- Vulnerability/
- USN-4188-1
USN-4188-1: Linux kernel vulnerability
First published: Wed Nov 13 2019(Updated: )
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in microarchitectural buffers to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| All of | ||
| ubuntu/linux-image-server | <3.2.0.144.159 | 3.2.0.144.159 |
| =12.04 | ||
| All of | ||
| ubuntu/linux-image-3.13.0-175-generic-lpae | <3.13.0-175.226~12.04.1 | 3.13.0-175.226~12.04.1 |
| =12.04 | ||
| All of | ||
| ubuntu/linux-image-3.2.0-144-generic-pae | <3.2.0-144.191 | 3.2.0-144.191 |
| =12.04 | ||
| All of | ||
| ubuntu/linux-image-3.13.0-175-generic | <3.13.0-175.226~12.04.1 | 3.13.0-175.226~12.04.1 |
| =12.04 | ||
| All of | ||
| ubuntu/linux-image-generic | <3.2.0.144.159 | 3.2.0.144.159 |
| =12.04 | ||
| All of | ||
| ubuntu/linux-image-3.13.0-175-lowlatency | <3.13.0-175.226~12.04.1 | 3.13.0-175.226~12.04.1 |
| =12.04 | ||
| All of | ||
| ubuntu/linux-image-3.2.0-144-virtual | <3.2.0-144.191 | 3.2.0-144.191 |
| =12.04 | ||
| All of | ||
| ubuntu/linux-image-generic-lpae-lts-trusty | <3.13.0.175.163 | 3.13.0.175.163 |
| =12.04 | ||
| All of | ||
| ubuntu/linux-image-virtual | <3.2.0.144.159 | 3.2.0.144.159 |
| =12.04 | ||
| All of | ||
| ubuntu/linux-image-generic-lts-trusty | <3.13.0.175.163 | 3.13.0.175.163 |
| =12.04 | ||
| All of | ||
| ubuntu/linux-image-generic-pae | <3.2.0.144.159 | 3.2.0.144.159 |
| =12.04 | ||
| All of | ||
| ubuntu/linux-image-3.2.0-144-generic | <3.2.0-144.191 | 3.2.0-144.191 |
| =12.04 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://ubuntu.com/security/CVE-2019-11135
- https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/TAA_MCEPSC_i915
- https://ubuntu.com/security/notices/USN-4186-1
- https://ubuntu.com/security/notices/USN-4182-2
- https://ubuntu.com/security/notices/USN-4186-2
- https://ubuntu.com/security/notices/USN-4182-1
- https://ubuntu.com/security/notices/USN-4187-1
- https://ubuntu.com/security/notices/USN-4184-1
- https://ubuntu.com/security/notices/USN-4185-2
- https://ubuntu.com/security/notices/USN-4185-1
- https://ubuntu.com/security/notices/USN-4183-1
- https://launchpad.net/ubuntu/+source/linux-lts-trusty/3.13.0-175.226~12.04.1
- https://launchpad.net/ubuntu/+source/linux/3.2.0-144.191
- https://ubuntu.com/security/notices/USN-4188-1 (Advisory)
Frequently Asked Questions
What is the vulnerability ID for this Linux kernel vulnerability?
The vulnerability ID for this Linux kernel vulnerability is USN-4188-1.
What is the severity of the USN-4188-1 vulnerability?
The severity of the USN-4188-1 vulnerability is not specified in the provided information.
How does the USN-4188-1 vulnerability affect Ubuntu 12.04?
The USN-4188-1 vulnerability affects Ubuntu 12.04.
What is the remedy for the USN-4188-1 vulnerability?
The remedy for the USN-4188-1 vulnerability is to update the Linux kernel to the specified versions.
Are there any additional references for the USN-4188-1 vulnerability?
Yes, there are additional references available for the USN-4188-1 vulnerability. Please refer to the provided links for more information.
- agent/severity
- agent/references
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/event
- agent/description
- agent/title
- agent/tags
- agent/trending
- collector/usn
- source/Ubuntu
- agent/software-canonical-lookup
- package-manager/ubuntu
- vendor/ubuntu
- canonical/ubuntu ubuntu
- version/ubuntu ubuntu/12.04