1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-4157-1

[USN-4157-1] Linux kernel vulnerabilities

Severity Critical
Affected Packages 20
CVEs 9
Info Packages Vulnerabilities

Several security issues were fixed in the Linux kernel.

Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux
kernel did not properly perform bounds checking, leading to a heap
overflow. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2019-14814,
CVE-2019-14815, CVE-2019-14816)

Matt Delco discovered that the KVM hypervisor implementation in the Linux
kernel did not properly perform bounds checking when handling coalesced
MMIO write operations. A local attacker with write access to /dev/kvm could
use this to cause a denial of service (system crash). (CVE-2019-14821)

Hui Peng and Mathias Payer discovered that the 91x Wi-Fi driver in the
Linux kernel did not properly handle error conditions on initialization,
leading to a double-free vulnerability. A physically proximate attacker
could use this to cause a denial of service (system crash).
(CVE-2019-15504)

It was discovered that the Technisat DVB-S/S2 USB device driver in the
Linux kernel contained a buffer overread. A physically proximate attacker
could use this to cause a denial of service (system crash) or possibly
expose sensitive information. (CVE-2019-15505)

Brad Spengler discovered that a Spectre mitigation was improperly
implemented in the ptrace susbsystem of the Linux kernel. A local attacker
could possibly use this to expose sensitive information. (CVE-2019-15902)

It was discovered that the IPv6 RDS implementation in the Linux kernel did
not properly initialize fields in a data structure returned to user space.
A local attacker could use this to expose sensitive information (kernel
memory). Please note that the RDS protocol is disabled via blocklist in
Ubuntu by default. (CVE-2019-16714)

It was discovered that an integer overflow existed in the Binder
implementation of the Linux kernel, leading to a buffer overflow. A local
attacker could use this to escalate privileges. (CVE-2019-2181)

Package Affected Version
pkg:deb/ubuntu/linux-image-virtual?distro=disco < 5.0.0.32.33
pkg:deb/ubuntu/linux-image-snapdragon?distro=disco < 5.0.0.1024.17
pkg:deb/ubuntu/linux-image-raspi2?distro=disco < 5.0.0.1020.17
pkg:deb/ubuntu/linux-image-lowlatency?distro=disco < 5.0.0.32.33
pkg:deb/ubuntu/linux-image-kvm?distro=disco < 5.0.0.1020.20
pkg:deb/ubuntu/linux-image-gke?distro=disco < 5.0.0.1021.47
pkg:deb/ubuntu/linux-image-generic?distro=disco < 5.0.0.32.33
pkg:deb/ubuntu/linux-image-generic-lpae?distro=disco < 5.0.0.32.33
pkg:deb/ubuntu/linux-image-gcp?distro=disco < 5.0.0.1021.47
pkg:deb/ubuntu/linux-image-azure?distro=disco < 5.0.0.1023.22
pkg:deb/ubuntu/linux-image-aws?distro=disco < 5.0.0.1019.20
pkg:deb/ubuntu/linux-image-5.0.0-32-lowlatency?distro=disco < 5.0.0-32.34
pkg:deb/ubuntu/linux-image-5.0.0-32-generic?distro=disco < 5.0.0-32.34
pkg:deb/ubuntu/linux-image-5.0.0-32-generic-lpae?distro=disco < 5.0.0-32.34
pkg:deb/ubuntu/linux-image-5.0.0-1024-snapdragon?distro=disco < 5.0.0-1024.25
pkg:deb/ubuntu/linux-image-5.0.0-1023-azure?distro=disco < 5.0.0-1023.24
pkg:deb/ubuntu/linux-image-5.0.0-1021-gcp?distro=disco < 5.0.0-1021.21
pkg:deb/ubuntu/linux-image-5.0.0-1020-raspi2?distro=disco < 5.0.0-1020.20
pkg:deb/ubuntu/linux-image-5.0.0-1020-kvm?distro=disco < 5.0.0-1020.21
pkg:deb/ubuntu/linux-image-5.0.0-1019-aws?distro=disco < 5.0.0-1019.21
ID
USN-4157-1
Severity
critical
Severity from
CVE-2019-15504
URL
https://ubuntu.com/security/notices/USN-4157-1
Published
2019-10-17T00:52:55
(4 years ago)
Modified
2019-10-17T00:52:55
(4 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-image-virtual?distro=disco ubuntu linux-image-virtual < 5.0.0.32.33 disco
Affected pkg:deb/ubuntu/linux-image-snapdragon?distro=disco ubuntu linux-image-snapdragon < 5.0.0.1024.17 disco
Affected pkg:deb/ubuntu/linux-image-raspi2?distro=disco ubuntu linux-image-raspi2 < 5.0.0.1020.17 disco
Affected pkg:deb/ubuntu/linux-image-lowlatency?distro=disco ubuntu linux-image-lowlatency < 5.0.0.32.33 disco
Affected pkg:deb/ubuntu/linux-image-kvm?distro=disco ubuntu linux-image-kvm < 5.0.0.1020.20 disco
Affected pkg:deb/ubuntu/linux-image-gke?distro=disco ubuntu linux-image-gke < 5.0.0.1021.47 disco
Affected pkg:deb/ubuntu/linux-image-generic?distro=disco ubuntu linux-image-generic < 5.0.0.32.33 disco
Affected pkg:deb/ubuntu/linux-image-generic-lpae?distro=disco ubuntu linux-image-generic-lpae < 5.0.0.32.33 disco
Affected pkg:deb/ubuntu/linux-image-gcp?distro=disco ubuntu linux-image-gcp < 5.0.0.1021.47 disco
Affected pkg:deb/ubuntu/linux-image-azure?distro=disco ubuntu linux-image-azure < 5.0.0.1023.22 disco
Affected pkg:deb/ubuntu/linux-image-aws?distro=disco ubuntu linux-image-aws < 5.0.0.1019.20 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-32-lowlatency?distro=disco ubuntu linux-image-5.0.0-32-lowlatency < 5.0.0-32.34 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-32-generic?distro=disco ubuntu linux-image-5.0.0-32-generic < 5.0.0-32.34 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-32-generic-lpae?distro=disco ubuntu linux-image-5.0.0-32-generic-lpae < 5.0.0-32.34 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1024-snapdragon?distro=disco ubuntu linux-image-5.0.0-1024-snapdragon < 5.0.0-1024.25 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1023-azure?distro=disco ubuntu linux-image-5.0.0-1023-azure < 5.0.0-1023.24 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1021-gcp?distro=disco ubuntu linux-image-5.0.0-1021-gcp < 5.0.0-1021.21 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1020-raspi2?distro=disco ubuntu linux-image-5.0.0-1020-raspi2 < 5.0.0-1020.20 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1020-kvm?distro=disco ubuntu linux-image-5.0.0-1020-kvm < 5.0.0-1020.21 disco
Affected pkg:deb/ubuntu/linux-image-5.0.0-1019-aws?distro=disco ubuntu linux-image-5.0.0-1019-aws < 5.0.0-1019.21 disco
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date