[USN-4147-1] Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel.
It was discovered that the Intel Wi-Fi device driver in the Linux kernel
did not properly validate certain Tunneled Direct Link Setup (TDLS). A
physically proximate attacker could use this to cause a denial of service
(Wi-Fi disconnect). (CVE-2019-0136)
It was discovered that the Bluetooth UART implementation in the Linux
kernel did not properly check for missing tty operations. A local attacker
could use this to cause a denial of service. (CVE-2019-10207)
It was discovered that the GTCO tablet input driver in the Linux kernel did
not properly bounds check the initial HID report sent by the device. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2019-13631)
It was discovered that an out-of-bounds read existed in the QLogic QEDI
iSCSI Initiator Driver in the Linux kernel. A local attacker could possibly
use this to expose sensitive information (kernel memory). (CVE-2019-15090)
Hui Peng and Mathias Payer discovered that the USB audio driver for the
Linux kernel did not properly validate device meta data. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2019-15117)
Hui Peng and Mathias Payer discovered that the USB audio driver for the
Linux kernel improperly performed recursion while handling device meta
data. A physically proximate attacker could use this to cause a denial of
service (system crash). (CVE-2019-15118)
It was discovered that the Raremono AM/FM/SW radio device driver in the
Linux kernel did not properly allocate memory, leading to a use-after-free.
A physically proximate attacker could use this to cause a denial of service
or possibly execute arbitrary code. (CVE-2019-15211)
It was discovered at a double-free error existed in the USB Rio 500 device
driver for the Linux kernel. A physically proximate attacker could use this
to cause a denial of service. (CVE-2019-15212)
It was discovered that a race condition existed in the CPiA2 video4linux
device driver for the Linux kernel, leading to a use-after-free. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2019-15215)
It was discovered that a race condition existed in the Softmac USB Prism54
device driver in the Linux kernel. A physically proximate attacker could
use this to cause a denial of service (system crash). (CVE-2019-15220)
Benjamin Moody discovered that the XFS file system in the Linux kernel did
not properly handle an error condition when out of disk quota. A local
attacker could possibly use this to cause a denial of service.
(CVE-2019-15538)
It was discovered that the Hisilicon HNS3 ethernet device driver in the
Linux kernel contained an out of bounds access vulnerability. A local
attacker could use this to possibly cause a denial of service (system
crash). (CVE-2019-15925)
It was discovered that the Atheros mobile chipset driver in the Linux
kernel did not properly validate data in some situations. An attacker could
use this to cause a denial of service (system crash). (CVE-2019-15926)
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper B. Rasmussen discovered
that the Bluetooth protocol BR/EDR specification did not properly require
sufficiently strong encryption key lengths. A physically proximate attacker
could use this to expose sensitive information. (CVE-2019-9506)
It was discovered that ZR364XX Camera USB device driver for the Linux
kernel did not properly initialize memory. A physically proximate attacker
could use this to cause a denial of service (system crash).
(CVE-2019-15217)
It was discovered that the Siano USB MDTV receiver device driver in the
Linux kernel made improper assumptions about the device characteristics. A
physically proximate attacker could use this cause a denial of service
(system crash). (CVE-2019-15218)
It was discovered that the Line 6 POD USB device driver in the Linux kernel
did not properly validate data size information from the device. A
physically proximate attacker could use this to cause a denial of service
(system crash). (CVE-2019-15221)
It was discovered that the Line 6 USB driver for the Linux kernel contained
a race condition when the device was disconnected. A physically proximate
attacker could use this to cause a denial of service (system crash).
