USN-4147-1
- Source
- https://ubuntu.com/security/notices/USN-4147-1
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4147-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-4147-1
- Related
- Published
- 2019-10-04T15:38:51.032420Z
- Modified
- 2019-10-04T15:38:51.032420Z
- Summary
- linux, linux-aws, linux-azure, linux-gcp, linux-gke-5.0, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
- Details
-
It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup (TDLS). A physically proximate attacker could use this to cause a denial of service (Wi-Fi disconnect). (CVE-2019-0136)
It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. (CVE-2019-10207)
It was discovered that the GTCO tablet input driver in the Linux kernel did not properly bounds check the initial HID report sent by the device. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-13631)
It was discovered that an out-of-bounds read existed in the QLogic QEDI iSCSI Initiator Driver in the Linux kernel. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-15090)
Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel did not properly validate device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15117)
Hui Peng and Mathias Payer discovered that the USB audio driver for the Linux kernel improperly performed recursion while handling device meta data. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15118)
It was discovered that the Raremono AM/FM/SW radio device driver in the Linux kernel did not properly allocate memory, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2019-15211)
It was discovered at a double-free error existed in the USB Rio 500 device driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service. (CVE-2019-15212)
It was discovered that a race condition existed in the CPiA2 video4linux device driver for the Linux kernel, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15215)
It was discovered that a race condition existed in the Softmac USB Prism54 device driver in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15220)
Benjamin Moody discovered that the XFS file system in the Linux kernel did not properly handle an error condition when out of disk quota. A local attacker could possibly use this to cause a denial of service. (CVE-2019-15538)
It was discovered that the Hisilicon HNS3 ethernet device driver in the Linux kernel contained an out of bounds access vulnerability. A local attacker could use this to possibly cause a denial of service (system crash). (CVE-2019-15925)
It was discovered that the Atheros mobile chipset driver in the Linux kernel did not properly validate data in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2019-15926)
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper B. Rasmussen discovered that the Bluetooth protocol BR/EDR specification did not properly require sufficiently strong encryption key lengths. A physically proximate attacker could use this to expose sensitive information. (CVE-2019-9506)
It was discovered that ZR364XX Camera USB device driver for the Linux kernel did not properly initialize memory. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15217)
It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel made improper assumptions about the device characteristics. A physically proximate attacker could use this cause a denial of service (system crash). (CVE-2019-15218)
It was discovered that the Line 6 POD USB device driver in the Linux kernel did not properly validate data size information from the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15221)
It was discovered that the Line 6 USB driver for the Linux kernel contained a race condition when the device was disconnected. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15223)
- References
-
- https://ubuntu.com/security/notices/USN-4147-1
- https://ubuntu.com/security/CVE-2019-0136
- https://ubuntu.com/security/CVE-2019-9506
- https://ubuntu.com/security/CVE-2019-10207
- https://ubuntu.com/security/CVE-2019-13631
- https://ubuntu.com/security/CVE-2019-15090
- https://ubuntu.com/security/CVE-2019-15117
- https://ubuntu.com/security/CVE-2019-15118
- https://ubuntu.com/security/CVE-2019-15211
- https://ubuntu.com/security/CVE-2019-15212
- https://ubuntu.com/security/CVE-2019-15215
- https://ubuntu.com/security/CVE-2019-15217
- https://ubuntu.com/security/CVE-2019-15218
- https://ubuntu.com/security/CVE-2019-15220
- https://ubuntu.com/security/CVE-2019-15221
- https://ubuntu.com/security/CVE-2019-15223
- https://ubuntu.com/security/CVE-2019-15538
- https://ubuntu.com/security/CVE-2019-15925
- https://ubuntu.com/security/CVE-2019-15926
Affected packages
Ubuntu:18.04:LTS / linux-gke-5.0
Package
- Name
- linux-gke-5.0
- Purl
- pkg:deb/ubuntu/linux-gke-5.0?arch=src?distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.0.0-1020.20~18.04.1
Affected versions
5.*
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "5.0.0-1020.20~18.04.1",
"binary_name": "linux-buildinfo-5.0.0-1020-gke"
},
{
"binary_version": "5.0.0-1020.20~18.04.1",
"binary_name": "linux-gke-5.0-headers-5.0.0-1020"
},
{
"binary_version": "5.0.0-1020.20~18.04.1",
"binary_name": "linux-gke-5.0-tools-5.0.0-1020"
},
{
"binary_version": "5.0.0-1020.20~18.04.1",
"binary_name": "linux-headers-5.0.0-1020-gke"
},
{
"binary_version": "5.0.0-1020.20~18.04.1",
"binary_name": "linux-image-unsigned-5.0.0-1020-gke"
},
{
"binary_version": "5.0.0-1020.20~18.04.1",
"binary_name": "linux-image-unsigned-5.0.0-1020-gke-dbgsym"
},
{
"binary_version": "5.0.0-1020.20~18.04.1",
"binary_name": "linux-modules-5.0.0-1020-gke"
},
{
"binary_version": "5.0.0-1020.20~18.04.1",
"binary_name": "linux-modules-extra-5.0.0-1020-gke"
},
{
"binary_version": "5.0.0-1020.20~18.04.1",
"binary_name": "linux-tools-5.0.0-1020-gke"
}
]
}
Ubuntu:18.04:LTS / linux-hwe
Package
- Name
- linux-hwe
- Purl
- pkg:deb/ubuntu/linux-hwe?arch=src?distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed5.0.0-31.33~18.04.1
Affected versions
4.*
5.*
