English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 146377 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.844131
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-4093-1)
Summary:The remote host is missing an update for the 'linux, linux-azure, linux-gcp, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon' package(s) announced via the USN-4093-1 advisory.
Description:Summary:
The remote host is missing an update for the 'linux, linux-azure, linux-gcp, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon' package(s) announced via the USN-4093-1 advisory.

Vulnerability Insight:
It was discovered that a heap buffer overflow existed in the Marvell
Wireless LAN device driver for the Linux kernel. An attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2019-10126)

Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors
incorrectly handle SWAPGS instructions during speculative execution. A
local attacker could use this to expose sensitive information (kernel
memory). (CVE-2019-1125)

It was discovered that the PowerPC dlpar implementation in the Linux kernel
did not properly check for allocation errors in some situations. A local
attacker could possibly use this to cause a denial of service (system
crash). (CVE-2019-12614)

It was discovered that a NULL pointer dereference vulnerability existed in
the Near-field communication (NFC) implementation in the Linux kernel. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2019-12984)

Jann Horn discovered a use-after-free vulnerability in the Linux kernel
when accessing LDT entries in some situations. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2019-13233)

Jann Horn discovered that the ptrace implementation in the Linux kernel did
not properly record credentials in some situations. A local attacker could
use this to cause a denial of service (system crash) or possibly gain
administrative privileges. (CVE-2019-13272)

It was discovered that the Marvell Wireless LAN device driver in the Linux
kernel did not properly validate the BSS descriptor. A local attacker could
possibly use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2019-3846)

Affected Software/OS:
'linux, linux-azure, linux-gcp, linux-hwe, linux-kvm, linux-raspi2, linux-snapdragon' package(s) on Ubuntu 18.04, Ubuntu 19.04.

Solution:
Please install the updated package(s).

