drivers/media/usb/dvb-usb/technisat-usb2.c in the Linux kernel through 5.2.9 has an out-of-bounds read via crafted USB device traffic (which may be remote via usbip or usbredir). #### Notes Author| Note ---|--- [tyhicks](<https://launchpad.net/~tyhicks>) | Setting priority to low since this issue requires a malicious USB device to be inserted into the system

Affected Package

OS OS Version Package Name Package Version
ubuntu 19.04 linux 5.0.0-32.34
ubuntu 12.04 linux any
ubuntu 14.04 linux any
ubuntu upstream linux 5.4~rc1
ubuntu 16.04 linux 4.4.0-166.195
ubuntu 19.04 linux-aws 5.0.0-1019.21
ubuntu 14.04 linux-aws 4.4.0-1056.60
ubuntu upstream linux-aws 5.4~rc1
ubuntu 16.04 linux-aws 4.4.0-1096.107
ubuntu upstream linux-aws-5.0 5.4~rc1
ubuntu upstream linux-aws-hwe 5.4~rc1
ubuntu 16.04 linux-aws-hwe 4.15.0-1052.54~16.04.1
ubuntu 19.04 linux-azure 5.0.0-1023.24
ubuntu 14.04 linux-azure 4.15.0-1061.66~14.04.1
ubuntu upstream linux-azure 5.4~rc1
ubuntu 16.04 linux-azure 4.15.0-1061.66
ubuntu upstream linux-azure-5.3 5.4~rc1
ubuntu upstream linux-azure-edge 5.4~rc1
ubuntu 16.04 linux-azure-edge 4.15.0-1061.66
ubuntu 19.04 linux-gcp 5.0.0-1021.21
ubuntu upstream linux-gcp 5.4~rc1
ubuntu 16.04 linux-gcp 4.15.0-1047.50
ubuntu upstream linux-gcp-5.3 5.4~rc1
ubuntu upstream linux-gcp-edge 5.4~rc1
ubuntu upstream linux-gke-4.15 5.4~rc1
ubuntu upstream linux-gke-5.0 5.4~rc1
ubuntu upstream linux-gke-5.3 5.4~rc1
ubuntu upstream linux-hwe 5.4~rc1
ubuntu 16.04 linux-hwe 4.15.0-66.75~16.04.1
ubuntu upstream linux-hwe-edge 5.4~rc1
ubuntu 16.04 linux-hwe-edge 4.15.0-66.75~16.04.1
ubuntu 19.04 linux-kvm 5.0.0-1020.21
ubuntu upstream linux-kvm 5.4~rc1
ubuntu 16.04 linux-kvm 4.4.0-1060.67
ubuntu 12.04 linux-lts-trusty any
ubuntu upstream linux-lts-trusty 5.4~rc1
ubuntu 14.04 linux-lts-xenial 4.4.0-166.195~14.04.1
ubuntu upstream linux-lts-xenial 5.4~rc1
ubuntu 19.10 linux-oem 4.15.0-1059.68
ubuntu upstream linux-oem 5.4~rc1
ubuntu 16.04 linux-oem any
ubuntu upstream linux-oem-5.6 5.4~rc1
ubuntu 19.10 linux-oem-osp1 5.0.0-1025.28
ubuntu upstream linux-oem-osp1 5.4~rc1
ubuntu 19.04 linux-oracle was pending \[5.0.0-1005.9\] now end-of-life
ubuntu upstream linux-oracle 5.4~rc1
ubuntu 16.04 linux-oracle 4.15.0-1027.30~16.04.1
ubuntu upstream linux-oracle-5.0 5.4~rc1
ubuntu upstream linux-oracle-5.3 5.4~rc1
ubuntu 19.04 linux-raspi2 5.0.0-1020.20
ubuntu upstream linux-raspi2 5.4~rc1
ubuntu 16.04 linux-raspi2 4.4.0-1124.133
ubuntu upstream linux-raspi2-5.3 5.4~rc1
ubuntu 19.04 linux-snapdragon 5.0.0-1024.25
ubuntu upstream linux-snapdragon 5.4~rc1
ubuntu 16.04 linux-snapdragon 4.4.0-1128.136