ID

VAR-201911-1413


CVE

CVE-2019-19060


TITLE

Linux Kernel Vulnerable to resource exhaustion

Trust: 0.8

sources: JVNDB: JVNDB-2019-011971

DESCRIPTION

A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41. Linux Kernel Contains a resource exhaustion vulnerability. Vendors have confirmed this vulnerability CID-ab612b1daf41 It is released as.Service operation interruption (DoS) There is a possibility of being put into a state. ========================================================================= Ubuntu Security Notice USN-4226-1 January 07, 2020 linux, linux-aws, linux-aws-5.0, linux-azure, linux-gcp, linux-gke-5.0, linux-kvm, linux-oem-osp1, linux-oracle, linux-oracle-5.0, linux-raspi2 vulnerabilities ========================================================================= A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-kvm: Linux kernel for cloud environments - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi2: Linux kernel for Raspberry Pi 2 - linux-aws-5.0: Linux kernel for Amazon Web Services (AWS) systems - linux-gke-5.0: Linux kernel for Google Container Engine (GKE) systems - linux-oem-osp1: Linux kernel for OEM processors - linux-oracle-5.0: Linux kernel for Oracle Cloud systems Details: Michael Hanselmann discovered that the CIFS implementation in the Linux kernel did not sanitize paths returned by an SMB server. An attacker controlling an SMB server could use this to overwrite arbitrary files. (CVE-2019-10220) It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901) It was discovered that a heap-based buffer overflow existed in the Marvell Libertas WLAN Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14896, CVE-2019-14897) It was discovered that the Fujitsu ES network device driver for the Linux kernel did not properly check for errors in some situations, leading to a NULL pointer dereference. A local attacker could use this to cause a denial of service. (CVE-2019-16231) It was discovered that the QLogic Fibre Channel driver in the Linux kernel did not properly check for error, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16233) Nicolas Waisman discovered that the WiFi driver stack in the Linux kernel did not properly validate SSID lengths. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-17133) Anthony Steinhauser discovered that the Linux kernel did not properly perform Spectre_RSB mitigations to all processors for PowerPC architecture systems in some situations. A local attacker could use this to expose sensitive information. (CVE-2019-18660) It was discovered that the Mellanox Technologies Innova driver in the Linux kernel did not properly deallocate memory in certain failure conditions. (CVE-2019-19045) It was discovered that the VirtualBox guest driver implementation in the Linux kernel did not properly deallocate memory in certain error conditions. (CVE-2019-19048) It was discovered that Geschwister Schneider USB CAN interface driver in the Linux kernel did not properly deallocate memory in certain failure conditions. (CVE-2019-19052) It was discovered that the netlink-based 802.11 configuration interface in the Linux kernel did not deallocate memory in certain error conditions. (CVE-2019-19055) It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. (CVE-2019-19060) It was discovered that the Intel OPA Gen1 Infiniband Driver for the Linux kernel did not properly deallocate memory in certain error conditions. (CVE-2019-19065) It was discovered that the AMD Audio CoProcessor Driver for the Linux kernel did not properly deallocate memory in certain error conditions. (CVE-2019-19067) It was discovered that the event tracing subsystem of the Linux kernel did not properly deallocate memory in certain error conditions. (CVE-2019-19072) It was discovered that the Cascoda CA8210 SPI 802.15.4 wireless controller driver for the Linux kernel did not properly deallocate memory in certain error conditions. (CVE-2019-19075) It was discovered that the AMD Display Engine Driver in the Linux kernel did not properly deallocate memory in certain error conditions. A physically proximate attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2019-19524) It was discovered that the NXP PN533 NFC USB driver in the Linux kernel did not properly free resources after a late probe error, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19526) It was discovered that the Microchip CAN BUS Analyzer driver in the Linux kernel contained a use-after-free vulnerability on device disconnect. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19529) It was discovered that multiple USB HID device drivers in the Linux kernel did not properly validate device metadata on attachment, leading to out-of- bounds writes. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-19532) It was discovered that the PEAK-System Technik USB driver in the Linux kernel did not properly sanitize memory before sending it to the device. A physically proximate attacker could use this to expose sensitive information (kernel memory). (CVE-2019-19534) It was discovered that in some situations the fair scheduler in the Linux kernel did not permit a process to use its full quota time slice. A local attacker could use this to cause a denial of service. (CVE-2019-19922) It was discovered that the binder IPC implementation in the Linux kernel did not properly perform bounds checking in some situations, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-2214) Nicolas Waisman discovered that the Chelsio T4/T5 RDMA Driver for the Linux kernel performed DMA from a kernel stack. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-17075) It was discovered that the DesignWare USB3 controller driver in the Linux kernel did not properly deallocate memory in some error conditions. (CVE-2019-18813) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: linux-image-5.0.0-1009-oracle 5.0.0-1009.14 linux-image-5.0.0-1023-aws 5.0.0-1023.26 linux-image-5.0.0-1024-kvm 5.0.0-1024.26 linux-image-5.0.0-1024-raspi2 5.0.0-1024.25 linux-image-5.0.0-1028-azure 5.0.0-1028.30 linux-image-5.0.0-1028-gcp 5.0.0-1028.29 linux-image-5.0.0-38-generic 5.0.0-38.41 linux-image-5.0.0-38-generic-lpae 5.0.0-38.41 linux-image-5.0.0-38-lowlatency 5.0.0-38.41 linux-image-aws 5.0.0.1023.25 linux-image-azure 5.0.0.1028.28 linux-image-gcp 5.0.0.1028.53 linux-image-generic 5.0.0.38.40 linux-image-generic-lpae 5.0.0.38.40 linux-image-gke 5.0.0.1028.53 linux-image-kvm 5.0.0.1024.25 linux-image-lowlatency 5.0.0.38.40 linux-image-oracle 5.0.0.1009.35 linux-image-raspi2 5.0.0.1024.22 linux-image-virtual 5.0.0.38.40 Ubuntu 18.04 LTS: linux-image-5.0.0-1009-oracle 5.0.0-1009.14~18.04.1 linux-image-5.0.0-1023-aws 5.0.0-1023.26~18.04.1 linux-image-5.0.0-1027-gke 5.0.0-1027.28~18.04.1 linux-image-5.0.0-1028-azure 5.0.0-1028.30~18.04.1 linux-image-5.0.0-1033-oem-osp1 5.0.0-1033.38 linux-image-aws-edge 5.0.0.1023.37 linux-image-azure 5.0.0.1028.39 linux-image-gke-5.0 5.0.0.1027.16 linux-image-oem-osp1 5.0.0.1033.37 linux-image-oracle-edge 5.0.0.1009.8 After a standard system update you need to reboot your computer to make all the necessary changes. ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well. References: https://usn.ubuntu.com/4226-1 CVE-2019-10220, CVE-2019-14895, CVE-2019-14896, CVE-2019-14897, CVE-2019-14901, CVE-2019-16231, CVE-2019-16233, CVE-2019-17075, CVE-2019-17133, CVE-2019-18660, CVE-2019-18813, CVE-2019-19045, CVE-2019-19048, CVE-2019-19052, CVE-2019-19055, CVE-2019-19060, CVE-2019-19065, CVE-2019-19067, CVE-2019-19072, CVE-2019-19075, CVE-2019-19083, CVE-2019-19524, CVE-2019-19526, CVE-2019-19529, CVE-2019-19532, CVE-2019-19534, CVE-2019-19922, CVE-2019-2214 Package Information: https://launchpad.net/ubuntu/+source/linux/5.0.0-38.41 https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1023.26 https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1028.30 https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1028.29 https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1024.26 https://launchpad.net/ubuntu/+source/linux-oracle/5.0.0-1009.14 https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1024.25 https://launchpad.net/ubuntu/+source/linux-aws-5.0/5.0.0-1023.26~18.04.1 https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1028.30~18.04.1 https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1027.28~18.04.1 https://launchpad.net/ubuntu/+source/linux-oem-osp1/5.0.0-1033.38 https://launchpad.net/ubuntu/+source/linux-oracle-5.0/5.0.0-1009.14~18.04.1

