[USN-4163-1] Linux kernel vulnerabilities
Severity
Medium
Affected Packages
55
CVEs
10
Several security issues were fixed in the Linux kernel.
It was discovered that a race condition existed in the ARC EMAC ethernet
driver for the Linux kernel, resulting in a use-after-free vulnerability.
An attacker could use this to cause a denial of service (system crash).
(CVE-2016-10906)
It was discovered that a race condition existed in the Serial Attached SCSI
(SAS) implementation in the Linux kernel when handling certain error
conditions. A local attacker could use this to cause a denial of service
(kernel deadlock). (CVE-2017-18232)
It was discovered that the RSI 91x Wi-Fi driver in the Linux kernel did not
did not handle detach operations correctly, leading to a use-after-free
vulnerability. A physically proximate attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2018-21008)
Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux
kernel did not properly perform bounds checking, leading to a heap
overflow. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2019-14814,
CVE-2019-14816)
Matt Delco discovered that the KVM hypervisor implementation in the Linux
kernel did not properly perform bounds checking when handling coalesced
MMIO write operations. A local attacker with write access to /dev/kvm could
use this to cause a denial of service (system crash). (CVE-2019-14821)
Hui Peng and Mathias Payer discovered that the USB audio driver for the
Linux kernel did not properly validate device meta data. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2019-15117)
Hui Peng and Mathias Payer discovered that the USB audio driver for the
Linux kernel improperly performed recursion while handling device meta
data. A physically proximate attacker could use this to cause a denial of
service (system crash). (CVE-2019-15118)
It was discovered that the Technisat DVB-S/S2 USB device driver in the
Linux kernel contained a buffer overread. A physically proximate attacker
could use this to cause a denial of service (system crash) or possibly
expose sensitive information. (CVE-2019-15505)
Brad Spengler discovered that a Spectre mitigation was improperly
implemented in the ptrace susbsystem of the Linux kernel. A local attacker
could possibly use this to expose sensitive information. (CVE-2019-15902)
- ID
- USN-4163-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-4163-1
- Published
-
2019-10-22T02:40:54
(4 years ago) - Modified
-
2019-10-22T02:40:54
(4 years ago) - Other Advisories
-
-
ALAS-2018-993
-
ALAS-2019-1281
-
ALAS-2019-1293
-
ALAS2-2019-1293
-
ALAS2-2020-1480
-
ALSA-2024:3138
-
DSA-4187-1
-
DSA-4531-1
-
ELSA-2018-3083
-
ELSA-2019-3517
-
ELSA-2019-3979
-
ELSA-2019-4256
-
ELSA-2019-4799
-
ELSA-2019-4800
-
ELSA-2019-4808
-
ELSA-2019-4820
-
ELSA-2020-0339
-
ELSA-2020-0374
-
ELSA-2020-5670
-
ELSA-2020-5676
-
ELSA-2020-5715
-
ELSA-2020-5866
-
ELSA-2024-3138
-
FEDORA-2018-1c80fea1cd
-
FEDORA-2018-1e033dc308
-
FEDORA-2018-2a0f8b2c9d
-
FEDORA-2018-2ee3411cb8
-
FEDORA-2018-2f6df9abfb
-
FEDORA-2018-49bda79bd5
-
FEDORA-2018-4ca01704a2
-
FEDORA-2018-6367a17aa3
-
FEDORA-2018-79d7c3d2df
-
FEDORA-2018-8484550fff
-
FEDORA-2018-884a105c04
-
FEDORA-2018-93c2e74446
-
FEDORA-2018-94315e9a6b
-
FEDORA-2018-9d0e4e40b5
-
FEDORA-2018-b57db4753c
-
FEDORA-2018-b68776e5b0
-
FEDORA-2018-b997780dca
-
FEDORA-2018-ba39fc0e07
-
FEDORA-2018-c0a1284064
-
FEDORA-2018-c449dc1c9c
-
FEDORA-2018-d77cc41f35
-
FEDORA-2018-e378863e47
-
FEDORA-2018-e71875c4aa
-
FEDORA-2018-e8f793bbfc
-
FEDORA-2019-021c968423
-
FEDORA-2019-057d691fd4
-
FEDORA-2019-124a241044
-
FEDORA-2019-15e141c6a7
-
FEDORA-2019-1689d3fe07
-
FEDORA-2019-41e28660ae
-
FEDORA-2019-4c91a2f76e
-
FEDORA-2019-7a3fc17778
-
FEDORA-2019-8846a1a5a2
-
FEDORA-2019-97380355ae
-
FEDORA-2019-a570a92d5a
-
FEDORA-2019-e3010166bd
-
FEDORA-2020-2a5cdd665c
-
FEDORA-2020-c2d89d14d0
-
FEDORA-2020-fe00e12580
-
openSUSE-SU-2019:2173-1
-
openSUSE-SU-2019:2181-1
-
openSUSE-SU-2019:2307-1
-
openSUSE-SU-2019:2308-1
-
RHSA-2018:3083
-
RHSA-2018:3096
-
RHSA-2019:3309
-
RHSA-2019:3517
-