CVSS Score:
8.3

CVSS Vector:
AV:A/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2019-10126
108817
http://www.securityfocus.com/bid/108817
20190618 [SECURITY] [DSA 4465-1] linux security update
https://seclists.org/bugtraq/2019/Jun/26
20190722 [slackware-security] Slackware 14.2 kernel (SSA:2019-202-01)
https://seclists.org/bugtraq/2019/Jul/33
DSA-4465
https://www.debian.org/security/2019/dsa-4465
RHSA-2019:3055
https://access.redhat.com/errata/RHSA-2019:3055
RHSA-2019:3076
https://access.redhat.com/errata/RHSA-2019:3076
RHSA-2019:3089
https://access.redhat.com/errata/RHSA-2019:3089
RHSA-2019:3309
https://access.redhat.com/errata/RHSA-2019:3309
RHSA-2019:3517
https://access.redhat.com/errata/RHSA-2019:3517
RHSA-2020:0174
https://access.redhat.com/errata/RHSA-2020:0174
RHSA-2020:0204
https://access.redhat.com/errata/RHSA-2020:0204
USN-4093-1
https://usn.ubuntu.com/4093-1/
USN-4094-1
https://usn.ubuntu.com/4094-1/
USN-4095-1
https://usn.ubuntu.com/4095-1/
USN-4095-2
https://usn.ubuntu.com/4095-2/
USN-4117-1
https://usn.ubuntu.com/4117-1/
USN-4118-1
https://usn.ubuntu.com/4118-1/
[debian-lts-announce] 20190617 [SECURITY] [DLA 1823-1] linux security update
https://lists.debian.org/debian-lts-announce/2019/06/msg00010.html
[debian-lts-announce] 20190618 [SECURITY] [DLA 1824-1] linux-4.9 security update
https://lists.debian.org/debian-lts-announce/2019/06/msg00011.html
http://packetstormsecurity.com/files/153702/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
http://packetstormsecurity.com/files/154245/Kernel-Live-Patch-Security-Notice-LSN-0054-1.html
http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10126
https://security.netapp.com/advisory/ntap-20190710-0002/
https://support.f5.com/csp/article/K95593121
openSUSE-SU-2019:1716
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00014.html
openSUSE-SU-2019:1757
http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00025.html
Common Vulnerability Exposure (CVE) ID: CVE-2019-1125
RHBA-2019:2824
https://access.redhat.com/errata/RHBA-2019:2824
RHBA-2019:3248
https://access.redhat.com/errata/RHBA-2019:3248
RHSA-2019:2600
https://access.redhat.com/errata/RHSA-2019:2600
RHSA-2019:2609
https://access.redhat.com/errata/RHSA-2019:2609
RHSA-2019:2695
https://access.redhat.com/errata/RHSA-2019:2695
RHSA-2019:2696
https://access.redhat.com/errata/RHSA-2019:2696
RHSA-2019:2730
https://access.redhat.com/errata/RHSA-2019:2730
RHSA-2019:2899
https://access.redhat.com/errata/RHSA-2019:2899
RHSA-2019:2900
https://access.redhat.com/errata/RHSA-2019:2900
RHSA-2019:2975
https://access.redhat.com/errata/RHSA-2019:2975
RHSA-2019:3011
https://access.redhat.com/errata/RHSA-2019:3011
RHSA-2019:3220
https://access.redhat.com/errata/RHSA-2019:3220
http://packetstormsecurity.com/files/156337/SWAPGS-Attack-Proof-Of-Concept.html
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200408-01-swapgs-en
https://kc.mcafee.com/corporate/index?page=content&id=SB10297
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1125
https://www.synology.com/security/advisory/Synology_SA_19_32
Common Vulnerability Exposure (CVE) ID: CVE-2019-12614
BugTraq ID: 108550
http://www.securityfocus.com/bid/108550
Bugtraq: 20200109 [slackware-security] Slackware 14.2 kernel (SSA:2020-008-01) (Google Search)
https://seclists.org/bugtraq/2020/Jan/10
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OBJHGQXA4PQ5EOGCOXEH3KFDNVZ2I4X7/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDURACJVGIBIYBSGDZJTRDPX46H5WPZW/
http://packetstormsecurity.com/files/155890/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html
https://git.kernel.org/pub/scm/linux/kernel/git/powerpc/linux.git/commit/?id=efa9ace68e487ddd29c2b4d6dd23242158f1f607
https://lkml.org/lkml/2019/6/3/526
SuSE Security Announcement: openSUSE-SU-2019:1716 (Google Search)
SuSE Security Announcement: openSUSE-SU-2019:1757 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2019-12984
BugTraq ID: 108905
http://www.securityfocus.com/bid/108905
Bugtraq: 20190812 [SECURITY] [DSA 4495-1] linux security update (Google Search)
https://seclists.org/bugtraq/2019/Aug/13
Debian Security Information: DSA-4495 (Google Search)
https://www.debian.org/security/2019/dsa-4495
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.13
https://github.com/torvalds/linux/commit/385097a3675749cbc9e97c085c0e5dfe4269ca51
Common Vulnerability Exposure (CVE) ID: CVE-2019-13233
http://packetstormsecurity.com/files/154408/Kernel-Live-Patch-Security-Notice-LSN-0055-1.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=1879
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.9
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=de9f869616dd95e95c00bdd6b0fcd3421e8a4323
https://github.com/torvalds/linux/commit/de9f869616dd95e95c00bdd6b0fcd3421e8a4323
RedHat Security Advisories: RHSA-2019:3309
RedHat Security Advisories: RHSA-2019:3517
Common Vulnerability Exposure (CVE) ID: CVE-2019-13272
Bugtraq: 20190722 [SECURITY] [DSA 4484-1] linux security update (Google Search)
https://seclists.org/bugtraq/2019/Jul/30
Bugtraq: 20190722 [slackware-security] Slackware 14.2 kernel (SSA:2019-202-01) (Google Search)
Debian Security Information: DSA-4484 (Google Search)
https://www.debian.org/security/2019/dsa-4484
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/OGRK5LYWBJ4E4SRI4DKX367NHYSI3VOH/
http://packetstormsecurity.com/files/153663/Linux-PTRACE_TRACEME-Broken-Permission-Object-Lifetime-Handling.html
http://packetstormsecurity.com/files/154957/Linux-Polkit-pkexec-Helper-PTRACE_TRACEME-Local-Root.html
http://packetstormsecurity.com/files/156929/Linux-PTRACE_TRACEME-Local-Root.html
http://packetstormsecurity.com/files/165051/Linux-Kernel-5.1.x-PTRACE_TRACEME-pkexec-Local-Privilege-Escalation.html
https://bugs.chromium.org/p/project-zero/issues/detail?id=1903
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.1.17
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=6994eefb0053799d2e07cd140df6c2ea106c41ee
https://github.com/torvalds/linux/commit/6994eefb0053799d2e07cd140df6c2ea106c41ee
https://lists.debian.org/debian-lts-announce/2019/07/msg00022.html
https://lists.debian.org/debian-lts-announce/2019/07/msg00023.html
RedHat Security Advisories: RHSA-2019:2405
https://access.redhat.com/errata/RHSA-2019:2405
RedHat Security Advisories: RHSA-2019:2411
https://access.redhat.com/errata/RHSA-2019:2411
RedHat Security Advisories: RHSA-2019:2809
https://access.redhat.com/errata/RHSA-2019:2809
Common Vulnerability Exposure (CVE) ID: CVE-2019-3846
FEDORA-2019-7ec378191e
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KLGWJKLMTBBB53D5QLS4HOY2EH246WBE/
FEDORA-2019-f40bd7826f
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/J36BIJTKEPUOZKJNHQBUZA47RQONUKOI/
RHSA-2019:2703
https://access.redhat.com/errata/RHSA-2019:2703
RHSA-2019:2741
https://access.redhat.com/errata/RHSA-2019:2741
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3846
https://seclists.org/oss-sec/2019/q2/133
openSUSE-SU-2019:1570
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00039.html
openSUSE-SU-2019:1571
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00040.html
openSUSE-SU-2019:1579
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00048.html
CopyrightCopyright (C) 2019 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.