UBUNTU-CVE-2019-19049

See a problem?

Source

https://ubuntu.com/security/notices/UBUNTU-CVE-2019-19049

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2019/UBUNTU-CVE-2019-19049.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2019-19049

Related

CVE-2019-19049

Published

2019-11-18T06:15:00Z

Modified

2019-11-18T06:15:00Z

Severity

7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

* DISPUTED * A memory leak in the unittestdataadd() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering offdtunflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the relevance of this because unittest.c can only be reached during boot.

References

Affected packages

Ubuntu:Pro:14.04:LTS / linux

Package

Name: linux

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

3.*

3.11.0-12.19

3.12.0-1.3

3.12.0-2.5

3.12.0-2.7

3.12.0-3.8

3.12.0-3.9

3.12.0-4.10

3.12.0-4.12

3.12.0-5.13

3.12.0-7.15

3.13.0-1.16

3.13.0-2.17

3.13.0-3.18

3.13.0-4.19

3.13.0-5.20

3.13.0-6.23

3.13.0-7.25

3.13.0-7.26

3.13.0-8.27

3.13.0-8.28

3.13.0-10.30

3.13.0-11.31

3.13.0-12.32

3.13.0-13.33

3.13.0-14.34

3.13.0-15.35

3.13.0-16.36

3.13.0-17.37

3.13.0-18.38

3.13.0-19.39

3.13.0-19.40

3.13.0-20.42

3.13.0-21.43

3.13.0-22.44

3.13.0-23.45

3.13.0-24.46

3.13.0-24.47

3.13.0-27.50

3.13.0-29.53

3.13.0-30.54

3.13.0-30.55

3.13.0-32.57

3.13.0-33.58

3.13.0-34.60

3.13.0-35.62

3.13.0-36.63

3.13.0-37.64

3.13.0-39.66

3.13.0-40.69

3.13.0-41.70

3.13.0-43.72

3.13.0-44.73

3.13.0-45.74

3.13.0-46.75

3.13.0-46.76

3.13.0-46.77

3.13.0-46.79

3.13.0-48.80

3.13.0-49.81

3.13.0-49.83

3.13.0-51.84

3.13.0-52.85

3.13.0-52.86

3.13.0-53.88

3.13.0-53.89

3.13.0-54.91

3.13.0-55.92

3.13.0-55.94

3.13.0-57.95

3.13.0-58.97

3.13.0-59.98

3.13.0-61.100

3.13.0-62.102

3.13.0-63.103

3.13.0-65.105

3.13.0-65.106

3.13.0-66.108

3.13.0-67.110

3.13.0-68.111

3.13.0-70.113

3.13.0-71.114

3.13.0-73.116

3.13.0-74.118

3.13.0-76.120

3.13.0-77.121

3.13.0-79.123

3.13.0-83.127

3.13.0-85.129

3.13.0-86.130

3.13.0-86.131

3.13.0-87.133

3.13.0-88.135

3.13.0-91.138

3.13.0-92.139

3.13.0-93.140

3.13.0-95.142

3.13.0-96.143

3.13.0-98.145

3.13.0-100.147

3.13.0-101.148

3.13.0-103.150

3.13.0-105.152

3.13.0-106.153

3.13.0-107.154

3.13.0-108.155

3.13.0-109.156

3.13.0-110.157

3.13.0-111.158

3.13.0-112.159

3.13.0-113.160

3.13.0-115.162

3.13.0-116.163

3.13.0-117.164

3.13.0-119.166

3.13.0-121.170

3.13.0-123.172

3.13.0-125.174

3.13.0-126.175

3.13.0-128.177

3.13.0-129.178