Trust: 2.07

sources: NVD: CVE-2019-19060 // JVNDB: JVNDB-2019-011971 // VULHUB: VHN-151469 // VULMON: CVE-2019-19060 // PACKETSTORM: 155529 // PACKETSTORM: 155854 // PACKETSTORM: 157755

AFFECTED PRODUCTS

vendor:linuxmodel:kernelscope:ltversion:5.3.9

Trust: 1.8

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.30

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.60.3

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.4.262

Trust: 1.0

vendor:broadcommodel:brocade fabric operating systemscope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:19.04

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.5

Trust: 1.0

vendor:netappmodel:data availability servicesscope:eqversion: -

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.60

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.40.5

Trust: 1.0

vendor:netappmodel:fas\/aff baseboard management controllerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:hci compute nodescope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.14.226

Trust: 1.0

vendor:netappmodel:active iq unified managerscope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:19.10

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.40

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.70.1

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.15

Trust: 1.0

vendor:netappmodel:solidfire\, enterprise sds \& hci storage nodescope:eqversion: -

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.19.82

Trust: 1.0

vendor:netappmodel:aff baseboard management controllerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:steelstore cloud integrated storagescope:eqversion: -

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.30.5r3

Trust: 1.0

vendor:netappmodel:solidfire \& hci management nodescope:eqversion: -

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.50.1

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.60.1

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.0

Trust: 1.0

vendor:netappmodel:hci baseboard management controllerscope:eqversion:h610s

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.0

vendor:linuxmodel:kernelscope:ltversion:4.9.262

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.40.3r2

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.10

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.50.2

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.60.0

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.70.2

Trust: 1.0

vendor:netappmodel:solidfire baseboard management controllerscope:eqversion: -

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.20

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.25

Trust: 1.0

vendor:netappmodel:e-series santricity os controllerscope:eqversion:11.0.0

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:3.8

Trust: 1.0

vendor:opensusemodel:leapscope:eqversion:15.1

Trust: 1.0

vendor:linuxmodel:kernelscope:gteversion:4.20

Trust: 1.0

sources: JVNDB: JVNDB-2019-011971 // NVD: CVE-2019-19060

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-19060
value: HIGH

Trust: 1.0

NVD: CVE-2019-19060
value: HIGH

Trust: 0.8

CNNVD: CNNVD-201911-1081
value: HIGH

Trust: 0.6

VULHUB: VHN-151469
value: HIGH

Trust: 0.1

VULMON: CVE-2019-19060
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2019-19060
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-151469
severity: HIGH
baseScore: 7.8
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:C
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: COMPLETE
exploitabilityScore: 10.0
impactScore: 6.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2019-19060
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: CVE-2019-19060
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-151469 // VULMON: CVE-2019-19060 // JVNDB: JVNDB-2019-011971 // CNNVD: CNNVD-201911-1081 // NVD: CVE-2019-19060

PROBLEMTYPE DATA

problemtype:CWE-401

Trust: 1.1

problemtype:CWE-400

Trust: 0.8

sources: VULHUB: VHN-151469 // JVNDB: JVNDB-2019-011971 // NVD: CVE-2019-19060

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201911-1081

TYPE

resource management error

Trust: 0.6

sources: CNNVD: CNNVD-201911-1081

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-011971

PATCH

title:ChangeLog-5.3.9url:https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.9

Trust: 0.8

title:iio: imu: adis16400: release allocated memory on failureurl:https://github.com/torvalds/linux/commit/ab612b1daf415b62c58e130cb3d0f30b255a14d0

Trust: 0.8

title:Linux Kernel Archivesurl:http://www.kernel.org

Trust: 0.8

title:Linux kernel Remediation of resource management error vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=103001

Trust: 0.6

title:Ubuntu Security Notice: linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4210-1