(CVE-2019-15223)
- ID
- USN-4147-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-4147-1
- Published
-
2019-10-04T15:38:51
(5 years ago) - Modified
-
2019-10-04T15:38:51
(5 years ago) - Other Advisories
-
-
ALAS-2019-1281
-
ALSA-2020:4431
-
ALSA-2024:3138
-
CISCO-SA-20190813-BLUETOOTH
-
DSA-4495-1
-
DSA-4497-1
-
DSA-4531-1
-
ELSA-2019-3055
-
ELSA-2019-3517
-
ELSA-2019-4739
-
ELSA-2019-4741
-
ELSA-2019-4746
-
ELSA-2019-4820
-
ELSA-2019-4850
-
ELSA-2019-4871
-
ELSA-2019-4872
-
ELSA-2019-4878
-
ELSA-2020-1016
-
ELSA-2020-1769
-
ELSA-2020-4060
-
ELSA-2020-5755
-
ELSA-2020-5845
-
ELSA-2020-5866
-
ELSA-2021-9534
-
ELSA-2024-3138
-
FEDORA-2019-021c968423
-
FEDORA-2019-057d691fd4
-
FEDORA-2019-124a241044
-
FEDORA-2019-15e141c6a7
-
FEDORA-2019-1689d3fe07
-
FEDORA-2019-3dbfaeac73
-
FEDORA-2019-41e28660ae
-
FEDORA-2019-4c91a2f76e
-
FEDORA-2019-6bda4c81f4
-
FEDORA-2019-7a3fc17778
-
FEDORA-2019-7aecfe1c4b
-
FEDORA-2019-8846a1a5a2
-
FEDORA-2019-97380355ae
-
FEDORA-2019-9d3fe6fd5b
-
FEDORA-2019-a570a92d5a
-
FEDORA-2019-e3010166bd
-
FEDORA-2019-e37c348348
-
FEDORA-2020-2a5cdd665c
-
FEDORA-2020-c2d89d14d0
-
FEDORA-2020-fe00e12580
-
MS:CVE-2019-9506
-
openSUSE-SU-2019:1923-1
-
openSUSE-SU-2019:1924-1
-
openSUSE-SU-2019:2173-1
-
openSUSE-SU-2019:2181-1
-
openSUSE-SU-2019:2307-1
-
openSUSE-SU-2019:2308-1
-
RHSA-2019:3055
-
RHSA-2019:3076
-
RHSA-2019:3089
-
RHSA-2019:3309
-
RHSA-2019:3517
-
RHSA-2020:1016
-
RHSA-2020:1070
-
RHSA-2020:1567
-
RHSA-2020:1769
-
RHSA-2020:3220
-
RHSA-2020:4060
-
RHSA-2020:4062
-
RHSA-2020:4431
-
RHSA-2020:4609
-
RHSA-2024:2950
-
RHSA-2024:3138
-
RLSA-2024:3138
-
SSA:2019-226-01
-
SSA:2019-311-01
-
SSA:2020-086-01
-
SUSE-SU-2019:2068-1
-
SUSE-SU-2019:2069-1
-
SUSE-SU-2019:2070-1
-
SUSE-SU-2019:2071-1
-
SUSE-SU-2019:2072-1
-
SUSE-SU-2019:2073-1
-
SUSE-SU-2019:2262-1
-
SUSE-SU-2019:2263-1
-
SUSE-SU-2019:2299-1
-
SUSE-SU-2019:2412-1
-
SUSE-SU-2019:2414-1
-
SUSE-SU-2019:2424-1
-
SUSE-SU-2019:2430-1
-
SUSE-SU-2019:2450-1
-
SUSE-SU-2019:2648-1
-
SUSE-SU-2019:2651-1
-
SUSE-SU-2019:2658-1
-
SUSE-SU-2019:2706-1
-
SUSE-SU-2019:2710-1
-
SUSE-SU-2019:2738-1
-
SUSE-SU-2019:2756-1
-
SUSE-SU-2019:2879-1
-
SUSE-SU-2019:2949-1
-
SUSE-SU-2019:2950-1
-
SUSE-SU-2019:2984-1
-
SUSE-SU-2019:3200-1
-
SUSE-SU-2019:3295-1
-
SUSE-SU-2020:0093-1
-
SUSE-SU-2020:2526-1
-
SUSE-SU-2022:0325-1
-
SUSE-SU-2022:0327-1
-
SUSE-SU-2022:0328-1
-
SUSE-SU-2022:0329-1
-
SUSE-SU-2022:0362-1
-
SUSE-SU-2022:0477-1
-
USN-4115-1
-
USN-4118-1
-
USN-4144-1
-
USN-4145-1
-
USN-4162-1
-
USN-4162-2
-
USN-4163-1
-
USN-4163-2
-
USN-4286-1
-
USN-4286-2
-
USN-4302-1
-
VU:918987
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/linux-image-virtual?distro=disco | ubuntu |
 linux-image-virtual
|
< 5.0.0.31.32 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-virtual-hwe-18.04?distro=bionic | ubuntu |
linux-image-virtual-hwe-18.04
|
< 5.0.0.31.88 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-image-snapdragon?distro=disco | ubuntu |
linux-image-snapdragon
|
< 5.0.0.1023.16 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-snapdragon-hwe-18.04?distro=bionic | ubuntu |
linux-image-snapdragon-hwe-18.04
|
< 5.0.0.31.88 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-image-raspi2?distro=disco | ubuntu |
linux-image-raspi2
|
< 5.0.0.1019.16 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-lowlatency?distro=disco | ubuntu |
linux-image-lowlatency
|
