USN-4301-1

Source
https://ubuntu.com/security/notices/USN-4301-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-4301-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-4301-1
Related
Published
2020-03-25T01:39:32.990223Z
Modified
2020-03-25T01:39:32.990223Z
Summary
linux-aws-5.0, linux-gcp, linux-gke-5.0, linux-oracle-5.0, linux-azure vulnerabilities
Details

It was discovered that the KVM implementation in the Linux kernel, when paravirtual TLB flushes are enabled in guests, the hypervisor in some situations could miss deferred TLB flushes or otherwise mishandle them. An attacker in a guest VM could use this to expose sensitive information (read memory from another guest VM). (CVE-2019-3016)

Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel could improperly let a nested (level 2) guest access the resources of a parent (level 1) guest in certain situations. An attacker could use this to expose sensitive information. (CVE-2020-2732)

It was discovered that the RPMSG character device interface in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19053)

It was discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to possibly cause a denial of service (kernel memory exhaustion). (CVE-2019-19056)

It was discovered that the Intel(R) Wi-Fi device driver in the Linux kernel device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19058, CVE-2019-19059)

It was discovered that the Brocade BFA Fibre Channel device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19066)

It was discovered that the Realtek RTL8xxx USB Wi-Fi device driver in the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could possibly use this to cause a denial of service (kernel memory exhaustion). (CVE-2019-19068)

References

Affected packages

Ubuntu:18.04:LTS / linux-aws-5.0

Package

Name
linux-aws-5.0
Purl
pkg:deb/ubuntu/linux-aws-5.0?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.0-1027.30

Affected versions

5.*

5.0.0-1021.24~18.04.1
5.0.0-1022.25~18.04.1
5.0.0-1023.26~18.04.1
5.0.0-1024.27~18.04.1
5.0.0-1025.28

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "5.0.0-1027.30",
            "binary_name": "linux-aws-5.0-tools-5.0.0-1027"
        },
        {
            "binary_version": "5.0.0-1027.30",
            "binary_name": "linux-aws-headers-5.0.0-1027"
        },
        {
            "binary_version": "5.0.0-1027.30",
            "binary_name": "linux-buildinfo-5.0.0-1027-aws"
        },
        {
            "binary_version": "5.0.0-1027.30",
            "binary_name": "linux-cloud-tools-5.0.0-1027-aws"
        },
        {
            "binary_version": "5.0.0-1027.30",
            "binary_name": "linux-headers-5.0.0-1027-aws"
        },
        {
            "binary_version": "5.0.0-1027.30",
            "binary_name": "linux-image-5.0.0-1027-aws"
        },
        {
            "binary_version": "5.0.0-1027.30",
            "binary_name": "linux-image-5.0.0-1027-aws-dbgsym"
        },
        {
            "binary_version": "5.0.0-1027.30",
            "binary_name": "linux-modules-5.0.0-1027-aws"
        },
        {
            "binary_version": "5.0.0-1027.30",
            "binary_name": "linux-modules-extra-5.0.0-1027-aws"
        },
        {
            "binary_version": "5.0.0-1027.30",
            "binary_name": "linux-tools-5.0.0-1027-aws"
        }
    ]
}

Ubuntu:18.04:LTS / linux-azure

Package

Name
linux-azure
Purl
pkg:deb/ubuntu/linux-azure?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.0-1035.37

Affected versions

4.*

4.15.0-1002.2
4.15.0-1003.3
4.15.0-1004.4
4.15.0-1008.8
4.15.0-1009.9
4.15.0-1012.12
4.15.0-1013.13
4.15.0-1014.14
4.15.0-1018.18
4.15.0-1019.19
4.15.0-1021.21
4.15.0-1022.23
4.15.0-1023.24
4.15.0-1025.26
4.15.0-1028.29
4.15.0-1030.31
4.15.0-1031.32
4.15.0-1032.33
4.15.0-1035.36
4.15.0-1036.38
4.15.0-1037.39
4.18.0-1011.11~18.04.1
4.18.0-1013.13~18.04.1
4.18.0-1014.14~18.04.1
4.18.0-1018.18~18.04.1
4.18.0-1019.19~18.04.1
4.18.0-1020.20~18.04.1
4.18.0-1023.24~18.04.1
4.18.0-1024.25~18.04.1
4.18.0-1025.27~18.04.1

5.*

5.0.0-1014.14~18.04.1
5.0.0-1016.17~18.04.1
5.0.0-1018.19~18.04.1
5.0.0-1020.21~18.04.1
5.0.0-1022.23~18.04.1
5.0.0-1023.24~18.04.1
5.0.0-1025.27~18.04.1
5.0.0-1027.29~18.04.1
5.0.0-1028.30~18.04.1
5.0.0-1029.31~18.04.1
5.0.0-1031.33
5.0.0-1032.34

