USN-4186-2

See a problem?

Source

https://ubuntu.com/security/notices/USN-4186-2

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4186-2.json

JSON Data

https://api.osv.dev/v1/vulns/USN-4186-2

Related

CVE-2018-12207
CVE-2019-0154
CVE-2019-0155
CVE-2019-11135
CVE-2019-15098
CVE-2019-17052
CVE-2019-17053
CVE-2019-17054
CVE-2019-17055
CVE-2019-17056
CVE-2019-17666
UBUNTU-CVE-2018-12207
UBUNTU-CVE-2019-0154
UBUNTU-CVE-2019-0155
UBUNTU-CVE-2019-11135
UBUNTU-CVE-2019-15098
UBUNTU-CVE-2019-17052
UBUNTU-CVE-2019-17053
UBUNTU-CVE-2019-17054
UBUNTU-CVE-2019-17055
UBUNTU-CVE-2019-17056
UBUNTU-CVE-2019-17666

Published

2019-11-13T01:38:13.653154Z

Modified

2019-11-13T01:38:13.653154Z

Summary

linux-lts-xenial, linux-aws vulnerabilities

Details

USN-4186-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM.

Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11135)

It was discovered that the Intel i915 graphics chipsets allowed userspace to modify page table entries via writes to MMIO from the Blitter Command Streamer and expose kernel memory information. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2019-0155)

Deepak Gupta discovered that on certain Intel processors, the Linux kernel did not properly perform invalidation on page table updates by virtual guest operating systems. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2018-12207)

It was discovered that the Intel i915 graphics chipsets could cause a system hang when userspace performed a read from GT memory mapped input output (MMIO) when the product is in certain low power states. A local attacker could use this to cause a denial of service. (CVE-2019-0154)

Hui Peng discovered that the Atheros AR6004 USB Wi-Fi device driver for the Linux kernel did not properly validate endpoint descriptors returned by the device. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15098)

Ori Nimron discovered that the AX25 network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17052)

Ori Nimron discovered that the IEEE 802.15.4 Low-Rate Wireless network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17053)

Ori Nimron discovered that the Appletalk network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17054)

Ori Nimron discovered that the modular ISDN network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17055)

Ori Nimron discovered that the Near field Communication (NFC) network protocol implementation in the Linux kernel did not properly perform permissions checks. A local attacker could use this to create a raw socket. (CVE-2019-17056)

Nico Waisman discovered that a buffer overflow existed in the Realtek Wi-Fi driver for the Linux kernel when handling Notice of Absence frames. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-17666)

References

Affected packages

Ubuntu:14.04:LTS / linux-aws

Package

Name: linux-aws
Purl: pkg:deb/ubuntu/linux-aws@4.4.0-1058.62?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-1058.62

Affected versions

4.*

4.4.0-1002.2

4.4.0-1003.3

4.4.0-1005.5

4.4.0-1006.6

4.4.0-1009.9

4.4.0-1010.10

4.4.0-1011.11

4.4.0-1012.12

4.4.0-1014.14

4.4.0-1016.16

4.4.0-1017.17

4.4.0-1019.19

4.4.0-1022.22

4.4.0-1023.23

4.4.0-1024.25

4.4.0-1025.26

4.4.0-1027.30

4.4.0-1028.31

4.4.0-1029.32

4.4.0-1031.34

4.4.0-1032.35

4.4.0-1034.37

4.4.0-1036.39

4.4.0-1037.40

4.4.0-1038.41

4.4.0-1039.42

4.4.0-1040.43

4.4.0-1042.45

4.4.0-1044.47

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "linux-image-4.4.0-1058-aws": "4.4.0-1058.62"
        }
    ]
}

Ubuntu:14.04:LTS / linux-lts-xenial

Package

Name: linux-lts-xenial
Purl: pkg:deb/ubuntu/linux-lts-xenial@4.4.0-168.197~14.04.1?arch=src?distro=trusty

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

4.4.0-168.197~14.04.1

Affected versions

4.*

4.4.0-13.29~14.04.1

4.4.0-14.30~14.04.2

4.4.0-15.31~14.04.1

4.4.0-18.34~14.04.1

4.4.0-21.37~14.04.1

4.4.0-22.39~14.04.1

4.4.0-22.40~14.04.1

4.4.0-24.43~14.04.1

4.4.0-28.47~14.04.1

4.4.0-31.50~14.04.1

4.4.0-34.53~14.04.1

4.4.0-36.55~14.04.1

4.4.0-38.57~14.04.1

4.4.0-42.62~14.04.1

4.4.0-45.66~14.04.1

4.4.0-47.68~14.04.1

4.4.0-51.72~14.04.1

4.4.0-53.74~14.04.1

4.4.0-57.78~14.04.1

4.4.0-59.80~14.04.1

4.4.0-62.83~14.04.1

4.4.0-63.84~14.04.2

4.4.0-64.85~14.04.1

4.4.0-66.87~14.04.1

4.4.0-67.88~14.04.1

4.4.0-70.91~14.04.1

4.4.0-71.92~14.04.1

4.4.0-72.93~14.04.1

4.4.0-75.96~14.04.1

4.4.0-78.99~14.04.2

4.4.0-79.100~14.04.1

4.4.0-81.104~14.04.1

4.4.0-83.106~14.04.1

4.4.0-87.110~14.04.1

4.4.0-89.112~14.04.1

4.4.0-91.114~14.04.1

4.4.0-92.115~14.04.1

4.4.0-93.116~14.04.1

4.4.0-96.119~14.04.1

4.4.0-97.120~14.04.1

4.4.0-98.121~14.04.1

4.4.0-101.124~14.04.1

4.4.0-103.126~14.04.1

4.4.0-104.127~14.04.1

4.4.0-108.131~14.04.1

4.4.0-109.132~14.04.1

4.4.0-111.134~14.04.1

4.4.0-112.135~14.04.1

4.4.0-116.140~14.04.1

4.4.0-119.143~14.04.1

4.4.0-121.145~14.04.1

4.4.0-124.148~14.04.1

4.4.0-127.153~14.04.1

4.4.0-128.154~14.04.1

4.4.0-130.156~14.04.1

4.4.0-131.157~14.04.1

4.4.0-133.159~14.04.1

4.4.0-134.160~14.04.1

4.4.0-135.161~14.04.1

4.4.0-137.163~14.04.1

4.4.0-138.164~14.04.1

4.4.0-139.165~14.04.1

4.4.0-140.166~14.04.1

4.4.0-141.167~14.04.1

4.4.0-142.168~14.04.1

4.4.0-143.169~14.04.2

4.4.0-144.170~14.04.1

4.4.0-146.172~14.04.1

4.4.0-148.174~14.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "linux-image-4.4.0-168-lowlatency": "4.4.0-168.197~14.04.1",
            "linux-image-4.4.0-168-generic-lpae": "4.4.0-168.197~14.04.1",
            "linux-image-4.4.0-168-powerpc-smp": "4.4.0-168.197~14.04.1",
            "linux-image-4.4.0-168-powerpc-e500mc": "4.4.0-168.197~14.04.1",
            "linux-image-4.4.0-168-powerpc64-smp": "4.4.0-168.197~14.04.1",
            "linux-image-4.4.0-168-generic": "4.4.0-168.197~14.04.1",
            "linux-image-4.4.0-168-powerpc64-emb": "4.4.0-168.197~14.04.1"
        }
    ]
}