Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-19602
HistoryDec 05, 2019 - 12:00 a.m.

CVE-2019-19602

2019-12-0500:00:00
ubuntu.com
ubuntu.com
16
cve-2019-19602
linux kernel
gcc 9
memory corruption
denial of service
fpu_fpregs_owner_ctx
signal-based
preemption
go 1.14

CVSS2

5.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:C/I:N/A:P

CVSS3

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

EPSS

0.001

Percentile

34.5%

fpregs_state_valid in arch/x86/include/asm/fpu/internal.h in the Linux
kernel before 5.4.2, when GCC 9 is used, allows context-dependent attackers
to cause a denial of service (memory corruption) or possibly have
unspecified other impact because of incorrect fpu_fpregs_owner_ctx caching,
as demonstrated by mishandling of signal-based non-cooperative preemption
in Go 1.14 prereleases on amd64, aka CID-59c4bd853abc.

OSVersionArchitecturePackageVersionFilename
ubuntu19.10noarchlinux< 5.3.0-40.32UNKNOWN
ubuntu19.10noarchlinux-aws< 5.3.0-1011.12UNKNOWN
ubuntu19.10noarchlinux-azure< 5.3.0-1013.14UNKNOWN
ubuntu18.04noarchlinux-azure-5.3< 5.3.0-1013.14~18.04.1UNKNOWN
ubuntu19.10noarchlinux-gcp< 5.3.0-1012.13UNKNOWN
ubuntu18.04noarchlinux-gcp-5.3< 5.3.0-1012.13~18.04.1UNKNOWN
ubuntu18.04noarchlinux-gke-5.3< 5.3.0-1012.13~18.04.1UNKNOWN
ubuntu18.04noarchlinux-hwe< 5.3.0-40.32~18.04.1UNKNOWN
ubuntu19.10noarchlinux-kvm< 5.3.0-1010.11UNKNOWN
ubuntu19.10noarchlinux-oracle< 5.3.0-1009.10UNKNOWN
Rows per page:
1-10 of 121

CVSS2

5.4

Attack Vector

LOCAL

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:L/AC:M/Au:N/C:C/I:N/A:P

CVSS3

6.1

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L

EPSS

0.001

Percentile

34.5%