Ubuntu update for linux



| Updated: 2025-04-23
Risk Medium
Patch available YES
Number of vulnerabilities 8
CVE-ID CVE-2019-19054
CVE-2019-19073
CVE-2019-19074
CVE-2019-20811
CVE-2019-9445
CVE-2019-9453
CVE-2020-0067
CVE-2020-25212
CWE-ID CWE-401
CWE-20
CWE-125
CWE-367
Exploitation vector Local network
Public exploit N/A
Vulnerable software
 Ubuntu
Operating systems & Components / Operating system

linux-image-virtual-lts-xenial (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-powerpc64-smp-lts-xenial (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-powerpc64-emb-lts-xenial (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-powerpc-smp-lts-xenial (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-powerpc-e500mc-lts-xenial (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-lowlatency-lts-xenial (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-generic-lts-xenial (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-generic-lpae-lts-xenial (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.4.0-1078-aws (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-aws (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.4.0-190-powerpc64-smp (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.4.0-190-powerpc64-emb (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.4.0-190-powerpc-smp (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.4.0-190-powerpc-e500mc (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.4.0-190-lowlatency (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.4.0-190-generic-lpae (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.4.0-190-generic (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-kvm (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.4.0-1080-kvm (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-virtual (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-snapdragon (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-raspi2 (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-powerpc64-smp (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-powerpc64-emb (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-powerpc-smp (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-powerpc-e500mc (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-lowlatency (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-generic-lpae (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-generic (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.4.0-1143-snapdragon (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.4.0-1139-raspi2 (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-4.4.0-1114-aws (Ubuntu package)
Operating systems & Components / Operating system package or component

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 8 vulnerabilities.

1) Memory leak

EUVDB-ID: #VU23021

Risk: Low

CVSSv4.0: 4.6 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-19054

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the "cx23888_ir_probe()" function in "drivers/media/pci/cx23885/cx23888-ir.c" file. A local attacker can cause a denial of service condition (memory consumption) by triggering "kfifo_alloc()" failures.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 14.04 - 16.04

linux-image-virtual-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-emb-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-e500mc-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-lowlatency-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lpae-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-4.4.0-1078-aws (Ubuntu package): before 4.4.0-1078.82

linux-image-aws (Ubuntu package): before 4.4.0.1078.75

linux-image-4.4.0-190-powerpc64-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc64-emb (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-e500mc (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-lowlatency (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic-lpae (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-kvm (Ubuntu package): before 4.4.0.1080.78

linux-image-4.4.0-1080-kvm (Ubuntu package): before 4.4.0-1080.87

linux-image-virtual (Ubuntu package): before 4.4.0.190.196

linux-image-snapdragon (Ubuntu package): before 4.4.0.1143.135

linux-image-raspi2 (Ubuntu package): before 4.4.0.1139.139

linux-image-powerpc64-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc64-emb (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-e500mc (Ubuntu package): before 4.4.0.190.196

linux-image-lowlatency (Ubuntu package): before 4.4.0.190.196

linux-image-generic-lpae (Ubuntu package): before 4.4.0.190.196

linux-image-generic (Ubuntu package): before 4.4.0.190.196

linux-image-4.4.0-1143-snapdragon (Ubuntu package): before 4.4.0-1143.152

linux-image-4.4.0-1139-raspi2 (Ubuntu package): before 4.4.0-1139.148

linux-image-4.4.0-1114-aws (Ubuntu package): before 4.4.0-1114.127

CPE2.3 External links

https://ubuntu.com/security/notices/USN-4527-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Memory leak