< 5.0.0.31.32 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-lowlatency-hwe-18.04?distro=bionic | ubuntu |
linux-image-lowlatency-hwe-18.04
|
< 5.0.0.31.88 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-image-kvm?distro=disco | ubuntu |
linux-image-kvm
|
< 5.0.0.1019.19 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-gke?distro=disco | ubuntu |
linux-image-gke
|
< 5.0.0.1020.46 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-gke-5.0?distro=bionic | ubuntu |
linux-image-gke-5.0
|
< 5.0.0.1020.9 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-image-generic?distro=disco | ubuntu |
linux-image-generic
|
< 5.0.0.31.32 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-generic-lpae?distro=disco | ubuntu |
linux-image-generic-lpae
|
< 5.0.0.31.32 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-generic-lpae-hwe-18.04?distro=bionic | ubuntu |
linux-image-generic-lpae-hwe-18.04
|
< 5.0.0.31.88 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-image-generic-hwe-18.04?distro=bionic | ubuntu |
linux-image-generic-hwe-18.04
|
< 5.0.0.31.88 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-image-gcp?distro=disco | ubuntu |
linux-image-gcp
|
< 5.0.0.1020.46 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-azure?distro=disco | ubuntu |
linux-image-azure
|
< 5.0.0.1022.21 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-aws?distro=disco | ubuntu |
linux-image-aws
|
< 5.0.0.1018.19 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-5.0.0-31-lowlatency?distro=disco | ubuntu |
linux-image-5.0.0-31-lowlatency
|
< 5.0.0-31.33 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-5.0.0-31-lowlatency?distro=bionic | ubuntu |
linux-image-5.0.0-31-lowlatency
|
< 5.0.0-31.33~18.04.1 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-image-5.0.0-31-generic?distro=disco | ubuntu |
linux-image-5.0.0-31-generic
|
< 5.0.0-31.33 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-5.0.0-31-generic?distro=bionic | ubuntu |
linux-image-5.0.0-31-generic
|
< 5.0.0-31.33~18.04.1 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-image-5.0.0-31-generic-lpae?distro=disco | ubuntu |
linux-image-5.0.0-31-generic-lpae
|
< 5.0.0-31.33 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-5.0.0-31-generic-lpae?distro=bionic | ubuntu |
linux-image-5.0.0-31-generic-lpae
|
< 5.0.0-31.33~18.04.1 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-image-5.0.0-1023-snapdragon?distro=disco | ubuntu |
linux-image-5.0.0-1023-snapdragon
|
< 5.0.0-1023.24 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-5.0.0-1022-azure?distro=disco | ubuntu |
linux-image-5.0.0-1022-azure
|
< 5.0.0-1022.23 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-5.0.0-1020-gke?distro=bionic | ubuntu |
linux-image-5.0.0-1020-gke
|
< 5.0.0-1020.20~18.04.1 | bionic | ||
| Affected | pkg:deb/ubuntu/linux-image-5.0.0-1020-gcp?distro=disco | ubuntu |
linux-image-5.0.0-1020-gcp
|
< 5.0.0-1020.20 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-5.0.0-1019-raspi2?distro=disco | ubuntu |
linux-image-5.0.0-1019-raspi2
|
< 5.0.0-1019.19 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-5.0.0-1019-kvm?distro=disco | ubuntu |
linux-image-5.0.0-1019-kvm
|
< 5.0.0-1019.20 | disco | ||
| Affected | pkg:deb/ubuntu/linux-image-5.0.0-1018-aws?distro=disco | ubuntu |
linux-image-5.0.0-1018-aws
|
< 5.0.0-1018.20 | disco |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |