Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-13648
HistoryJul 19, 2019 - 12:00 a.m.

CVE-2019-13648

2019-07-1900:00:00
ubuntu.com
ubuntu.com
14

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

10.0%

In the Linux kernel through 5.2.1 on the powerpc platform, when hardware
transactional memory is disabled, a local user can cause a denial of
service (TM Bad Thing exception and system crash) via a sigreturn() system
call that sends a crafted signal frame. This affects
arch/powerpc/kernel/signal_32.c and arch/powerpc/kernel/signal_64.c.

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-60.67UNKNOWN
ubuntu19.04noarchlinux< 5.0.0-27.28UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-161.189UNKNOWN
ubuntu18.04noarchlinux-hwe< 5.0.0-27.28~18.04.1UNKNOWN
ubuntu16.04noarchlinux-hwe< 4.15.0-60.67~16.04.1UNKNOWN
ubuntu16.04noarchlinux-hwe-edge< 4.15.0-60.67~16.04.1UNKNOWN
ubuntu18.04noarchlinux-oem-osp1< 5.0.0-1020.22UNKNOWN
ubuntu19.10noarchlinux-oem-osp1< 5.0.0-1022.24UNKNOWN

5.5 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4.9 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:L/AC:L/Au:N/C:N/I:N/A:C

0.0004 Low

EPSS

Percentile

10.0%