1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-4227-1

[USN-4227-1] Linux kernel vulnerabilities

Severity Medium
Affected Packages 54
CVEs 14
Info Packages Vulnerabilities

Several security issues were fixed in the Linux kernel.

It was discovered that a heap-based buffer overflow existed in the Marvell
WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2019-14895, CVE-2019-14901)

It was discovered that a heap-based buffer overflow existed in the Marvell
Libertas WLAN Driver for the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2019-14896, CVE-2019-14897)

It was discovered that the Fujitsu ES network device driver for the Linux
kernel did not properly check for errors in some situations, leading to a
NULL pointer dereference. A local attacker could use this to cause a denial
of service. (CVE-2019-16231)

It was discovered that the QLogic Fibre Channel driver in the Linux kernel
did not properly check for error, leading to a NULL pointer dereference. A
local attacker could possibly use this to cause a denial of service (system
crash). (CVE-2019-16233)

Anthony Steinhauser discovered that the Linux kernel did not properly
perform Spectre_RSB mitigations to all processors for PowerPC architecture
systems in some situations. A local attacker could use this to expose
sensitive information. (CVE-2019-18660)

It was discovered that the Mellanox Technologies Innova driver in the Linux
kernel did not properly deallocate memory in certain failure conditions. A
local attacker could use this to cause a denial of service (kernel memory
exhaustion). (CVE-2019-19045)

It was discovered that Geschwister Schneider USB CAN interface driver in
the Linux kernel did not properly deallocate memory in certain failure
conditions. A physically proximate attacker could use this to cause a
denial of service (kernel memory exhaustion). (CVE-2019-19052)

It was discovered that the AMD Display Engine Driver in the Linux kernel
did not properly deallocate memory in certain error conditions. A local
attack could use this to cause a denial of service (memory exhaustion).
(CVE-2019-19083)

It was discovered that the driver for memoryless force-feedback input
devices in the Linux kernel contained a use-after-free vulnerability. A
physically proximate attacker could possibly use this to cause a denial of
service (system crash) or execute arbitrary code. (CVE-2019-19524)

It was discovered that the Microchip CAN BUS Analyzer driver in the Linux
kernel contained a use-after-free vulnerability on device disconnect. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2019-19529)

It was discovered that the PEAK-System Technik USB driver in the Linux
kernel did not properly sanitize memory before sending it to the device. A
physically proximate attacker could use this to expose sensitive
information (kernel memory). (CVE-2019-19534)

Tristan Madani discovered that the ALSA timer implementation in the Linux
kernel contained a use-after-free vulnerability. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2019-19807)