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "5.0.0-1035.37",
            "binary_name": "linux-azure-cloud-tools-5.0.0-1035"
        },
        {
            "binary_version": "5.0.0-1035.37",
            "binary_name": "linux-azure-headers-5.0.0-1035"
        },
        {
            "binary_version": "5.0.0-1035.37",
            "binary_name": "linux-azure-tools-5.0.0-1035"
        },
        {
            "binary_version": "5.0.0-1035.37",
            "binary_name": "linux-buildinfo-5.0.0-1035-azure"
        },
        {
            "binary_version": "5.0.0-1035.37",
            "binary_name": "linux-cloud-tools-5.0.0-1035-azure"
        },
        {
            "binary_version": "5.0.0-1035.37",
            "binary_name": "linux-headers-5.0.0-1035-azure"
        },
        {
            "binary_version": "5.0.0-1035.37",
            "binary_name": "linux-image-unsigned-5.0.0-1035-azure"
        },
        {
            "binary_version": "5.0.0-1035.37",
            "binary_name": "linux-image-unsigned-5.0.0-1035-azure-dbgsym"
        },
        {
            "binary_version": "5.0.0-1035.37",
            "binary_name": "linux-modules-5.0.0-1035-azure"
        },
        {
            "binary_version": "5.0.0-1035.37",
            "binary_name": "linux-modules-extra-5.0.0-1035-azure"
        },
        {
            "binary_version": "5.0.0-1035.37",
            "binary_name": "linux-tools-5.0.0-1035-azure"
        }
    ]
}

Ubuntu:18.04:LTS / linux-gcp

Package

Name
linux-gcp
Purl
pkg:deb/ubuntu/linux-gcp?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.0-1033.34

Affected versions

4.*

4.15.0-1001.1
4.15.0-1003.3
4.15.0-1005.5
4.15.0-1006.6
4.15.0-1008.8
4.15.0-1009.9
4.15.0-1010.10
4.15.0-1014.14
4.15.0-1015.15
4.15.0-1017.18
4.15.0-1018.19
4.15.0-1019.20
4.15.0-1021.22
4.15.0-1023.24
4.15.0-1024.25
4.15.0-1025.26
4.15.0-1026.27
4.15.0-1027.28
4.15.0-1028.29
4.15.0-1029.31
4.15.0-1030.32
4.15.0-1032.34
4.15.0-1033.35
4.15.0-1034.36
4.15.0-1036.38
4.15.0-1037.39
4.15.0-1040.42
4.15.0-1042.45
4.15.0-1044.70

5.*

5.0.0-1020.20~18.04.1
5.0.0-1021.21~18.04.1
5.0.0-1025.26~18.04.1
5.0.0-1026.27~18.04.1
5.0.0-1028.29~18.04.1
5.0.0-1029.30~18.04.1
5.0.0-1031.32

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "5.0.0-1033.34",
            "binary_name": "linux-buildinfo-5.0.0-1033-gcp"
        },
        {
            "binary_version": "5.0.0-1033.34",
            "binary_name": "linux-gcp-headers-5.0.0-1033"
        },
        {
            "binary_version": "5.0.0-1033.34",
            "binary_name": "linux-gcp-tools-5.0.0-1033"
        },
        {
            "binary_version": "5.0.0-1033.34",
            "binary_name": "linux-headers-5.0.0-1033-gcp"
        },
        {
            "binary_version": "5.0.0-1033.34",
            "binary_name": "linux-image-unsigned-5.0.0-1033-gcp"
        },
        {
            "binary_version": "5.0.0-1033.34",
            "binary_name": "linux-image-unsigned-5.0.0-1033-gcp-dbgsym"
        },
        {
            "binary_version": "5.0.0-1033.34",
            "binary_name": "linux-modules-5.0.0-1033-gcp"
        },
        {
            "binary_version": "5.0.0-1033.34",
            "binary_name": "linux-modules-extra-5.0.0-1033-gcp"
        },
        {
            "binary_version": "5.0.0-1033.34",
            "binary_name": "linux-tools-5.0.0-1033-gcp"
        }
    ]
}

Ubuntu:18.04:LTS / linux-gke-5.0

Package

Name
linux-gke-5.0
Purl
pkg:deb/ubuntu/linux-gke-5.0?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.0-1032.33

Affected versions

5.*

5.0.0-1011.11~18.04.1
5.0.0-1013.13~18.04.1
5.0.0-1015.15~18.04.1
5.0.0-1017.17~18.04.1
5.0.0-1020.20~18.04.1
5.0.0-1022.22~18.04.3
5.0.0-1023.23~18.04.2
5.0.0-1025.26~18.04.1
5.0.0-1026.27~18.04.2
5.0.0-1027.28~18.04.1
5.0.0-1029.30~18.04.1
5.0.0-1030.31