EUVDB-ID: #VU23033

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-19073

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the "htc_config_pipe_credits()", "htc_setup_complete()" and "htc_connect_service()" functions in "drivers/net/wireless/ath/ath9k/htc_hst.c" file. A remote attacker on the local network can cause a denial of service condition (memory consumption) by triggering "wait_for_completion_timeout()" failures.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 14.04 - 16.04

linux-image-virtual-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-emb-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-e500mc-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-lowlatency-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lpae-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-4.4.0-1078-aws (Ubuntu package): before 4.4.0-1078.82

linux-image-aws (Ubuntu package): before 4.4.0.1078.75

linux-image-4.4.0-190-powerpc64-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc64-emb (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-e500mc (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-lowlatency (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic-lpae (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-kvm (Ubuntu package): before 4.4.0.1080.78

linux-image-4.4.0-1080-kvm (Ubuntu package): before 4.4.0-1080.87

linux-image-virtual (Ubuntu package): before 4.4.0.190.196

linux-image-snapdragon (Ubuntu package): before 4.4.0.1143.135

linux-image-raspi2 (Ubuntu package): before 4.4.0.1139.139

linux-image-powerpc64-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc64-emb (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-e500mc (Ubuntu package): before 4.4.0.190.196

linux-image-lowlatency (Ubuntu package): before 4.4.0.190.196

linux-image-generic-lpae (Ubuntu package): before 4.4.0.190.196

linux-image-generic (Ubuntu package): before 4.4.0.190.196

linux-image-4.4.0-1143-snapdragon (Ubuntu package): before 4.4.0-1143.152

linux-image-4.4.0-1139-raspi2 (Ubuntu package): before 4.4.0-1139.148

linux-image-4.4.0-1114-aws (Ubuntu package): before 4.4.0-1114.127

CPE2.3 External links

https://ubuntu.com/security/notices/USN-4527-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Memory leak

EUVDB-ID: #VU23029

Risk: Medium

CVSSv4.0: 4.9 [CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2019-19074

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the "ath9k_wmi_cmd()" function in "drivers/net/wireless/ath/ath9k/wmi.c" file. A remote attacker on the local network can cause a denial of service condition (memory consumption).

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 14.04 - 16.04

linux-image-virtual-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-emb-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-e500mc-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-lowlatency-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lpae-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-4.4.0-1078-aws (Ubuntu package): before 4.4.0-1078.82

linux-image-aws (Ubuntu package): before 4.4.0.1078.75

linux-image-4.4.0-190-powerpc64-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc64-emb (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-e500mc (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-lowlatency (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic-lpae (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-kvm (Ubuntu package): before 4.4.0.1080.78

linux-image-4.4.0-1080-kvm (Ubuntu package): before 4.4.0-1080.87

linux-image-virtual (Ubuntu package): before 4.4.0.190.196

linux-image-snapdragon (Ubuntu package): before 4.4.0.1143.135

linux-image-raspi2 (Ubuntu package): before 4.4.0.1139.139

linux-image-powerpc64-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc64-emb (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-e500mc (Ubuntu package): before 4.4.0.190.196

linux-image-lowlatency (Ubuntu package): before 4.4.0.190.196

linux-image-generic-lpae (Ubuntu package): before 4.4.0.190.196

linux-image-generic (Ubuntu package): before 4.4.0.190.196

linux-image-4.4.0-1143-snapdragon (Ubuntu package): before 4.4.0-1143.152

linux-image-4.4.0-1139-raspi2 (Ubuntu package): before 4.4.0-1139.148

linux-image-4.4.0-1114-aws (Ubuntu package): before 4.4.0-1114.127

CPE2.3 External links

https://ubuntu.com/security/notices/USN-4527-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Input validation error

EUVDB-ID: #VU34374

Risk: Low

CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-20811

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local authenticated user to manipulate data.

An issue was discovered in the Linux kernel before 5.0.6. In rx_queue_add_kobject() and netdev_queue_add_kobject() in net/core/net-sysfs.c, a reference count is mishandled, aka CID-a3e23f719f5c.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 14.04 - 16.04

linux-image-virtual-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-emb-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-e500mc-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-lowlatency-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lpae-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-4.4.0-1078-aws (Ubuntu package): before 4.4.0-1078.82

linux-image-aws (Ubuntu package): before 4.4.0.1078.75

linux-image-4.4.0-190-powerpc64-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc64-emb (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-e500mc (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-lowlatency (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic-lpae (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-kvm (Ubuntu package): before 4.4.0.1080.78

