu/linux-image-5.0.0-1013-kvm?distro=disco < 5.0.0-1013.14
pkg:deb/ubuntu/linux-image-5.0.0-1013-gcp?distro=disco < 5.0.0-1013.13
ID
USN-4093-1
Severity
medium
URL
https://ubuntu.com/security/notices/USN-4093-1
Published
2019-08-13T15:04:42
(5 years ago)
Modified
2019-08-13T15:04:42
(5 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-image-virtual?distro=disco ubuntu linux-image-virtual < 5.0.0.25.26 disco
Affected pkg:deb/ubuntu/linux-image-virtual-hwe-18.04?distro=bionic ubuntu linux-image-virtual-hwe-18.04 < 5.0.0.25.82 bionic
Affected pkg:deb/ubuntu/linux-image-snapdragon?distro=disco ubuntu linux-image-snapdragon < 5.0.0.1018.11 disco
Affected pkg:deb/ubuntu/linux-image-snapdragon-hwe-18.04?distro=bionic ubuntu linux-image-snapdragon-hwe-18.04 < 5.0.0.25.82 bionic
Affected pkg:deb/ubuntu/linux-image-raspi2?distro=disco ubuntu linux-image-raspi2 < 5.0.0.1014.11 disco
Affected pkg:deb/ubuntu/linux-image-lowlatency?distro=disco ubuntu linux-image-lowlatency < 5.0.0.25.26 disco
Affected pkg:deb/ubuntu/linux-image-lowlatency-hwe-18.04?distro=bionic ubuntu linux-image-lowlatency-hwe-18.04 < 5.0.0.25.82 bionic
Affected pkg:deb/ubuntu/linux-image-kvm?distro=disco ubuntu linux-image-kvm < 5.0.0.1013.13 disco
Affected pkg:deb/ubuntu/linux-image-gke?distro=disco ubuntu linux-image-gke < 5.0.0.1013.13 disco
Affected pkg:deb/ubuntu/linux-image-generic?distro=disco ubuntu linux-image-generic < 5.0.0.25.26 disco
Affected pkg:deb/ubuntu/linux-image-generic-lpae?distro=disco ubuntu linux-image-generic-lpae < 5.0.0.25.26 disco
Affected pkg:deb/ubuntu/linux-image-generic-lpae-hwe-18.04?distro=bionic ubuntu linux-image-generic-lpae-hwe-18.04 < 5.0.0.25.82 bionic
Affected pkg:deb/ubuntu/linux-image-generic-hwe-18.04?distro=bionic ubuntu linux-image-generic-hwe-18.04 < 5.0.0.25.82 bionic
Affected pkg:deb/ubuntu/linux-image-gcp?distro=disco ubuntu linux-image-gcp < 5.0.0.1013.13 disco
Affected pkg:deb/ubuntu/linux-image-azure?distro=disco ubuntu linux-image-azure < 5.0.0.1014.13 disco
Affected pkg:deb/ubuntu/linux-image-azure?distro=bionic ubuntu linux-image-azure < 5.0.0.1014.25 bionic
Affected pkg:deb/ubuntu/linux-image-5.0.0-25-lowlatency?distro=disco ubuntu linux-image-5.0.0-25-lowlatency < 5.0.0-25.26 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-25-lowlatency?distro=bionic ubuntu linux-image-5.0.0-25-lowlatency < 5.0.0-25.26~18.04.1 bionic
Affected pkg:deb/ubuntu/linux-image-5.0.0-25-generic?distro=disco ubuntu linux-image-5.0.0-25-generic < 5.0.0-25.26 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-25-generic?distro=bionic ubuntu linux-image-5.0.0-25-generic < 5.0.0-25.26~18.04.1 bionic
Affected pkg:deb/ubuntu/linux-image-5.0.0-25-generic-lpae?distro=disco ubuntu linux-image-5.0.0-25-generic-lpae < 5.0.0-25.26 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-25-generic-lpae?distro=bionic ubuntu linux-image-5.0.0-25-generic-lpae < 5.0.0-25.26~18.04.1 bionic
Affected pkg:deb/ubuntu/linux-image-5.0.0-1018-snapdragon?distro=disco ubuntu linux-image-5.0.0-1018-snapdragon < 5.0.0-1018.19 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1014-raspi2?distro=disco ubuntu linux-image-5.0.0-1014-raspi2 < 5.0.0-1014.14 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1014-azure?distro=disco ubuntu linux-image-5.0.0-1014-azure < 5.0.0-1014.14 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1014-azure?distro=bionic ubuntu linux-image-5.0.0-1014-azure < 5.0.0-1014.14~18.04.1 bionic
Affected pkg:deb/ubuntu/linux-image-5.0.0-1013-kvm?distro=disco ubuntu linux-image-5.0.0-1013-kvm < 5.0.0-1013.14 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1013-gcp?distro=disco ubuntu linux-image-5.0.0-1013-gcp < 5.0.0-1013.13 disco
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date