Package Affected Version
pkg:deb/ubuntu/linux-image-virtual?distro=bionic < 4.15.0.74.76
pkg:deb/ubuntu/linux-image-virtual-hwe-16.04?distro=xenial < 4.15.0.74.94
pkg:deb/ubuntu/linux-image-virtual-hwe-16.04?distro=bionic < 4.15.0.74.76
pkg:deb/ubuntu/linux-image-virtual-hwe-16.04-edge?distro=xenial < 4.15.0.74.94
pkg:deb/ubuntu/linux-image-virtual-hwe-16.04-edge?distro=bionic < 4.15.0.74.76
pkg:deb/ubuntu/linux-image-snapdragon?distro=bionic < 4.15.0.1070.73
pkg:deb/ubuntu/linux-image-raspi2?distro=bionic < 4.15.0.1053.51
pkg:deb/ubuntu/linux-image-oracle?distro=xenial < 4.15.0.1031.24
pkg:deb/ubuntu/linux-image-oracle?distro=bionic < 4.15.0.1031.36
pkg:deb/ubuntu/linux-image-oracle-lts-18.04?distro=bionic < 4.15.0.1031.36
pkg:deb/ubuntu/linux-image-oem?distro=xenial < 4.15.0.74.94
pkg:deb/ubuntu/linux-image-oem?distro=bionic < 4.15.0.1066.70
pkg:deb/ubuntu/linux-image-lowlatency?distro=bionic < 4.15.0.74.76
pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04?distro=xenial < 4.15.0.74.94
pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04?distro=bionic < 4.15.0.74.76
pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04-edge?distro=xenial < 4.15.0.74.94
pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04-edge?distro=bionic < 4.15.0.74.76
pkg:deb/ubuntu/linux-image-kvm?distro=bionic < 4.15.0.1052.52
pkg:deb/ubuntu/linux-image-gke?distro=xenial < 4.15.0.1052.66
pkg:deb/ubuntu/linux-image-gke?distro=bionic < 4.15.0.1050.53
pkg:deb/ubuntu/linux-image-gke-4.15?distro=bionic < 4.15.0.1050.53
pkg:deb/ubuntu/linux-image-generic?distro=bionic < 4.15.0.74.76
pkg:deb/ubuntu/linux-image-generic-lpae?distro=bionic < 4.15.0.74.76
pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04?distro=xenial < 4.15.0.74.94
pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04?distro=bionic < 4.15.0.74.76
pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04-edge?distro=xenial < 4.15.0.74.94
pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04-edge?distro=bionic < 4.15.0.74.76
pkg:deb/ubuntu/linux-image-generic-hwe-16.04?distro=xenial < 4.15.0.74.94
pkg:deb/ubuntu/linux-image-generic-hwe-16.04?distro=bionic < 4.15.0.74.76
pkg:deb/ubuntu/linux-image-generic-hwe-16.04-edge?distro=xenial < 4.15.0.74.94
pkg:deb/ubuntu/linux-image-generic-hwe-16.04-edge?distro=bionic < 4.15.0.74.76
pkg:deb/ubuntu/linux-image-gcp?distro=xenial < 4.15.0.1052.66
pkg:deb/ubuntu/linux-image-azure?distro=xenial < 4.15.0.1066.69
pkg:deb/ubuntu/linux-image-azure-edge?distro=xenial < 4.15.0.1066.69
pkg:deb/ubuntu/linux-image-aws?distro=bionic < 4.15.0.1057.58
pkg:deb/ubuntu/linux-image-aws-lts-18.04?distro=bionic < 4.15.0.1057.58
pkg:deb/ubuntu/linux-image-aws-hwe?distro=xenial < 4.15.0.1057.57
pkg:deb/ubuntu/linux-image-4.15.0-74-lowlatency?distro=xenial < 4.15.0-74.83~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-74-lowlatency?distro=bionic < 4.15.0-74.84
pkg:deb/ubuntu/linux-image-4.15.0-74-generic?distro=xenial < 4.15.0-74.83~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-74-generic?distro=bionic < 4.15.0-74.84
pkg:deb/ubuntu/linux-image-4.15.0-74-generic-lpae?distro=xenial < 4.15.0-74.83~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-74-generic-lpae?distro=bionic < 4.15.0-74.84
pkg:deb/ubuntu/linux-image-4.15.0-1070-snapdragon?distro=bionic < 4.15.0-1070.77
pkg:deb/ubuntu/linux-image-4.15.0-1066-oem?distro=bionic < 4.15.0-1066.76
pkg:deb/ubuntu/linux-image-4.15.0-1066-azure?distro=xenial < 4.15.0-1066.71
pkg:deb/ubuntu/linux-image-4.15.0-1057-aws?distro=xenial < 4.15.0-1057.59~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-1057-aws?distro=bionic < 4.15.0-1057.59
pkg:deb/ubuntu/linux-image-4.15.0-1053-raspi2?distro=bionic < 4.15.0-1053.57