RHSA-2019:3978
-
RHSA-2019:3979
-
RHSA-2019:4256
-
RHSA-2020:0027
-
RHSA-2020:0328
-
RHSA-2020:0339
-
RHSA-2020:0374
-
RHSA-2020:0375
-
RHSA-2020:1016
-
RHSA-2024:2950
-
RHSA-2024:3138
-
RLSA-2024:3138
-
SSA:2019-311-01
-
SSA:2020-086-01
-
SUSE-SU-2019:2263-1
-
SUSE-SU-2019:2299-1
-
SUSE-SU-2019:2412-1
-
SUSE-SU-2019:2414-1
-
SUSE-SU-2019:2424-1
-
SUSE-SU-2019:2648-1
-
SUSE-SU-2019:2651-1
-
SUSE-SU-2019:2658-1
-
SUSE-SU-2019:2706-1
-
SUSE-SU-2019:2710-1
-
SUSE-SU-2019:2738-1
-
SUSE-SU-2019:2756-1
-
SUSE-SU-2019:2879-1
-
SUSE-SU-2019:2949-1
-
SUSE-SU-2019:2950-1
-
SUSE-SU-2019:2984-1
-
SUSE-SU-2019:3200-1
-
SUSE-SU-2019:3295-1
-
SUSE-SU-2020:0093-1
-
SUSE-SU-2020:1255-1
-
SUSE-SU-2020:1275-1
-
SUSE-SU-2020:2491-1
-
SUSE-SU-2020:2526-1
-
USN-4147-1
-
USN-4157-1
-
USN-4157-2
-
USN-4162-1
-
USN-4162-2
-
USN-4163-2
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/linux-image-virtual?distro=xenial | ubuntu |
 linux-image-virtual
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-virtual-lts-xenial?distro=xenial | ubuntu |
linux-image-virtual-lts-xenial
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-virtual-lts-wily?distro=xenial | ubuntu |
linux-image-virtual-lts-wily
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-virtual-lts-vivid?distro=xenial | ubuntu |
linux-image-virtual-lts-vivid
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-virtual-lts-utopic?distro=xenial | ubuntu |
linux-image-virtual-lts-utopic
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-snapdragon?distro=xenial | ubuntu |
linux-image-snapdragon
|
< 4.4.0.1128.120 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-raspi2?distro=xenial | ubuntu |
linux-image-raspi2
|
< 4.4.0.1124.124 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc64-smp?distro=xenial | ubuntu |
linux-image-powerpc64-smp
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc64-smp-lts-xenial?distro=xenial | ubuntu |
linux-image-powerpc64-smp-lts-xenial
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc64-smp-lts-wily?distro=xenial | ubuntu |
linux-image-powerpc64-smp-lts-wily
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc64-smp-lts-vivid?distro=xenial | ubuntu |
linux-image-powerpc64-smp-lts-vivid
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc64-smp-lts-utopic?distro=xenial | ubuntu |
linux-image-powerpc64-smp-lts-utopic
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc64-emb?distro=xenial | ubuntu |
linux-image-powerpc64-emb
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc64-emb-lts-xenial?distro=xenial | ubuntu |
linux-image-powerpc64-emb-lts-xenial
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc64-emb-lts-wily?distro=xenial | ubuntu |
linux-image-powerpc64-emb-lts-wily
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc64-emb-lts-vivid?distro=xenial | ubuntu |
linux-image-powerpc64-emb-lts-vivid
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc64-emb-lts-utopic?distro=xenial | ubuntu |
linux-image-powerpc64-emb-lts-utopic
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc-smp?distro=xenial | ubuntu |
linux-image-powerpc-smp
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc-smp-lts-xenial?distro=xenial | ubuntu |
linux-image-powerpc-smp-lts-xenial
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc-smp-lts-wily?distro=xenial | ubuntu |
linux-image-powerpc-smp-lts-wily
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc-smp-lts-vivid?distro=xenial | ubuntu |
linux-image-powerpc-smp-lts-vivid
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc-smp-lts-utopic?distro=xenial | ubuntu |
linux-image-powerpc-smp-lts-utopic
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc-e500mc?distro=xenial | ubuntu |
linux-image-powerpc-e500mc
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc-e500mc-lts-xenial?distro=xenial | ubuntu |
linux-image-powerpc-e500mc-lts-xenial
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc-e500mc-lts-wily?distro=xenial | ubuntu |
linux-image-powerpc-e500mc-lts-wily
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc-e500mc-lts-vivid?distro=xenial | ubuntu |
