Lucene search

K
ubuntuUbuntuUSN-4135-2
HistorySep 18, 2019 - 12:00 a.m.

Linux kernel vulnerabilities

2019-09-1800:00:00
ubuntu.com
132

7.8 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

28.8%

Releases

  • Ubuntu 14.04 ESM
  • Ubuntu 12.04

Packages

  • linux - Linux kernel
  • linux-aws - Linux kernel for Amazon Web Services (AWS) systems
  • linux-azure - Linux kernel for Microsoft Azure Cloud systems
  • linux-lts-trusty - Linux hardware enablement kernel from Trusty for Precise ESM
  • linux-lts-xenial - Linux hardware enablement kernel from Xenial for Trusty

Details

Peter Pi discovered a buffer overflow in the virtio network backend
(vhost_net) implementation in the Linux kernel. An attacker in a guest may
be able to use this to cause a denial of service (host OS crash) or
possibly execute arbitrary code in the host OS. (CVE-2019-14835)

It was discovered that the Linux kernel on PowerPC architectures did not
properly handle Facility Unavailable exceptions in some situations. A local
attacker could use this to expose sensitive information. (CVE-2019-15030)

It was discovered that the Linux kernel on PowerPC architectures did not
properly handle exceptions on interrupts in some situations. A local
attacker could use this to expose sensitive information. (CVE-2019-15031)