pkg:deb/ubuntu/linux-image-4.15.0-1052-kvm?distro=bionic < 4.15.0-1052.52
pkg:deb/ubuntu/linux-image-4.15.0-1052-gcp?distro=xenial < 4.15.0-1052.56
pkg:deb/ubuntu/linux-image-4.15.0-1050-gke?distro=bionic < 4.15.0-1050.53
pkg:deb/ubuntu/linux-image-4.15.0-1031-oracle?distro=xenial < 4.15.0-1031.34~16.04.1
pkg:deb/ubuntu/linux-image-4.15.0-1031-oracle?distro=bionic < 4.15.0-1031.34
ID
USN-4227-1
Severity
medium
URL
https://ubuntu.com/security/notices/USN-4227-1
Published
2020-01-07T02:24:33
(4 years ago)
Modified
2020-01-07T02:24:33
(4 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-image-virtual?distro=bionic ubuntu linux-image-virtual < 4.15.0.74.76 bionic
Affected pkg:deb/ubuntu/linux-image-virtual-hwe-16.04?distro=xenial ubuntu linux-image-virtual-hwe-16.04 < 4.15.0.74.94 xenial
Affected pkg:deb/ubuntu/linux-image-virtual-hwe-16.04?distro=bionic ubuntu linux-image-virtual-hwe-16.04 < 4.15.0.74.76 bionic
Affected pkg:deb/ubuntu/linux-image-virtual-hwe-16.04-edge?distro=xenial ubuntu linux-image-virtual-hwe-16.04-edge < 4.15.0.74.94 xenial
Affected pkg:deb/ubuntu/linux-image-virtual-hwe-16.04-edge?distro=bionic ubuntu linux-image-virtual-hwe-16.04-edge < 4.15.0.74.76 bionic
Affected pkg:deb/ubuntu/linux-image-snapdragon?distro=bionic ubuntu linux-image-snapdragon < 4.15.0.1070.73 bionic
Affected pkg:deb/ubuntu/linux-image-raspi2?distro=bionic ubuntu linux-image-raspi2 < 4.15.0.1053.51 bionic
Affected pkg:deb/ubuntu/linux-image-oracle?distro=xenial ubuntu linux-image-oracle < 4.15.0.1031.24 xenial
Affected pkg:deb/ubuntu/linux-image-oracle?distro=bionic ubuntu linux-image-oracle < 4.15.0.1031.36 bionic
Affected pkg:deb/ubuntu/linux-image-oracle-lts-18.04?distro=bionic ubuntu linux-image-oracle-lts-18.04 < 4.15.0.1031.36 bionic
Affected pkg:deb/ubuntu/linux-image-oem?distro=xenial ubuntu linux-image-oem < 4.15.0.74.94 xenial
Affected pkg:deb/ubuntu/linux-image-oem?distro=bionic ubuntu linux-image-oem < 4.15.0.1066.70 bionic
Affected pkg:deb/ubuntu/linux-image-lowlatency?distro=bionic ubuntu linux-image-lowlatency < 4.15.0.74.76 bionic
Affected pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04?distro=xenial ubuntu linux-image-lowlatency-hwe-16.04 < 4.15.0.74.94 xenial
Affected pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04?distro=bionic ubuntu linux-image-lowlatency-hwe-16.04 < 4.15.0.74.76 bionic
Affected pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04-edge?distro=xenial ubuntu linux-image-lowlatency-hwe-16.04-edge < 4.15.0.74.94 xenial
Affected pkg:deb/ubuntu/linux-image-lowlatency-hwe-16.04-edge?distro=bionic ubuntu linux-image-lowlatency-hwe-16.04-edge < 4.15.0.74.76 bionic
Affected pkg:deb/ubuntu/linux-image-kvm?distro=bionic ubuntu linux-image-kvm < 4.15.0.1052.52 bionic
Affected pkg:deb/ubuntu/linux-image-gke?distro=xenial ubuntu linux-image-gke < 4.15.0.1052.66 xenial
Affected pkg:deb/ubuntu/linux-image-gke?distro=bionic ubuntu linux-image-gke < 4.15.0.1050.53 bionic
Affected pkg:deb/ubuntu/linux-image-gke-4.15?distro=bionic ubuntu linux-image-gke-4.15 < 4.15.0.1050.53 bionic
Affected pkg:deb/ubuntu/linux-image-generic?distro=bionic ubuntu linux-image-generic < 4.15.0.74.76 bionic
Affected pkg:deb/ubuntu/linux-image-generic-lpae?distro=bionic ubuntu linux-image-generic-lpae < 4.15.0.74.76 bionic
Affected pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04?distro=xenial ubuntu linux-image-generic-lpae-hwe-16.04 < 4.15.0.74.94 xenial
Affected pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04?distro=bionic ubuntu linux-image-generic-lpae-hwe-16.04 < 4.15.0.74.76 bionic
Affected pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04-edge?distro=xenial ubuntu linux-image-generic-lpae-hwe-16.04-edge < 4.15.0.74.94 xenial