linux-image-powerpc-e500mc-lts-vivid
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-powerpc-e500mc-lts-utopic?distro=xenial | ubuntu |
linux-image-powerpc-e500mc-lts-utopic
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-lowlatency?distro=xenial | ubuntu |
linux-image-lowlatency
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-lowlatency-lts-xenial?distro=xenial | ubuntu |
linux-image-lowlatency-lts-xenial
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-lowlatency-lts-wily?distro=xenial | ubuntu |
linux-image-lowlatency-lts-wily
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-lowlatency-lts-vivid?distro=xenial | ubuntu |
linux-image-lowlatency-lts-vivid
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-lowlatency-lts-utopic?distro=xenial | ubuntu |
linux-image-lowlatency-lts-utopic
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-kvm?distro=xenial | ubuntu |
linux-image-kvm
|
< 4.4.0.1060.60 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-generic?distro=xenial | ubuntu |
linux-image-generic
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-generic-lts-xenial?distro=xenial | ubuntu |
linux-image-generic-lts-xenial
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-generic-lts-wily?distro=xenial | ubuntu |
linux-image-generic-lts-wily
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-generic-lts-vivid?distro=xenial | ubuntu |
linux-image-generic-lts-vivid
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-generic-lts-utopic?distro=xenial | ubuntu |
linux-image-generic-lts-utopic
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-generic-lpae?distro=xenial | ubuntu |
linux-image-generic-lpae
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-generic-lpae-lts-xenial?distro=xenial | ubuntu |
linux-image-generic-lpae-lts-xenial
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-generic-lpae-lts-wily?distro=xenial | ubuntu |
linux-image-generic-lpae-lts-wily
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-generic-lpae-lts-vivid?distro=xenial | ubuntu |
linux-image-generic-lpae-lts-vivid
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-generic-lpae-lts-utopic?distro=xenial | ubuntu |
linux-image-generic-lpae-lts-utopic
|
< 4.4.0.166.174 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-aws?distro=xenial | ubuntu |
linux-image-aws
|
< 4.4.0.1096.100 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-166-powerpc64-smp?distro=xenial | ubuntu |
linux-image-4.4.0-166-powerpc64-smp
|
< 4.4.0-166.195 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-166-powerpc64-emb?distro=xenial | ubuntu |
linux-image-4.4.0-166-powerpc64-emb
|
< 4.4.0-166.195 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-166-powerpc-smp?distro=xenial | ubuntu |
linux-image-4.4.0-166-powerpc-smp
|
< 4.4.0-166.195 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-166-powerpc-e500mc?distro=xenial | ubuntu |
linux-image-4.4.0-166-powerpc-e500mc
|
< 4.4.0-166.195 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-166-lowlatency?distro=xenial | ubuntu |
linux-image-4.4.0-166-lowlatency
|
< 4.4.0-166.195 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-166-generic?distro=xenial | ubuntu |
linux-image-4.4.0-166-generic
|
< 4.4.0-166.195 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-166-generic-lpae?distro=xenial | ubuntu |
linux-image-4.4.0-166-generic-lpae
|
< 4.4.0-166.195 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-1128-snapdragon?distro=xenial | ubuntu |
linux-image-4.4.0-1128-snapdragon
|
< 4.4.0-1128.136 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-1124-raspi2?distro=xenial | ubuntu |
linux-image-4.4.0-1124-raspi2
|
< 4.4.0-1124.133 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-1096-aws?distro=xenial | ubuntu |
linux-image-4.4.0-1096-aws
|
< 4.4.0-1096.107 | xenial | ||
| Affected | pkg:deb/ubuntu/linux-image-4.4.0-1060-kvm?distro=xenial | ubuntu |
linux-image-4.4.0-1060-kvm
|
< 4.4.0-1060.67 | xenial |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |