First published: Thu Oct 17 2019(Updated: )
Wen Huang discovered that the Marvell Wi-Fi device driver in the Linux kernel did not properly perform bounds checking, leading to a heap overflow. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14814, CVE-2019-14815, CVE-2019-14816) Matt Delco discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform bounds checking when handling coalesced MMIO write operations. A local attacker with write access to /dev/kvm could use this to cause a denial of service (system crash). (CVE-2019-14821) Hui Peng and Mathias Payer discovered that the 91x Wi-Fi driver in the Linux kernel did not properly handle error conditions on initialization, leading to a double-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-15504) It was discovered that the Technisat DVB-S/S2 USB device driver in the Linux kernel contained a buffer overread. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2019-15505) Brad Spengler discovered that a Spectre mitigation was improperly implemented in the ptrace susbsystem of the Linux kernel. A local attacker could possibly use this to expose sensitive information. (CVE-2019-15902) It was discovered that the IPv6 RDS implementation in the Linux kernel did not properly initialize fields in a data structure returned to user space. A local attacker could use this to expose sensitive information (kernel memory). Please note that the RDS protocol is disabled via blocklist in Ubuntu by default. (CVE-2019-16714) It was discovered that an integer overflow existed in the Binder implementation of the Linux kernel, leading to a buffer overflow. A local attacker could use this to escalate privileges. (CVE-2019-2181)
Affected Software | Affected Version | How to fix |
---|---|---|
All of | ||
ubuntu/linux-image-5.0.0-1019-aws | <5.0.0-1019.21 | 5.0.0-1019.21 |
=19.04 | ||
All of | ||
ubuntu/linux-image-5.0.0-1020-kvm | <5.0.0-1020.21 | 5.0.0-1020.21 |
=19.04 | ||
All of | ||
ubuntu/linux-image-5.0.0-1020-raspi2 | <5.0.0-1020.20 | 5.0.0-1020.20 |
=19.04 | ||
All of | ||
ubuntu/linux-image-5.0.0-1021-gcp | <5.0.0-1021.21 | 5.0.0-1021.21 |
=19.04 | ||
All of | ||
ubuntu/linux-image-5.0.0-1023-azure | <5.0.0-1023.24 | 5.0.0-1023.24 |
=19.04 | ||
All of | ||
ubuntu/linux-image-5.0.0-1024-snapdragon | <5.0.0-1024.25 | 5.0.0-1024.25 |
=19.04 | ||
All of | ||
ubuntu/linux-image-5.0.0-32-generic | <5.0.0-32.34 | 5.0.0-32.34 |
=19.04 | ||
All of | ||
ubuntu/linux-image-5.0.0-32-generic-lpae | <5.0.0-32.34 | 5.0.0-32.34 |
=19.04 | ||
All of | ||
ubuntu/linux-image-5.0.0-32-lowlatency | <5.0.0-32.34 | 5.0.0-32.34 |
=19.04 | ||
All of | ||
ubuntu/linux-image-aws | <5.0.0.1019.20 | 5.0.0.1019.20 |
=19.04 | ||
All of | ||
ubuntu/linux-image-azure | <5.0.0.1023.22 | 5.0.0.1023.22 |
=19.04 | ||
All of | ||
ubuntu/linux-image-gcp | <5.0.0.1021.47 | 5.0.0.1021.47 |
=19.04 | ||
All of | ||
ubuntu/linux-image-generic | <5.0.0.32.33 | 5.0.0.32.33 |
=19.04 | ||
All of | ||
ubuntu/linux-image-generic-lpae | <5.0.0.32.33 | 5.0.0.32.33 |
=19.04 | ||
All of | ||
ubuntu/linux-image-gke | <5.0.0.1021.47 | 5.0.0.1021.47 |
=19.04 | ||
All of | ||
ubuntu/linux-image-kvm | <5.0.0.1020.20 | 5.0.0.1020.20 |
=19.04 | ||
All of | ||
ubuntu/linux-image-lowlatency | <5.0.0.32.33 | 5.0.0.32.33 |
=19.04 | ||
All of | ||
ubuntu/linux-image-raspi2 | <5.0.0.1020.17 | 5.0.0.1020.17 |
=19.04 | ||
All of | ||
ubuntu/linux-image-snapdragon | <5.0.0.1024.17 | 5.0.0.1024.17 |
=19.04 | ||
All of | ||
ubuntu/linux-image-virtual | <5.0.0.32.33 | 5.0.0.32.33 |
=19.04 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Contains the following vulnerabilities)
The vulnerability ID for this Linux kernel vulnerability is CVE-2019-14814, CVE-2019-14815, CVE-2019-14816.
The severity of this vulnerability is not specified.
The Linux kernel versions affected by this vulnerability are 5.0.0-1019.21, 5.0.0-1020.21, 5.0.0-1020.20, 5.0.0-1021.21, 5.0.0-1023.24, 5.0.0-1024.25, 5.0.0-32.34, 5.0.0-32.34, 5.0.0-32.34, 5.0.0.1019.20, 5.0.0.1023.22, 5.0.0.1021.47, 5.0.0.32.33, 5.0.0.32.33, 5.0.0.1021.47, 5.0.0.1020.20, 5.0.0.32.33, 5.0.0.1020.17, 5.0.0.1024.17, 5.0.0.32.33.
A local attacker can exploit this vulnerability by using it to cause a denial of service (system crash) or possibly execute arbitrary code.
You can find more information about this vulnerability at the following references: [CVE-2019-14814](https://ubuntu.com/security/CVE-2019-14814), [CVE-2019-14815](https://ubuntu.com/security/CVE-2019-14815), [CVE-2019-14816](https://ubuntu.com/security/CVE-2019-14816).