USN-4095-1: Linux kernel vulnerabilities
First published: Tue Aug 13 2019(Updated: )
Eli Biham and Lior Neumann discovered that the Bluetooth implementation in the Linux kernel did not properly validate elliptic curve parameters during Diffie-Hellman key exchange in some situations. An attacker could use this to expose sensitive information. (CVE-2018-5383) It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-10126) Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-1125) Jann Horn discovered that a race condition existed in the Linux kernel when performing core dumps. A local attacker could use this to cause a denial of service (system crash) or expose sensitive information. (CVE-2019-11599) It was discovered that the PowerPC dlpar implementation in the Linux kernel did not properly check for allocation errors in some situations. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-12614) Jann Horn discovered that the ptrace implementation in the Linux kernel did not properly record credentials in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2019-13272) It was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-3846)
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-4.4.0-1054-kvm | <4.4.0-1054.61 | 4.4.0-1054.61 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-1090-aws | <4.4.0-1090.101 | 4.4.0-1090.101 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-1118-raspi2 | <4.4.0-1118.127 | 4.4.0-1118.127 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-1122-snapdragon | <4.4.0-1122.128 | 4.4.0-1122.128 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-159-generic | <4.4.0-159.187 | 4.4.0-159.187 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-159-generic-lpae | <4.4.0-159.187 | 4.4.0-159.187 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-159-lowlatency | <4.4.0-159.187 | 4.4.0-159.187 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-159-powerpc-e500mc | <4.4.0-159.187 | 4.4.0-159.187 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-159-powerpc-smp | <4.4.0-159.187 | 4.4.0-159.187 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-159-powerpc64-emb | <4.4.0-159.187 | 4.4.0-159.187 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-4.4.0-159-powerpc64-smp | <4.4.0-159.187 | 4.4.0-159.187 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-aws | <4.4.0.1090.94 | 4.4.0.1090.94 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-generic | <4.4.0.159.167 | 4.4.0.159.167 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-generic-lpae | <4.4.0.159.167 | 4.4.0.159.167 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-kvm | <4.4.0.1054.54 | 4.4.0.1054.54 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-lowlatency | <4.4.0.159.167 | 4.4.0.159.167 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-powerpc-e500mc | <4.4.0.159.167 | 4.4.0.159.167 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-powerpc-smp | <4.4.0.159.167 | 4.4.0.159.167 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-powerpc64-emb | <4.4.0.159.167 | 4.4.0.159.167 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-powerpc64-smp | <4.4.0.159.167 | 4.4.0.159.167 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-raspi2 | <4.4.0.1118.118 | 4.4.0.1118.118 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-snapdragon | <4.4.0.1122.114 | 4.4.0.1122.114 |
| Ubuntu OpenSSH Client | =16.04 | |
| All of | ||
| ubuntu/linux-image-virtual | <4.4.0.159.167 | 4.4.0.159.167 |
| Ubuntu OpenSSH Client | =16.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2018-5383
- https://ubuntu.com/security/CVE-2019-10126
- https://ubuntu.com/security/CVE-2019-1125
- https://ubuntu.com/security/CVE-2019-11599
- https://ubuntu.com/security/CVE-2019-12614
- https://ubuntu.com/security/CVE-2019-13272
- https://ubuntu.com/security/CVE-2019-3846
- https://ubuntu.com/security/CVE-2019-9503
- https://ubuntu.com/security/notices/USN-4118-1
- https://ubuntu.com/security/notices/USN-4094-1
- https://ubuntu.com/security/notices/USN-4095-2
- https://ubuntu.com/security/notices/USN-4351-1
- https://ubuntu.com/security/notices/USN-4117-1
- https://ubuntu.com/security/notices/USN-4093-1
- https://ubuntu.com/security/notices/USN-4096-1
- https://ubuntu.com/security/notices/USN-4115-1
- https://ubuntu.com/security/notices/USN-4069-2
- https://ubuntu.com/security/notices/USN-4069-1
- https://ubuntu.com/security/notices/USN-4076-1
- https://ubuntu.com/security/notices/USN-3980-1
- https://ubuntu.com/security/notices/USN-3981-1
- https://ubuntu.com/security/notices/USN-3981-2
- https://ubuntu.com/security/notices/USN-3980-2
- https://ubuntu.com/security/notices/USN-3979-1
- https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1054.61
- https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1090.101
- https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1118.127
- https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1122.128
- https://launchpad.net/ubuntu/+source/linux-signed/4.4.0-159.187
- https://launchpad.net/ubuntu/+source/linux/4.4.0-159.187
- https://launchpad.net/ubuntu/+source/linux-meta-aws/4.4.0.1090.94
- https://launchpad.net/ubuntu/+source/linux-meta/4.4.0.159.167
- https://launchpad.net/ubuntu/+source/linux-meta-kvm/4.4.0.1054.54
- https://launchpad.net/ubuntu/+source/linux-meta-raspi2/4.4.0.1118.118
- https://launchpad.net/ubuntu/+source/linux-meta-snapdragon/4.4.0.1122.114
- https://ubuntu.com/security/notices/USN-4095-1 (Advisory)
Child vulnerabilities
(Contains the following vulnerabilities)
Frequently Asked Questions
What vulnerability does USN-4095-1 address?
USN-4095-1 addresses the Linux kernel vulnerabilities.
What is the severity of CVE-2018-5383?
The severity of CVE-2018-5383 is not specified.
How does CVE-2018-5383 impact the Linux kernel?
CVE-2018-5383 can allow an attacker to expose sensitive information by exploiting a validation issue in the Bluetooth implementation in the Linux kernel during Diffie-Hellman key exchange.
How can I fix the vulnerabilities addressed by USN-4095-1?
To fix the vulnerabilities addressed by USN-4095-1, update your Ubuntu 16.04 system to the specified kernel versions.
Where can I find more information about the vulnerabilities addressed by USN-4095-1?
You can find more information about the vulnerabilities addressed by USN-4095-1 on the Ubuntu website.
- agent/weakness
- agent/references
- agent/severity
- agent/type
- agent/last-modified-date
- agent/first-publish-date
- agent/title
- agent/description
- agent/event
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu openssh client
- version/ubuntu openssh client/16.04