linux-image-4.4.0-1080-kvm (Ubuntu package): before 4.4.0-1080.87

linux-image-virtual (Ubuntu package): before 4.4.0.190.196

linux-image-snapdragon (Ubuntu package): before 4.4.0.1143.135

linux-image-raspi2 (Ubuntu package): before 4.4.0.1139.139

linux-image-powerpc64-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc64-emb (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-e500mc (Ubuntu package): before 4.4.0.190.196

linux-image-lowlatency (Ubuntu package): before 4.4.0.190.196

linux-image-generic-lpae (Ubuntu package): before 4.4.0.190.196

linux-image-generic (Ubuntu package): before 4.4.0.190.196

linux-image-4.4.0-1143-snapdragon (Ubuntu package): before 4.4.0-1143.152

linux-image-4.4.0-1139-raspi2 (Ubuntu package): before 4.4.0-1139.148

linux-image-4.4.0-1114-aws (Ubuntu package): before 4.4.0-1114.127

CPE2.3 External links

https://ubuntu.com/security/notices/USN-4527-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Out-of-bounds read

EUVDB-ID: #VU35550

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-9445

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a missing bounds check when processing files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 14.04 - 16.04

linux-image-virtual-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-emb-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-e500mc-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-lowlatency-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lpae-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-4.4.0-1078-aws (Ubuntu package): before 4.4.0-1078.82

linux-image-aws (Ubuntu package): before 4.4.0.1078.75

linux-image-4.4.0-190-powerpc64-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc64-emb (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-e500mc (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-lowlatency (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic-lpae (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-kvm (Ubuntu package): before 4.4.0.1080.78

linux-image-4.4.0-1080-kvm (Ubuntu package): before 4.4.0-1080.87

linux-image-virtual (Ubuntu package): before 4.4.0.190.196

linux-image-snapdragon (Ubuntu package): before 4.4.0.1143.135

linux-image-raspi2 (Ubuntu package): before 4.4.0.1139.139

linux-image-powerpc64-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc64-emb (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-e500mc (Ubuntu package): before 4.4.0.190.196

linux-image-lowlatency (Ubuntu package): before 4.4.0.190.196

linux-image-generic-lpae (Ubuntu package): before 4.4.0.190.196

linux-image-generic (Ubuntu package): before 4.4.0.190.196

linux-image-4.4.0-1143-snapdragon (Ubuntu package): before 4.4.0-1143.152

linux-image-4.4.0-1139-raspi2 (Ubuntu package): before 4.4.0-1139.148

linux-image-4.4.0-1114-aws (Ubuntu package): before 4.4.0-1114.127

CPE2.3 External links

https://ubuntu.com/security/notices/USN-4527-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) Out-of-bounds read

EUVDB-ID: #VU35558

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2019-9453

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to improper input validation when processing files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 14.04 - 16.04

linux-image-virtual-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-emb-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-e500mc-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-lowlatency-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lpae-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-4.4.0-1078-aws (Ubuntu package): before 4.4.0-1078.82

linux-image-aws (Ubuntu package): before 4.4.0.1078.75

linux-image-4.4.0-190-powerpc64-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc64-emb (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-e500mc (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-lowlatency (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic-lpae (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-kvm (Ubuntu package): before 4.4.0.1080.78

linux-image-4.4.0-1080-kvm (Ubuntu package): before 4.4.0-1080.87

linux-image-virtual (Ubuntu package): before 4.4.0.190.196

linux-image-snapdragon (Ubuntu package): before 4.4.0.1143.135

linux-image-raspi2 (Ubuntu package): before 4.4.0.1139.139

linux-image-powerpc64-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc64-emb (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-e500mc (Ubuntu package): before 4.4.0.190.196

linux-image-lowlatency (Ubuntu package): before 4.4.0.190.196

linux-image-generic-lpae (Ubuntu package): before 4.4.0.190.196

linux-image-generic (Ubuntu package): before 4.4.0.190.196

linux-image-4.4.0-1143-snapdragon (Ubuntu package): before 4.4.0-1143.152

linux-image-4.4.0-1139-raspi2 (Ubuntu package): before 4.4.0-1139.148

linux-image-4.4.0-1114-aws (Ubuntu package): before 4.4.0-1114.127

CPE2.3 External links

https://ubuntu.com/security/notices/USN-4527-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds read

