USN-4145-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-4145-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-4145-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-4145-1
Related
  • CVE-2016-10905
  • CVE-2017-18509
  • CVE-2018-20961
  • CVE-2018-20976
  • CVE-2019-0136
  • CVE-2019-10207
  • CVE-2019-11487
  • CVE-2019-13631
  • CVE-2019-15211
  • CVE-2019-15215
  • CVE-2019-15926
Published
2019-10-01T04:12:54.186227Z
Modified
2019-10-01T04:12:54.186227Z
Summary
linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon vulnerabilities
Details

It was discovered that a race condition existed in the GFS2 file system in the Linux kernel. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2016-10905)

It was discovered that the IPv6 implementation in the Linux kernel did not properly validate socket options in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-18509)

It was discovered that the USB gadget Midi driver in the Linux kernel contained a double-free vulnerability when handling certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-20961)

It was discovered that the XFS file system in the Linux kernel did not properly handle mount failures in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2018-20976)

It was discovered that the Intel Wi-Fi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup (TDLS). A physically proximate attacker could use this to cause a denial of service (Wi-Fi disconnect). (CVE-2019-0136)

It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. A local attacker could use this to cause a denial of service. (CVE-2019-10207)

It was discovered that an integer overflow existed in the Linux kernel when reference counting pages, leading to potential use-after-free issues. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-11487)

It was discovered that the GTCO tablet input driver in the Linux kernel did not properly bounds check the initial HID report sent by the device. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-13631)

It was discovered that the Raremono AM/FM/SW radio device driver in the Linux kernel did not properly allocate memory, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2019-15211)

It was discovered that a race condition existed in the CPiA2 video4linux device driver for the Linux kernel, leading to a use-after-free. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-15215)

It was discovered that the Atheros mobile chipset driver in the Linux kernel did not properly validate data in some situations. An attacker could use this to cause a denial of service (system crash). (CVE-2019-15926)

References

Affected packages

Ubuntu:16.04:LTS / linux-raspi2

Package

Name
linux-raspi2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1123.132

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-raspi2": "4.4.0.1123.123",
            "linux-image-4.4.0-1123-raspi2": "4.4.0-1123.132"
        }
    ]
}

Ubuntu:16.04:LTS / linux

Package

Name
linux

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-165.193

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-lowlatency-lts-vivid": "4.4.0.165.173",
            "linux-image-virtual-lts-vivid": "4.4.0.165.173",
            "linux-image-powerpc64-emb": "4.4.0.165.173",
            "linux-image-lowlatency-lts-wily": "4.4.0.165.173",
            "linux-image-powerpc-e500mc-lts-utopic": "4.4.0.165.173",
            "linux-image-powerpc-smp-lts-wily": "4.4.0.165.173",
            "linux-image-4.4.0-165-powerpc-smp": "4.4.0-165.193",
            "linux-image-virtual-lts-utopic": "4.4.0.165.173",
            "linux-image-powerpc64-smp-lts-xenial": "4.4.0.165.173",
            "linux-image-powerpc64-emb-lts-utopic": "4.4.0.165.173",
            "linux-image-powerpc64-smp-lts-wily": "4.4.0.165.173",
            "linux-image-powerpc-smp-lts-utopic": "4.4.0.165.173",
            "linux-image-virtual-lts-xenial": "4.4.0.165.173",
            "linux-image-generic-lpae-lts-vivid": "4.4.0.165.173",
            "linux-image-powerpc-e500mc-lts-wily": "4.4.0.165.173",
            "linux-image-powerpc-smp-lts-vivid": "4.4.0.165.173",
            "linux-image-powerpc64-emb-lts-vivid": "4.4.0.165.173",
            "linux-image-powerpc64-smp": "4.4.0.165.173",
            "linux-image-4.4.0-165-powerpc-e500mc": "4.4.0-165.193",
            "linux-image-generic-lts-xenial": "4.4.0.165.173",
            "linux-image-lowlatency": "4.4.0.165.173",
            "linux-image-powerpc-e500mc-lts-vivid": "4.4.0.165.173",
            "linux-image-powerpc-e500mc": "4.4.0.165.173",
            "linux-image-virtual": "4.4.0.165.173",
            "linux-image-generic-lpae-lts-xenial": "4.4.0.165.173",
            "linux-image-powerpc64-emb-lts-wily": "4.4.0.165.173",
            "linux-image-generic-lts-utopic": "4.4.0.165.173",
            "linux-image-generic-lts-vivid": "4.4.0.165.173",
            "linux-image-powerpc64-smp-lts-utopic": "4.4.0.165.173",
            "linux-image-powerpc-smp-lts-xenial": "4.4.0.165.173",
            "linux-image-powerpc-e500mc-lts-xenial": "4.4.0.165.173",
            "linux-image-generic-lpae-lts-utopic": "4.4.0.165.173",
            "linux-image-4.4.0-165-powerpc64-emb": "4.4.0-165.193",
            "linux-image-powerpc64-smp-lts-vivid": "4.4.0.165.173",
            "linux-image-4.4.0-165-powerpc64-smp": "4.4.0-165.193",
            "linux-image-virtual-lts-wily": "4.4.0.165.173",
            "linux-image-4.4.0-165-generic": "4.4.0-165.193",
            "linux-image-4.4.0-165-generic-lpae": "4.4.0-165.193",
            "linux-image-4.4.0-165-lowlatency": "4.4.0-165.193",
            "linux-image-lowlatency-lts-xenial": "4.4.0.165.173",
            "linux-image-generic-lpae-lts-wily": "4.4.0.165.173",
            "linux-image-lowlatency-lts-utopic": "4.4.0.165.173",
            "linux-image-powerpc64-emb-lts-xenial": "4.4.0.165.173",
            "linux-image-generic-lts-wily": "4.4.0.165.173",
            "linux-image-powerpc-smp": "4.4.0.165.173",
            "linux-image-generic": "4.4.0.165.173",
            "linux-image-generic-lpae": "4.4.0.165.173"
        }
    ]
}

Ubuntu:16.04:LTS / linux-kvm

Package

Name
linux-kvm

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1059.66

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-kvm": "4.4.0.1059.59",
            "linux-image-4.4.0-1059-kvm": "4.4.0-1059.66"
        }
    ]
}

Ubuntu:16.04:LTS / linux-snapdragon

Package

Name
linux-snapdragon

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1127.135

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-snapdragon": "4.4.0.1127.119",
            "linux-image-4.4.0-1127-snapdragon": "4.4.0-1127.135"
        }
    ]
}

Ubuntu:16.04:LTS / linux-aws

Package

Name
linux-aws

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1095.106

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-4.4.0-1095-aws": "4.4.0-1095.106",
            "linux-image-aws": "4.4.0.1095.99"
        }
    ]
}