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "block-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "block-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "crypto-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "crypto-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "dasd-extra-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "dasd-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "fat-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "fat-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "fb-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "firewire-core-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "floppy-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "fs-core-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "fs-core-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "fs-secondary-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "fs-secondary-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "input-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "input-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "ipmi-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "ipmi-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "kernel-image-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "kernel-image-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-buildinfo-5.0.0-31-generic"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-buildinfo-5.0.0-31-generic-lpae"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-buildinfo-5.0.0-31-lowlatency"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-cloud-tools-5.0.0-31-generic"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-cloud-tools-5.0.0-31-lowlatency"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-headers-5.0.0-31"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-headers-5.0.0-31-generic"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-headers-5.0.0-31-generic-lpae"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-headers-5.0.0-31-lowlatency"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-hwe-cloud-tools-5.0.0-31"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-hwe-tools-5.0.0-31"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-hwe-udebs-generic"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-hwe-udebs-generic-lpae"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-image-5.0.0-31-generic"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-image-5.0.0-31-generic-dbgsym"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-image-5.0.0-31-generic-lpae"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-image-5.0.0-31-generic-lpae-dbgsym"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-image-5.0.0-31-lowlatency"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-image-5.0.0-31-lowlatency-dbgsym"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-image-unsigned-5.0.0-31-generic"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-image-unsigned-5.0.0-31-generic-dbgsym"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-image-unsigned-5.0.0-31-lowlatency"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-image-unsigned-5.0.0-31-lowlatency-dbgsym"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-modules-5.0.0-31-generic"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-modules-5.0.0-31-generic-lpae"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-modules-5.0.0-31-lowlatency"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-modules-extra-5.0.0-31-generic"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-source-5.0.0"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-tools-5.0.0-31-generic"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-tools-5.0.0-31-generic-lpae"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "linux-tools-5.0.0-31-lowlatency"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "md-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "md-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "message-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "mouse-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "mouse-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "multipath-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "multipath-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "nfs-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "nfs-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "nic-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "nic-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "nic-pcmcia-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "nic-shared-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "nic-shared-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "nic-usb-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "nic-usb-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "parport-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "parport-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "pata-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "pcmcia-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "pcmcia-storage-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "plip-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "plip-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "ppp-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "ppp-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "sata-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "sata-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "scsi-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "scsi-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "serial-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "storage-core-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "storage-core-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "usb-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "usb-modules-5.0.0-31-generic-lpae-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "virtio-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "vlan-modules-5.0.0-31-generic-di"
},
{
"binary_version": "5.0.0-31.33~18.04.1",
"binary_name": "vlan-modules-5.0.0-31-generic-lpae-di"
}
]
}