Trust: 0.1

title:Ubuntu Security Notice: linux, linux-aws, linux-lts-xenial, linux-raspi2, linux-snapdragon vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4364-1

Trust: 0.1

title:Ubuntu Security Notice: linux, linux-aws, linux-gcp, linux-gcp-5.3, linux-kvm, linux-oracle vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4208-1

Trust: 0.1

title:Ubuntu Security Notice: linux, linux-aws, linux-aws-5.0, linux-azure, linux-gcp, linux-gke-5.0, linux-kvm, linux-oem-osp1, linux-oracle, linux-oracle-5.0, linux-raspi2 vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-4226-1

Trust: 0.1

title:Amazon Linux 2: ALAS2-2021-1627url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux2&qid=ALAS2-2021-1627

Trust: 0.1

title: - url:https://github.com/Live-Hack-CVE/CVE-2019-19060

Trust: 0.1

title:cve_diff_checkerurl:https://github.com/lcatro/cve_diff_checker

Trust: 0.1

sources: VULMON: CVE-2019-19060 // JVNDB: JVNDB-2019-011971 // CNNVD: CNNVD-201911-1081

EXTERNAL IDS

db:NVDid:CVE-2019-19060

Trust: 2.9

db:PACKETSTORMid:157755

Trust: 0.8

db:JVNDBid:JVNDB-2019-011971

Trust: 0.8

db:CNNVDid:CNNVD-201911-1081

Trust: 0.7

db:PACKETSTORMid:155529

Trust: 0.7

db:PACKETSTORMid:155854

Trust: 0.7

db:AUSCERTid:ESB-2020.0851

Trust: 0.6

db:AUSCERTid:ESB-2019.4793

Trust: 0.6

db:AUSCERTid:ESB-2019.4539

Trust: 0.6

db:AUSCERTid:ESB-2019.4346.2

Trust: 0.6

db:AUSCERTid:ESB-2019.4704

Trust: 0.6

db:AUSCERTid:ESB-2020.1768.2

Trust: 0.6

db:AUSCERTid:ESB-2020.0830

Trust: 0.6

db:AUSCERTid:ESB-2020.0141

Trust: 0.6

db:AUSCERTid:ESB-2019.4584

Trust: 0.6

db:VULHUBid:VHN-151469

Trust: 0.1

db:VULMONid:CVE-2019-19060

Trust: 0.1

sources: VULHUB: VHN-151469 // VULMON: CVE-2019-19060 // JVNDB: JVNDB-2019-011971 // PACKETSTORM: 155529 // PACKETSTORM: 155854 // PACKETSTORM: 157755 // CNNVD: CNNVD-201911-1081 // NVD: CVE-2019-19060

REFERENCES

url:https://usn.ubuntu.com/4210-1/

Trust: 2.5

url:https://security.netapp.com/advisory/ntap-20191205-0001/

Trust: 1.8

url:https://cdn.kernel.org/pub/linux/kernel/v5.x/changelog-5.3.9

Trust: 1.8

url:https://github.com/torvalds/linux/commit/ab612b1daf415b62c58e130cb3d0f30b255a14d0

Trust: 1.8

url:http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00029.html

Trust: 1.8

url:https://usn.ubuntu.com/4208-1/

Trust: 1.8

url:https://usn.ubuntu.com/4226-1/

Trust: 1.8

url:https://usn.ubuntu.com/4364-1/

Trust: 1.8

url:https://nvd.nist.gov/vuln/detail/cve-2019-19060

Trust: 1.7

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-19060

Trust: 0.8

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00237.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20193200-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20193381-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2020/suse-su-20200093-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20193316-1.html

Trust: 0.6

url:https://www.suse.com/support/update/announcement/2019/suse-su-20193317-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.1768.2/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4539/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4704/

Trust: 0.6

url:https://packetstormsecurity.com/files/157755/ubuntu-security-notice-usn-4364-1.html

Trust: 0.6

url:https://packetstormsecurity.com/files/155529/ubuntu-security-notice-usn-4210-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4793/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0851/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4584/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0830/

