USN-4041-2

See a problem?

Source

https://ubuntu.com/security/notices/USN-4041-2

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4041-2.json

JSON Data

https://api.osv.dev/v1/vulns/USN-4041-2

Related

CVE-2019-11479
UBUNTU-CVE-2019-11479

Published

2019-06-29T04:59:04.517510Z

Modified

2019-06-29T04:59:04.517510Z

Summary

linux-lts-xenial, linux-aws, linux-azure update

Details

USN-4041-1 provided updates for the Linux kernel in Ubuntu. This update provides the corresponding updates for the Linux kernel for Ubuntu 16.04 ESM.

USN-4017-2 fixed vulnerabilities in the Linux kernel. Unfortunately, the update introduced a regression that interfered with networking applications that setup very low SO_SNDBUF values. This update fixes the problem.

We apologize for the inconvenience.

Jonathan Looney discovered that the Linux kernel could be coerced into segmenting responses into multiple TCP segments. A remote attacker could construct an ongoing sequence of requests to cause a denial of service. (CVE-2019-11479)

References

Affected packages

Ubuntu:14.04:LTS / linux-aws

Package

Name: linux-aws
Purl: pkg:deb/ubuntu/linux-aws@4.4.0-1048.52?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-1048.52

Affected versions

4.*

4.4.0-1002.2

4.4.0-1003.3

4.4.0-1005.5

4.4.0-1006.6

4.4.0-1009.9

4.4.0-1010.10

4.4.0-1011.11

4.4.0-1012.12

4.4.0-1014.14

4.4.0-1016.16

4.4.0-1017.17

4.4.0-1019.19

4.4.0-1022.22

4.4.0-1023.23

4.4.0-1024.25

4.4.0-1025.26

4.4.0-1027.30

4.4.0-1028.31

4.4.0-1029.32

4.4.0-1031.34

4.4.0-1032.35

4.4.0-1034.37

4.4.0-1036.39

4.4.0-1037.40

4.4.0-1038.41

4.4.0-1039.42

4.4.0-1040.43

4.4.0-1042.45

4.4.0-1044.47

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "linux-image-4.4.0-1048-aws": "4.4.0-1048.52"
        }
    ]
}

Ubuntu:14.04:LTS / linux-azure

Package

Name: linux-azure
Purl: pkg:deb/ubuntu/linux-azure@4.15.0-1049.54~14.04.1?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.15.0-1049.54~14.04.1

Affected versions

4.*

4.15.0-1023.24~14.04.1

4.15.0-1030.31~14.04.1

4.15.0-1031.32~14.04.1

4.15.0-1032.33~14.04.2

4.15.0-1035.36~14.04.2

4.15.0-1036.38~14.04.2

4.15.0-1037.39~14.04.2

4.15.0-1039.41~14.04.2

4.15.0-1040.44~14.04.1

4.15.0-1041.45~14.04.1

4.15.0-1042.46~14.04.1

4.15.0-1045.49~14.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "linux-image-4.15.0-1049-azure": "4.15.0-1049.54~14.04.1"
        }
    ]
}

Ubuntu:14.04:LTS / linux-lts-xenial

Package

Name: linux-lts-xenial
Purl: pkg:deb/ubuntu/linux-lts-xenial@4.4.0-154.181~14.04.1?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-154.181~14.04.1

Affected versions

4.*

4.4.0-13.29~14.04.1

4.4.0-14.30~14.04.2

4.4.0-15.31~14.04.1

4.4.0-18.34~14.04.1

4.4.0-21.37~14.04.1

4.4.0-22.39~14.04.1

4.4.0-22.40~14.04.1

4.4.0-24.43~14.04.1

4.4.0-28.47~14.04.1

4.4.0-31.50~14.04.1

4.4.0-34.53~14.04.1

4.4.0-36.55~14.04.1

4.4.0-38.57~14.04.1

4.4.0-42.62~14.04.1

4.4.0-45.66~14.04.1

4.4.0-47.68~14.04.1

4.4.0-51.72~14.04.1

4.4.0-53.74~14.04.1

4.4.0-57.78~14.04.1

4.4.0-59.80~14.04.1

4.4.0-62.83~14.04.1

4.4.0-63.84~14.04.2

4.4.0-64.85~14.04.1

4.4.0-66.87~14.04.1

4.4.0-67.88~14.04.1

4.4.0-70.91~14.04.1

4.4.0-71.92~14.04.1

4.4.0-72.93~14.04.1

4.4.0-75.96~14.04.1

4.4.0-78.99~14.04.2

4.4.0-79.100~14.04.1

4.4.0-81.104~14.04.1

4.4.0-83.106~14.04.1

4.4.0-87.110~14.04.1

4.4.0-89.112~14.04.1

4.4.0-91.114~14.04.1

4.4.0-92.115~14.04.1

4.4.0-93.116~14.04.1

4.4.0-96.119~14.04.1

4.4.0-97.120~14.04.1

4.4.0-98.121~14.04.1

4.4.0-101.124~14.04.1

4.4.0-103.126~14.04.1

4.4.0-104.127~14.04.1

4.4.0-108.131~14.04.1

4.4.0-109.132~14.04.1

4.4.0-111.134~14.04.1

4.4.0-112.135~14.04.1

4.4.0-116.140~14.04.1

4.4.0-119.143~14.04.1

4.4.0-121.145~14.04.1

4.4.0-124.148~14.04.1

4.4.0-127.153~14.04.1

4.4.0-128.154~14.04.1

4.4.0-130.156~14.04.1

4.4.0-131.157~14.04.1

4.4.0-133.159~14.04.1

4.4.0-134.160~14.04.1

4.4.0-135.161~14.04.1

4.4.0-137.163~14.04.1

4.4.0-138.164~14.04.1

4.4.0-139.165~14.04.1

4.4.0-140.166~14.04.1

4.4.0-141.167~14.04.1

4.4.0-142.168~14.04.1

4.4.0-143.169~14.04.2

4.4.0-144.170~14.04.1

4.4.0-146.172~14.04.1

4.4.0-148.174~14.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "linux-image-4.4.0-154-powerpc-smp": "4.4.0-154.181~14.04.1",
            "linux-image-4.4.0-154-powerpc64-smp": "4.4.0-154.181~14.04.1",
            "linux-image-4.4.0-154-generic-lpae": "4.4.0-154.181~14.04.1",
            "linux-image-4.4.0-154-powerpc-e500mc": "4.4.0-154.181~14.04.1",
            "linux-image-4.4.0-154-powerpc64-emb": "4.4.0-154.181~14.04.1",
            "linux-image-4.4.0-154-lowlatency": "4.4.0-154.181~14.04.1",
            "linux-image-4.4.0-154-generic": "4.4.0-154.181~14.04.1"
        }
    ]
}