3.13.0-132.181

3.13.0-133.182

3.13.0-135.184

3.13.0-137.186

3.13.0-139.188

3.13.0-141.190

3.13.0-142.191

3.13.0-143.192

3.13.0-144.193

3.13.0-145.194

3.13.0-147.196

3.13.0-149.199

3.13.0-151.201

3.13.0-153.203

3.13.0-155.205

3.13.0-156.206

3.13.0-157.207

3.13.0-158.208

3.13.0-160.210

3.13.0-161.211

3.13.0-162.212

3.13.0-163.213

3.13.0-164.214

3.13.0-165.215

3.13.0-166.216

3.13.0-167.217

3.13.0-168.218

3.13.0-169.219

3.13.0-170.220

3.13.0-173.224

3.13.0-174.225

3.13.0-175.226

3.13.0-176.227

3.13.0-180.231

3.13.0-181.232

3.13.0-182.233

3.13.0-183.234

3.13.0-184.235

3.13.0-185.236

3.13.0-186.237

3.13.0-187.238

3.13.0-188.239

3.13.0-189.240

3.13.0-190.241

3.13.0-191.242

3.13.0-192.243

3.13.0-193.244

3.13.0-194.245

3.13.0-195.246

3.13.0-196.247

3.13.0-197.248

3.13.0-198.249

3.13.0-199.250

Ecosystem specific

{
    "ubuntu_priority": "negligible"
}

Ubuntu:Pro:14.04:LTS / linux-aws

Package

Name: linux-aws

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.4.0-1002.2

4.4.0-1003.3

4.4.0-1005.5

4.4.0-1006.6

4.4.0-1009.9

4.4.0-1010.10

4.4.0-1011.11

4.4.0-1012.12

4.4.0-1014.14

4.4.0-1016.16

4.4.0-1017.17

4.4.0-1019.19

4.4.0-1022.22

4.4.0-1023.23

4.4.0-1024.25

4.4.0-1025.26

4.4.0-1027.30

4.4.0-1028.31

4.4.0-1029.32

4.4.0-1031.34

4.4.0-1032.35

4.4.0-1034.37

4.4.0-1036.39

4.4.0-1037.40

4.4.0-1038.41

4.4.0-1039.42

4.4.0-1040.43

4.4.0-1042.45

4.4.0-1044.47

4.4.0-1054.58

4.4.0-1055.59

4.4.0-1056.60

4.4.0-1058.62

4.4.0-1059.63

4.4.0-1060.64

4.4.0-1061.65

4.4.0-1062.66

4.4.0-1064.68

4.4.0-1065.69

4.4.0-1066.70

4.4.0-1067.71

4.4.0-1073.77

4.4.0-1074.78

4.4.0-1075.79

4.4.0-1076.80

4.4.0-1077.81

4.4.0-1078.82

4.4.0-1081.85

4.4.0-1082.86

4.4.0-1083.87

4.4.0-1085.89

4.4.0-1086.90

4.4.0-1087.91

4.4.0-1088.92

4.4.0-1090.94

4.4.0-1091.95

4.4.0-1092.96

4.4.0-1093.97

4.4.0-1094.99

4.4.0-1095.100

4.4.0-1096.101

4.4.0-1097.102

4.4.0-1098.103

4.4.0-1099.104

4.4.0-1101.106

4.4.0-1102.107

4.4.0-1103.108

4.4.0-1104.109

4.4.0-1107.113

4.4.0-1109.115

4.4.0-1110.116

4.4.0-1111.117

4.4.0-1112.118

4.4.0-1113.119

4.4.0-1114.120

4.4.0-1115.121

4.4.0-1116.122

4.4.0-1117.123

4.4.0-1118.124

4.4.0-1119.125

4.4.0-1120.126

4.4.0-1121.127

4.4.0-1122.128

4.4.0-1123.129

4.4.0-1124.130

4.4.0-1125.131

4.4.0-1127.133

4.4.0-1128.134

4.4.0-1129.135

4.4.0-1130.136

4.4.0-1131.137

4.4.0-1133.139

4.4.0-1134.140

4.4.0-1135.141

Ecosystem specific

{
    "ubuntu_priority": "negligible"
}