Trust: 0.6

url:https://access.redhat.com/security/cve/cve-2019-19060

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2020.0141/

Trust: 0.6

url:https://vigilance.fr/vulnerability/linux-kernel-five-vulnerabilities-via-memory-leak-30908

Trust: 0.6

url:https://packetstormsecurity.com/files/155854/ubuntu-security-notice-usn-4226-1.html

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4346.2/

Trust: 0.6

url:https://nvd.nist.gov/vuln/detail/cve-2019-19065

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17075

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-17133

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2019-19075

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/401.html

Trust: 0.1

url:https://github.com/live-hack-cve/cve-2019-19060

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1051.51

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-16746

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gke-4.15/4.15.0-1049.52

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oem/4.15.0-1065.75

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1050.53

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws-hwe/4.15.0-1056.58~16.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1030.33~16.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-snapdragon/4.15.0-1069.76

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1052.56

Trust: 0.1

url:https://usn.ubuntu.com/4210-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1030.33

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1056.58

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-72.81~16.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/4.15.0-72.81

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1028.30

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1028.30~18.04.1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19048

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1024.25

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-16231

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1024.26

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle-5.0/5.0.0-1009.14~18.04.1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-16233

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-18813

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-18660

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1028.29

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19052

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1023.26

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-10220

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19067

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19045

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-2214

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19526

Trust: 0.1

url:https://usn.ubuntu.com/4226-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1027.28~18.04.1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19922

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-14901

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/5.0.0-38.41

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19524

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19083

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19529

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19072

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oem-osp1/5.0.0-1033.38

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-oracle/5.0.0-1009.14

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19055

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19534

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2019-19532

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws-5.0/5.0.0-1023.26~18.04.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux/4.4.0-179.209

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11668

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1107.118

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11565

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11608

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11494

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-11609

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1133.142

Trust: 0.1

url:https://usn.ubuntu.com/4364-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1137.145

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2020-10942

Trust: 0.1

sources: VULHUB: VHN-151469 // VULMON: CVE-2019-19060 // JVNDB: JVNDB-2019-011971 // PACKETSTORM: 155529 // PACKETSTORM: 155854 // PACKETSTORM: 157755 // CNNVD: CNNVD-201911-1081 // NVD: CVE-2019-19060

CREDITS

Ubuntu

Trust: 0.9

sources: PACKETSTORM: 155529 // PACKETSTORM: 155854 // PACKETSTORM: 157755 // CNNVD: CNNVD-201911-1081

SOURCES

db:VULHUBid:VHN-151469
db:VULMONid:CVE-2019-19060
db:JVNDBid:JVNDB-2019-011971
db:PACKETSTORMid:155529
db:PACKETSTORMid:155854
db:PACKETSTORMid:157755
db:CNNVDid:CNNVD-201911-1081
db:NVDid:CVE-2019-19060

LAST UPDATE DATE

2024-11-23T20:31:03.121000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-151469date:2023-01-19T00:00:00
db:VULMONid:CVE-2019-19060date:2022-11-08T00:00:00
db:JVNDBid:JVNDB-2019-011971date:2019-11-21T00:00:00
db:CNNVDid:CNNVD-201911-1081date:2020-08-25T00:00:00
db:NVDid:CVE-2019-19060date:2024-11-21T04:34:06.110

SOURCES RELEASE DATE

db:VULHUBid:VHN-151469date:2019-11-18T00:00:00
db:VULMONid:CVE-2019-19060date:2019-11-18T00:00:00
db:JVNDBid:JVNDB-2019-011971date:2019-11-21T00:00:00
db:PACKETSTORMid:155529date:2019-12-03T14:22:22
db:PACKETSTORMid:155854date:2020-01-07T16:46:38
db:PACKETSTORMid:157755date:2020-05-19T14:38:51
db:CNNVDid:CNNVD-201911-1081date:2019-11-18T00:00:00
db:NVDid:CVE-2019-19060date:2019-11-18T06:15:12.343