USN-4069-2

See a problem?

Source

https://ubuntu.com/security/notices/USN-4069-2

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4069-2.json

JSON Data

https://api.osv.dev/v1/vulns/USN-4069-2

Related

CVE-2019-11487
CVE-2019-11599
CVE-2019-11833
CVE-2019-11884
UBUNTU-CVE-2019-11487
UBUNTU-CVE-2019-11599
UBUNTU-CVE-2019-11833
UBUNTU-CVE-2019-11884

Published

2019-08-01T06:10:42.611479Z

Modified

2019-08-01T06:10:42.611479Z

Summary

linux-hwe vulnerabilities

Details

USN-4069-1 fixed vulnerabilities in the Linux kernel for Ubuntu 19.04. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 19.04 for Ubuntu 18.04 LTS.

It was discovered that an integer overflow existed in the Linux kernel when reference counting pages, leading to potential use-after-free issues. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-11487)

Jann Horn discovered that a race condition existed in the Linux kernel when performing core dumps. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2019-11599)

It was discovered that the ext4 file system implementation in the Linux kernel did not properly zero out memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-11833)

It was discovered that the Bluetooth Human Interface Device Protocol (HIDP) implementation in the Linux kernel did not properly verify strings were NULL terminated in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-11884)

References

Affected packages

Ubuntu:18.04:LTS / linux-hwe

Package

Name: linux-hwe
Purl: pkg:deb/ubuntu/linux-hwe@5.0.0-23.24~18.04.1?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.0.0-23.24~18.04.1

Affected versions

4.*

4.18.0-13.14~18.04.1

4.18.0-14.15~18.04.1

4.18.0-15.16~18.04.1

4.18.0-16.17~18.04.1

4.18.0-17.18~18.04.1

4.18.0-18.19~18.04.1

4.18.0-20.21~18.04.1

4.18.0-21.22~18.04.1

4.18.0-22.23~18.04.1

4.18.0-24.25~18.04.1

4.18.0-25.26~18.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "linux-image-5.0.0-23-generic-lpae-dbgsym": "5.0.0-23.24~18.04.1",
            "scsi-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "linux-tools-5.0.0-23-generic-lpae": "5.0.0-23.24~18.04.1",
            "nic-shared-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "linux-buildinfo-5.0.0-23-generic": "5.0.0-23.24~18.04.1",
            "floppy-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "linux-hwe-udebs-generic-lpae": "5.0.0-23.24~18.04.1",
            "linux-image-5.0.0-23-lowlatency-dbgsym": "5.0.0-23.24~18.04.1",
            "linux-image-5.0.0-23-lowlatency": "5.0.0-23.24~18.04.1",
            "sata-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "pcmcia-storage-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "virtio-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "kernel-image-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "crypto-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "linux-image-5.0.0-23-generic-dbgsym": "5.0.0-23.24~18.04.1",
            "nic-shared-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "mouse-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "usb-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "firewire-core-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "linux-image-5.0.0-23-generic-lpae": "5.0.0-23.24~18.04.1",
            "linux-source-5.0.0": "5.0.0-23.24~18.04.1",
            "fs-secondary-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "linux-modules-5.0.0-23-generic-lpae": "5.0.0-23.24~18.04.1",
            "nfs-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "linux-hwe-cloud-tools-5.0.0-23": "5.0.0-23.24~18.04.1",
            "md-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "multipath-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "fs-core-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "linux-headers-5.0.0-23-generic": "5.0.0-23.24~18.04.1",
            "scsi-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "nic-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "crypto-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "linux-modules-5.0.0-23-lowlatency": "5.0.0-23.24~18.04.1",
            "sata-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "linux-buildinfo-5.0.0-23-generic-lpae": "5.0.0-23.24~18.04.1",
            "nic-pcmcia-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "md-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "usb-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "linux-hwe-udebs-generic": "5.0.0-23.24~18.04.1",
            "kernel-image-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "linux-buildinfo-5.0.0-23-lowlatency": "5.0.0-23.24~18.04.1",
            "ipmi-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "pcmcia-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "linux-modules-extra-5.0.0-23-generic": "5.0.0-23.24~18.04.1",
            "input-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "fb-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "multipath-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "fat-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "linux-image-unsigned-5.0.0-23-generic-dbgsym": "5.0.0-23.24~18.04.1",
            "block-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "fs-core-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "mouse-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "linux-headers-5.0.0-23": "5.0.0-23.24~18.04.1",
            "storage-core-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "linux-image-5.0.0-23-generic": "5.0.0-23.24~18.04.1",
            "fs-secondary-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "serial-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "ipmi-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "linux-hwe-tools-5.0.0-23": "5.0.0-23.24~18.04.1",
            "linux-cloud-tools-5.0.0-23-generic": "5.0.0-23.24~18.04.1",
            "linux-headers-5.0.0-23-lowlatency": "5.0.0-23.24~18.04.1",
            "block-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "plip-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "linux-image-unsigned-5.0.0-23-lowlatency": "5.0.0-23.24~18.04.1",
            "dasd-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "linux-image-unsigned-5.0.0-23-generic": "5.0.0-23.24~18.04.1",
            "linux-image-unsigned-5.0.0-23-lowlatency-dbgsym": "5.0.0-23.24~18.04.1",
            "dasd-extra-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "parport-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "nfs-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "linux-modules-5.0.0-23-generic": "5.0.0-23.24~18.04.1",
            "vlan-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "linux-headers-5.0.0-23-generic-lpae": "5.0.0-23.24~18.04.1",
            "ppp-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "linux-tools-5.0.0-23-generic": "5.0.0-23.24~18.04.1",
            "nic-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "linux-tools-5.0.0-23-lowlatency": "5.0.0-23.24~18.04.1",
            "linux-cloud-tools-5.0.0-23-lowlatency": "5.0.0-23.24~18.04.1",
            "plip-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "parport-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "pata-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "storage-core-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "ppp-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "fat-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "vlan-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "message-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "input-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1",
            "nic-usb-modules-5.0.0-23-generic-lpae-di": "5.0.0-23.24~18.04.1",
            "nic-usb-modules-5.0.0-23-generic-di": "5.0.0-23.24~18.04.1"
        }
    ]
}