Ubuntu:Pro:14.04:LTS / linux-azure

Package

Name: linux-azure

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.15.0-1023.24~14.04.1

4.15.0-1030.31~14.04.1

4.15.0-1031.32~14.04.1

4.15.0-1032.33~14.04.2

4.15.0-1035.36~14.04.2

4.15.0-1036.38~14.04.2

4.15.0-1037.39~14.04.2

4.15.0-1039.41~14.04.2

4.15.0-1040.44~14.04.1

4.15.0-1041.45~14.04.1

4.15.0-1042.46~14.04.1

4.15.0-1045.49~14.04.1

4.15.0-1059.64~14.04.1

4.15.0-1060.65~14.04.1

4.15.0-1061.66~14.04.1

4.15.0-1063.68~14.04.1

4.15.0-1064.69~14.04.1

4.15.0-1066.71~14.04.1

4.15.0-1067.72~14.04.1

4.15.0-1069.74~14.04.1

4.15.0-1071.76~14.04.1

4.15.0-1074.79~14.04.1

4.15.0-1077.82~14.04.1

4.15.0-1082.92~14.04.1

4.15.0-1083.93~14.04.1

4.15.0-1089.99~14.04.1

4.15.0-1091.101~14.04.1

4.15.0-1092.102~14.04.1

4.15.0-1093.103~14.04.1

4.15.0-1095.105~14.04.1

4.15.0-1096.106~14.04.1

4.15.0-1098.109~14.04.1

4.15.0-1100.111~14.04.1

4.15.0-1102.113~14.04.1

4.15.0-1103.114~14.04.1

4.15.0-1106.118~14.04.1

4.15.0-1108.120~14.04.1

4.15.0-1109.121~14.04.1

4.15.0-1110.122~14.04.1

4.15.0-1111.123~14.04.1

4.15.0-1112.124~14.04.1

4.15.0-1113.126~14.04.1

4.15.0-1114.127~14.04.1

4.15.0-1115.128~14.04.1

4.15.0-1118.131~14.04.1

4.15.0-1121.134~14.04.1

4.15.0-1122.135~14.04.1

4.15.0-1123.136~14.04.1

4.15.0-1124.137~14.04.1

4.15.0-1125.138~14.04.1

4.15.0-1126.139~14.04.1

4.15.0-1127.140~14.04.1

4.15.0-1129.142~14.04.1

4.15.0-1130.143~14.04.1

4.15.0-1131.144~14.04.1

4.15.0-1133.146~14.04.1

4.15.0-1134.147~14.04.1

4.15.0-1136.149~14.04.1

4.15.0-1137.150~14.04.1

4.15.0-1138.151~14.04.1

4.15.0-1139.152~14.04.1

4.15.0-1142.156~14.04.1

4.15.0-1145.160~14.04.1

4.15.0-1146.161~14.04.1

4.15.0-1149.164~14.04.1

4.15.0-1150.165~14.04.1

4.15.0-1151.166~14.04.1

4.15.0-1153.168~14.04.1

4.15.0-1157.172~14.04.2

4.15.0-1158.173~14.04.1

4.15.0-1159.174~14.04.1

4.15.0-1162.177~14.04.1

4.15.0-1163.178~14.04.1

4.15.0-1164.179~14.04.1

4.15.0-1165.180~14.04.1

4.15.0-1166.181~14.04.1

4.15.0-1167.182~14.04.1

4.15.0-1168.183~14.04.1

4.15.0-1169.184~14.04.1

4.15.0-1170.185~14.04.1

4.15.0-1171.186~14.04.1

4.15.0-1172.187~14.04.1

4.15.0-1173.188~14.04.1

4.15.0-1174.189~14.04.1

4.15.0-1175.190~14.04.1

4.15.0-1176.191~14.04.1

4.15.0-1177.192~14.04.1

4.15.0-1178.193~14.04.1

4.15.0-1179.194~14.04.1

4.15.0-1180.195~14.04.1

Ecosystem specific

{
    "ubuntu_priority": "negligible"
}

Ubuntu:Pro:14.04:LTS / linux-lts-xenial

Package

Name: linux-lts-xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.4.0-13.29~14.04.1