EUVDB-ID: #VU34427

Risk: Low

CVSSv4.0: 4 [CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-0067

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a missing bounds check when processing files. A remote attacker can create a specially crafted file, trick the victim into opening it, trigger out-of-bounds read error and read contents of memory on the system.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 14.04 - 16.04

linux-image-virtual-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-emb-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-e500mc-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-lowlatency-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lpae-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-4.4.0-1078-aws (Ubuntu package): before 4.4.0-1078.82

linux-image-aws (Ubuntu package): before 4.4.0.1078.75

linux-image-4.4.0-190-powerpc64-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc64-emb (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-e500mc (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-lowlatency (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic-lpae (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-kvm (Ubuntu package): before 4.4.0.1080.78

linux-image-4.4.0-1080-kvm (Ubuntu package): before 4.4.0-1080.87

linux-image-virtual (Ubuntu package): before 4.4.0.190.196

linux-image-snapdragon (Ubuntu package): before 4.4.0.1143.135

linux-image-raspi2 (Ubuntu package): before 4.4.0.1139.139

linux-image-powerpc64-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc64-emb (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-e500mc (Ubuntu package): before 4.4.0.190.196

linux-image-lowlatency (Ubuntu package): before 4.4.0.190.196

linux-image-generic-lpae (Ubuntu package): before 4.4.0.190.196

linux-image-generic (Ubuntu package): before 4.4.0.190.196

linux-image-4.4.0-1143-snapdragon (Ubuntu package): before 4.4.0-1143.152

linux-image-4.4.0-1139-raspi2 (Ubuntu package): before 4.4.0-1139.148

linux-image-4.4.0-1114-aws (Ubuntu package): before 4.4.0-1114.127

CPE2.3 External links

https://ubuntu.com/security/notices/USN-4527-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) Time-of-check Time-of-use (TOCTOU) Race Condition

EUVDB-ID: #VU51433

Risk: Low

CVSSv4.0: 5.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2020-25212

CWE-ID: CWE-367 - Time-of-check Time-of-use (TOCTOU) Race Condition

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a TOCTOU mismatch in the NFS client code in the Linux kernel. A local user can run a specially crafted program to trigger memory corruption and execute arbitrary code on the system with elevated privileges.

Mitigation

Update the affected package linux to the latest version.

Vulnerable software versions

Ubuntu: 14.04 - 16.04

linux-image-virtual-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc64-emb-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-smp-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-powerpc-e500mc-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-lowlatency-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-generic-lpae-lts-xenial (Ubuntu package): before 4.4.0.190.166

linux-image-4.4.0-1078-aws (Ubuntu package): before 4.4.0-1078.82

linux-image-aws (Ubuntu package): before 4.4.0.1078.75

linux-image-4.4.0-190-powerpc64-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc64-emb (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-smp (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-powerpc-e500mc (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-lowlatency (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic-lpae (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-4.4.0-190-generic (Ubuntu package): before 4.4.0-190.220~14.04.1

linux-image-kvm (Ubuntu package): before 4.4.0.1080.78

linux-image-4.4.0-1080-kvm (Ubuntu package): before 4.4.0-1080.87

linux-image-virtual (Ubuntu package): before 4.4.0.190.196

linux-image-snapdragon (Ubuntu package): before 4.4.0.1143.135

linux-image-raspi2 (Ubuntu package): before 4.4.0.1139.139

linux-image-powerpc64-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc64-emb (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-smp (Ubuntu package): before 4.4.0.190.196

linux-image-powerpc-e500mc (Ubuntu package): before 4.4.0.190.196

linux-image-lowlatency (Ubuntu package): before 4.4.0.190.196

linux-image-generic-lpae (Ubuntu package): before 4.4.0.190.196

linux-image-generic (Ubuntu package): before 4.4.0.190.196

linux-image-4.4.0-1143-snapdragon (Ubuntu package): before 4.4.0-1143.152

linux-image-4.4.0-1139-raspi2 (Ubuntu package): before 4.4.0-1139.148

linux-image-4.4.0-1114-aws (Ubuntu package): before 4.4.0-1114.127

CPE2.3 External links

https://ubuntu.com/security/notices/USN-4527-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###