Affected pkg:deb/ubuntu/linux-image-generic-lpae-hwe-16.04-edge?distro=bionic ubuntu linux-image-generic-lpae-hwe-16.04-edge < 4.15.0.74.76 bionic
Affected pkg:deb/ubuntu/linux-image-generic-hwe-16.04?distro=xenial ubuntu linux-image-generic-hwe-16.04 < 4.15.0.74.94 xenial
Affected pkg:deb/ubuntu/linux-image-generic-hwe-16.04?distro=bionic ubuntu linux-image-generic-hwe-16.04 < 4.15.0.74.76 bionic
Affected pkg:deb/ubuntu/linux-image-generic-hwe-16.04-edge?distro=xenial ubuntu linux-image-generic-hwe-16.04-edge < 4.15.0.74.94 xenial
Affected pkg:deb/ubuntu/linux-image-generic-hwe-16.04-edge?distro=bionic ubuntu linux-image-generic-hwe-16.04-edge < 4.15.0.74.76 bionic
Affected pkg:deb/ubuntu/linux-image-gcp?distro=xenial ubuntu linux-image-gcp < 4.15.0.1052.66 xenial
Affected pkg:deb/ubuntu/linux-image-azure?distro=xenial ubuntu linux-image-azure < 4.15.0.1066.69 xenial
Affected pkg:deb/ubuntu/linux-image-azure-edge?distro=xenial ubuntu linux-image-azure-edge < 4.15.0.1066.69 xenial
Affected pkg:deb/ubuntu/linux-image-aws?distro=bionic ubuntu linux-image-aws < 4.15.0.1057.58 bionic
Affected pkg:deb/ubuntu/linux-image-aws-lts-18.04?distro=bionic ubuntu linux-image-aws-lts-18.04 < 4.15.0.1057.58 bionic
Affected pkg:deb/ubuntu/linux-image-aws-hwe?distro=xenial ubuntu linux-image-aws-hwe < 4.15.0.1057.57 xenial
Affected pkg:deb/ubuntu/linux-image-4.15.0-74-lowlatency?distro=xenial ubuntu linux-image-4.15.0-74-lowlatency < 4.15.0-74.83~16.04.1 xenial
Affected pkg:deb/ubuntu/linux-image-4.15.0-74-lowlatency?distro=bionic ubuntu linux-image-4.15.0-74-lowlatency < 4.15.0-74.84 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-74-generic?distro=xenial ubuntu linux-image-4.15.0-74-generic < 4.15.0-74.83~16.04.1 xenial
Affected pkg:deb/ubuntu/linux-image-4.15.0-74-generic?distro=bionic ubuntu linux-image-4.15.0-74-generic < 4.15.0-74.84 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-74-generic-lpae?distro=xenial ubuntu linux-image-4.15.0-74-generic-lpae < 4.15.0-74.83~16.04.1 xenial
Affected pkg:deb/ubuntu/linux-image-4.15.0-74-generic-lpae?distro=bionic ubuntu linux-image-4.15.0-74-generic-lpae < 4.15.0-74.84 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-1070-snapdragon?distro=bionic ubuntu linux-image-4.15.0-1070-snapdragon < 4.15.0-1070.77 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-1066-oem?distro=bionic ubuntu linux-image-4.15.0-1066-oem < 4.15.0-1066.76 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-1066-azure?distro=xenial ubuntu linux-image-4.15.0-1066-azure < 4.15.0-1066.71 xenial
Affected pkg:deb/ubuntu/linux-image-4.15.0-1057-aws?distro=xenial ubuntu linux-image-4.15.0-1057-aws < 4.15.0-1057.59~16.04.1 xenial
Affected pkg:deb/ubuntu/linux-image-4.15.0-1057-aws?distro=bionic ubuntu linux-image-4.15.0-1057-aws < 4.15.0-1057.59 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-1053-raspi2?distro=bionic ubuntu linux-image-4.15.0-1053-raspi2 < 4.15.0-1053.57 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-1052-kvm?distro=bionic ubuntu linux-image-4.15.0-1052-kvm < 4.15.0-1052.52 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-1052-gcp?distro=xenial ubuntu linux-image-4.15.0-1052-gcp < 4.15.0-1052.56 xenial
Affected pkg:deb/ubuntu/linux-image-4.15.0-1050-gke?distro=bionic ubuntu linux-image-4.15.0-1050-gke < 4.15.0-1050.53 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-1031-oracle?distro=xenial ubuntu linux-image-4.15.0-1031-oracle < 4.15.0-1031.34~16.04.1 xenial
Affected pkg:deb/ubuntu/linux-image-4.15.0-1031-oracle?distro=bionic ubuntu linux-image-4.15.0-1031-oracle < 4.15.0-1031.34 bionic
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date