4.4.0-14.30~14.04.2

4.4.0-15.31~14.04.1

4.4.0-18.34~14.04.1

4.4.0-21.37~14.04.1

4.4.0-22.39~14.04.1

4.4.0-22.40~14.04.1

4.4.0-24.43~14.04.1

4.4.0-28.47~14.04.1

4.4.0-31.50~14.04.1

4.4.0-34.53~14.04.1

4.4.0-36.55~14.04.1

4.4.0-38.57~14.04.1

4.4.0-42.62~14.04.1

4.4.0-45.66~14.04.1

4.4.0-47.68~14.04.1

4.4.0-51.72~14.04.1

4.4.0-53.74~14.04.1

4.4.0-57.78~14.04.1

4.4.0-59.80~14.04.1

4.4.0-62.83~14.04.1

4.4.0-63.84~14.04.2

4.4.0-64.85~14.04.1

4.4.0-66.87~14.04.1

4.4.0-67.88~14.04.1

4.4.0-70.91~14.04.1

4.4.0-71.92~14.04.1

4.4.0-72.93~14.04.1

4.4.0-75.96~14.04.1

4.4.0-78.99~14.04.2

4.4.0-79.100~14.04.1

4.4.0-81.104~14.04.1

4.4.0-83.106~14.04.1

4.4.0-87.110~14.04.1

4.4.0-89.112~14.04.1

4.4.0-91.114~14.04.1

4.4.0-92.115~14.04.1

4.4.0-93.116~14.04.1

4.4.0-96.119~14.04.1

4.4.0-97.120~14.04.1

4.4.0-98.121~14.04.1

4.4.0-101.124~14.04.1

4.4.0-103.126~14.04.1

4.4.0-104.127~14.04.1

4.4.0-108.131~14.04.1

4.4.0-109.132~14.04.1

4.4.0-111.134~14.04.1

4.4.0-112.135~14.04.1

4.4.0-116.140~14.04.1

4.4.0-119.143~14.04.1

4.4.0-121.145~14.04.1

4.4.0-124.148~14.04.1

4.4.0-127.153~14.04.1

4.4.0-128.154~14.04.1

4.4.0-130.156~14.04.1

4.4.0-131.157~14.04.1

4.4.0-133.159~14.04.1

4.4.0-134.160~14.04.1

4.4.0-135.161~14.04.1

4.4.0-137.163~14.04.1

4.4.0-138.164~14.04.1

4.4.0-139.165~14.04.1

4.4.0-140.166~14.04.1

4.4.0-141.167~14.04.1

4.4.0-142.168~14.04.1

4.4.0-143.169~14.04.2

4.4.0-144.170~14.04.1

4.4.0-146.172~14.04.1

4.4.0-148.174~14.04.1

4.4.0-164.192~14.04.1

4.4.0-165.193~14.04.1

4.4.0-166.195~14.04.1

4.4.0-168.197~14.04.1

4.4.0-169.198~14.04.1

4.4.0-170.199~14.04.1

4.4.0-171.200~14.04.1

4.4.0-173.203~14.04.1

4.4.0-174.204~14.04.1

4.4.0-176.206~14.04.1

4.4.0-177.207~14.04.1

4.4.0-178.208~14.04.1

4.4.0-179.209~14.04.1

4.4.0-184.214~14.04.1

4.4.0-185.215~14.04.1

4.4.0-186.216~14.04.1

4.4.0-187.217~14.04.1

4.4.0-189.219~14.04.1

4.4.0-190.220~14.04.1

4.4.0-193.224~14.04.1

4.4.0-194.226~14.04.1

4.4.0-197.229~14.04.1

4.4.0-198.230~14.04.1

4.4.0-200.232~14.04.1

4.4.0-201.233~14.04.1

4.4.0-203.235~14.04.1

4.4.0-204.236~14.04.1

4.4.0-206.238~14.04.1

4.4.0-208.240~14.04.1

4.4.0-209.241~14.04.1

4.4.0-210.242~14.04.1

4.4.0-211.243~14.04.1

4.4.0-212.244~14.04.1

4.4.0-213.245~14.04.1

4.4.0-214.246~14.04.1

4.4.0-215.247~14.04.1

4.4.0-218.251~14.04.1

4.4.0-219.252~14.04.1

4.4.0-221.254~14.04.1

4.4.0-222.255~14.04.1

4.4.0-223.256~14.04.1

4.4.0-224.257~14.04.1

4.4.0-227.261~14.04.1

4.4.0-229.263~14.04.1

4.4.0-230.264~14.04.1

4.4.0-231.265~14.04.1

4.4.0-233.267~14.04.1

4.4.0-234.268~14.04.1

4.4.0-235.269~14.04.1

4.4.0-236.270~14.04.1

4.4.0-237.271~14.04.1

4.4.0-239.273~14.04.1

4.4.0-240.274~14.04.1

4.4.0-241.275~14.04.1

4.4.0-242.276~14.04.1

4.4.0-243.277~14.04.1

4.4.0-244.278~14.04.1

4.4.0-245.279~14.04.1

4.4.0-246.280~14.04.1

4.4.0-248.282~14.04.1

4.4.0-250.284~14.04.1

4.4.0-251.285~14.04.1

4.4.0-252.286~14.04.1

4.4.0-253.287~14.04.1

4.4.0-254.288~14.04.1

4.4.0-256.290~14.04.1

4.4.0-257.291~14.04.1

4.4.0-258.292~14.04.2

Ecosystem specific

{
    "ubuntu_priority": "negligible"
}

Ubuntu:Pro:16.04:LTS / linux-hwe-edge

Package

Name: linux-hwe-edge

