1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-4161-1

[USN-4161-1] Linux kernel vulnerability

Severity High
Affected Packages 20
CVEs 1
Info Packages Vulnerabilities

The system could be made to crash under certain conditions.

It was discovered that the IPv6 routing implementation in the Linux kernel
contained a reference counting error leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code.

Package Affected Version
pkg:deb/ubuntu/linux-image-virtual?distro=eoan < 5.3.0.19.22
pkg:deb/ubuntu/linux-image-snapdragon?distro=eoan < 5.3.0.19.22
pkg:deb/ubuntu/linux-image-raspi2?distro=eoan < 5.3.0.1008.4
pkg:deb/ubuntu/linux-image-lowlatency?distro=eoan < 5.3.0.19.22
pkg:deb/ubuntu/linux-image-kvm?distro=eoan < 5.3.0.1004.4
pkg:deb/ubuntu/linux-image-gke?distro=eoan < 5.3.0.1005.5
pkg:deb/ubuntu/linux-image-generic?distro=eoan < 5.3.0.19.22
pkg:deb/ubuntu/linux-image-generic-lpae?distro=eoan < 5.3.0.19.22
pkg:deb/ubuntu/linux-image-gcp?distro=eoan < 5.3.0.1005.5
pkg:deb/ubuntu/linux-image-azure?distro=eoan < 5.3.0.1004.21
pkg:deb/ubuntu/linux-image-aws?distro=eoan < 5.3.0.1004.5
pkg:deb/ubuntu/linux-image-5.3.0-19-snapdragon?distro=eoan < 5.3.0-19.20
pkg:deb/ubuntu/linux-image-5.3.0-19-lowlatency?distro=eoan < 5.3.0-19.20
pkg:deb/ubuntu/linux-image-5.3.0-19-generic?distro=eoan < 5.3.0-19.20
pkg:deb/ubuntu/linux-image-5.3.0-19-generic-lpae?distro=eoan < 5.3.0-19.20
pkg:deb/ubuntu/linux-image-5.3.0-1008-raspi2?distro=eoan < 5.3.0-1008.9
pkg:deb/ubuntu/linux-image-5.3.0-1005-gcp?distro=eoan < 5.3.0-1005.5
pkg:deb/ubuntu/linux-image-5.3.0-1004-kvm?distro=eoan < 5.3.0-1004.4
pkg:deb/ubuntu/linux-image-5.3.0-1004-azure?distro=eoan < 5.3.0-1004.4
pkg:deb/ubuntu/linux-image-5.3.0-1004-aws?distro=eoan < 5.3.0-1004.4
ID
USN-4161-1
Severity
high
Severity from
CVE-2019-18198
URL
https://ubuntu.com/security/notices/USN-4161-1
Published
2019-10-21T20:16:13
(4 years ago)
Modified
2019-10-21T20:16:13
(4 years ago)
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-image-virtual?distro=eoan ubuntu linux-image-virtual < 5.3.0.19.22 eoan
Affected pkg:deb/ubuntu/linux-image-snapdragon?distro=eoan ubuntu linux-image-snapdragon < 5.3.0.19.22 eoan
Affected pkg:deb/ubuntu/linux-image-raspi2?distro=eoan ubuntu linux-image-raspi2 < 5.3.0.1008.4 eoan
Affected pkg:deb/ubuntu/linux-image-lowlatency?distro=eoan ubuntu linux-image-lowlatency < 5.3.0.19.22 eoan
Affected pkg:deb/ubuntu/linux-image-kvm?distro=eoan ubuntu linux-image-kvm < 5.3.0.1004.4 eoan
Affected pkg:deb/ubuntu/linux-image-gke?distro=eoan ubuntu linux-image-gke < 5.3.0.1005.5 eoan
Affected pkg:deb/ubuntu/linux-image-generic?distro=eoan ubuntu linux-image-generic < 5.3.0.19.22 eoan
Affected pkg:deb/ubuntu/linux-image-generic-lpae?distro=eoan ubuntu linux-image-generic-lpae < 5.3.0.19.22 eoan
Affected pkg:deb/ubuntu/linux-image-gcp?distro=eoan ubuntu linux-image-gcp < 5.3.0.1005.5 eoan
Affected pkg:deb/ubuntu/linux-image-azure?distro=eoan ubuntu linux-image-azure < 5.3.0.1004.21 eoan
Affected pkg:deb/ubuntu/linux-image-aws?distro=eoan ubuntu linux-image-aws < 5.3.0.1004.5 eoan
Affected pkg:deb/ubuntu/linux-image-5.3.0-19-snapdragon?distro=eoan ubuntu linux-image-5.3.0-19-snapdragon < 5.3.0-19.20 eoan
Affected pkg:deb/ubuntu/linux-image-5.3.0-19-lowlatency?distro=eoan ubuntu linux-image-5.3.0-19-lowlatency < 5.3.0-19.20 eoan
Affected pkg:deb/ubuntu/linux-image-5.3.0-19-generic?distro=eoan ubuntu linux-image-5.3.0-19-generic < 5.3.0-19.20 eoan
Affected pkg:deb/ubuntu/linux-image-5.3.0-19-generic-lpae?distro=eoan ubuntu linux-image-5.3.0-19-generic-lpae < 5.3.0-19.20 eoan
Affected pkg:deb/ubuntu/linux-image-5.3.0-1008-raspi2?distro=eoan ubuntu linux-image-5.3.0-1008-raspi2 < 5.3.0-1008.9 eoan
Affected pkg:deb/ubuntu/linux-image-5.3.0-1005-gcp?distro=eoan ubuntu linux-image-5.3.0-1005-gcp < 5.3.0-1005.5 eoan
Affected pkg:deb/ubuntu/linux-image-5.3.0-1004-kvm?distro=eoan ubuntu linux-image-5.3.0-1004-kvm < 5.3.0-1004.4 eoan
Affected pkg:deb/ubuntu/linux-image-5.3.0-1004-azure?distro=eoan ubuntu linux-image-5.3.0-1004-azure < 5.3.0-1004.4 eoan
Affected pkg:deb/ubuntu/linux-image-5.3.0-1004-aws?distro=eoan ubuntu linux-image-5.3.0-1004-aws < 5.3.0-1004.4 eoan
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date