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "5.0.0-1032.33",
            "binary_name": "linux-buildinfo-5.0.0-1032-gke"
        },
        {
            "binary_version": "5.0.0-1032.33",
            "binary_name": "linux-gke-5.0-headers-5.0.0-1032"
        },
        {
            "binary_version": "5.0.0-1032.33",
            "binary_name": "linux-gke-5.0-tools-5.0.0-1032"
        },
        {
            "binary_version": "5.0.0-1032.33",
            "binary_name": "linux-headers-5.0.0-1032-gke"
        },
        {
            "binary_version": "5.0.0-1032.33",
            "binary_name": "linux-image-unsigned-5.0.0-1032-gke"
        },
        {
            "binary_version": "5.0.0-1032.33",
            "binary_name": "linux-image-unsigned-5.0.0-1032-gke-dbgsym"
        },
        {
            "binary_version": "5.0.0-1032.33",
            "binary_name": "linux-modules-5.0.0-1032-gke"
        },
        {
            "binary_version": "5.0.0-1032.33",
            "binary_name": "linux-modules-extra-5.0.0-1032-gke"
        },
        {
            "binary_version": "5.0.0-1032.33",
            "binary_name": "linux-tools-5.0.0-1032-gke"
        }
    ]
}

Ubuntu:18.04:LTS / linux-oem-osp1

Package

Name
linux-oem-osp1
Purl
pkg:deb/ubuntu/linux-oem-osp1?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.0-1043.48

Affected versions

5.*

5.0.0-1010.11
5.0.0-1012.13
5.0.0-1015.16
5.0.0-1018.20
5.0.0-1020.22
5.0.0-1022.24
5.0.0-1024.27
5.0.0-1025.28
5.0.0-1027.31
5.0.0-1028.32
5.0.0-1030.34
5.0.0-1033.38
5.0.0-1037.42
5.0.0-1039.44
5.0.0-1040.45

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "block-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "crypto-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "fat-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "fb-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "firewire-core-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "floppy-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "fs-core-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "fs-secondary-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "input-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "ipmi-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "kernel-image-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "linux-buildinfo-5.0.0-1043-oem-osp1"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "linux-headers-5.0.0-1043-oem-osp1"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "linux-image-unsigned-5.0.0-1043-oem-osp1"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "linux-image-unsigned-5.0.0-1043-oem-osp1-dbgsym"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "linux-modules-5.0.0-1043-oem-osp1"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "linux-oem-osp1-headers-5.0.0-1043"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "linux-oem-osp1-tools-5.0.0-1043"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "linux-oem-osp1-tools-host"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "linux-tools-5.0.0-1043-oem-osp1"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "linux-udebs-oem-osp1"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "md-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "message-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "mouse-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "multipath-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "nfs-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "nic-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "nic-pcmcia-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "nic-shared-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "nic-usb-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "parport-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "pata-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "pcmcia-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "pcmcia-storage-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "plip-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "ppp-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "sata-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "scsi-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "serial-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "storage-core-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "usb-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "virtio-modules-5.0.0-1043-oem-osp1-di"
        },
        {
            "binary_version": "5.0.0-1043.48",
            "binary_name": "vlan-modules-5.0.0-1043-oem-osp1-di"
        }
    ]
}

Ubuntu:18.04:LTS / linux-oracle-5.0

Package

Name
linux-oracle-5.0
Purl
pkg:deb/ubuntu/linux-oracle-5.0?arch=src?distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.0.0-1013.18

Affected versions

5.*

5.0.0-1007.12~18.04.1
5.0.0-1008.13~18.04.1
5.0.0-1009.14~18.04.1
5.0.0-1010.15~18.04.1
5.0.0-1011.16

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "5.0.0-1013.18",
            "binary_name": "linux-buildinfo-5.0.0-1013-oracle"
        },
        {
            "binary_version": "5.0.0-1013.18",
            "binary_name": "linux-headers-5.0.0-1013-oracle"
        },
        {
            "binary_version": "5.0.0-1013.18",
            "binary_name": "linux-image-unsigned-5.0.0-1013-oracle"
        },
        {
            "binary_version": "5.0.0-1013.18",
            "binary_name": "linux-image-unsigned-5.0.0-1013-oracle-dbgsym"
        },
        {
            "binary_version": "5.0.0-1013.18",
            "binary_name": "linux-modules-5.0.0-1013-oracle"
        },
        {
            "binary_version": "5.0.0-1013.18",
            "binary_name": "linux-modules-extra-5.0.0-1013-oracle"
        },
        {
            "binary_version": "5.0.0-1013.18",
            "binary_name": "linux-oracle-5.0-headers-5.0.0-1013"
        },
        {
            "binary_version": "5.0.0-1013.18",
            "binary_name": "linux-oracle-5.0-tools-5.0.0-1013"
        },
        {
            "binary_version": "5.0.0-1013.18",
            "binary_name": "linux-tools-5.0.0-1013-oracle"
        }
    ]
}