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.8.0-28.30~16.04.1

4.8.0-30.32~16.04.1

4.8.0-32.34~16.04.1

4.8.0-34.36~16.04.1

4.10.0-14.16~16.04.1

4.10.0-19.21~16.04.1

4.10.0-20.22~16.04.1

4.10.0-21.23~16.04.1

4.10.0-22.24~16.04.1

4.10.0-24.28~16.04.1

4.10.0-26.30~16.04.1

4.11.0-13.19~16.04.1

4.11.0-14.20~16.04.1

4.13.0-16.19~16.04.3

4.13.0-17.20~16.04.1

4.13.0-19.22~16.04.1

4.13.0-21.24~16.04.1

4.13.0-25.29~16.04.2

4.15.0-13.14~16.04.1

4.15.0-15.16~16.04.1

4.15.0-20.21~16.04.1

4.15.0-22.24~16.04.1

4.15.0-23.25~16.04.1

Ecosystem specific

{
    "ubuntu_priority": "negligible"
}

Ubuntu:18.04:LTS / linux-gke-5.3

Package

Name: linux-gke-5.3
Purl: pkg:deb/ubuntu/linux-gke-5.3@5.3.0-1011.12~18.04.1?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.0-1011.12~18.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "negligible",
    "binaries": [
        {
            "linux-modules-5.3.0-1011-gke": "5.3.0-1011.12~18.04.1",
            "linux-modules-extra-5.3.0-1011-gke": "5.3.0-1011.12~18.04.1",
            "linux-gke-5.3-tools-5.3.0-1011": "5.3.0-1011.12~18.04.1",
            "linux-image-unsigned-5.3.0-1011-gke-dbgsym": "5.3.0-1011.12~18.04.1",
            "linux-image-unsigned-5.3.0-1011-gke": "5.3.0-1011.12~18.04.1",
            "linux-headers-5.3.0-1011-gke": "5.3.0-1011.12~18.04.1",
            "linux-gke-5.3-headers-5.3.0-1011": "5.3.0-1011.12~18.04.1",
            "linux-buildinfo-5.3.0-1011-gke": "5.3.0-1011.12~18.04.1",
            "linux-tools-5.3.0-1011-gke": "5.3.0-1011.12~18.04.1"
        }
    ]
}

Ubuntu:18.04:LTS / linux-raspi2-5.3

Package

Name: linux-raspi2-5.3
Purl: pkg:deb/ubuntu/linux-raspi2-5.3@5.3.0-1017.19~18.04.1?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.0-1017.19~18.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "negligible",
    "binaries": [
        {
            "linux-raspi2-5.3-headers-5.3.0-1017": "5.3.0-1017.19~18.04.1",
            "linux-tools-5.3.0-1017-raspi2": "5.3.0-1017.19~18.04.1",
            "linux-image-5.3.0-1017-raspi2-dbgsym": "5.3.0-1017.19~18.04.1",
            "linux-buildinfo-5.3.0-1017-raspi2": "5.3.0-1017.19~18.04.1",
            "linux-headers-5.3.0-1017-raspi2": "5.3.0-1017.19~18.04.1",
            "linux-modules-5.3.0-1017-raspi2": "5.3.0-1017.19~18.04.1",
            "linux-image-5.3.0-1017-raspi2": "5.3.0-1017.19~18.04.1",
            "linux-raspi2-5.3-tools-5.3.0-1017": "5.3.0-1017.19~18.04.1"
        }
    ]
}

Ubuntu:Pro:18.04:LTS / linux-azure-edge

Package

Name: linux-azure-edge

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.18.0-1006.6~18.04.1

4.18.0-1007.7~18.04.1

4.18.0-1008.8~18.04.1

5.*

5.0.0-1012.12~18.04.2

Ecosystem specific

{
    "ubuntu_priority": "negligible"
}

Ubuntu:Pro:18.04:LTS / linux-gcp-edge

Package

Name: linux-gcp-edge

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.18.0-1004.5~18.04.1

4.18.0-1005.6~18.04.1

4.18.0-1006.7~18.04.1

4.18.0-1007.8~18.04.1

4.18.0-1008.9~18.04.1

4.18.0-1009.10~18.04.1

4.18.0-1011.12~18.04.1

4.18.0-1012.13~18.04.1

4.18.0-1013.14~18.04.1

4.18.0-1015.16~18.04.1

5.*

5.0.0-1011.11~18.04.1

5.0.0-1013.13~18.04.1

Ecosystem specific

{
    "ubuntu_priority": "negligible"
}