UBUNTU-CVE-2019-0148

MEDIUM5.5

Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.

Published Nov 14, 2019

Modified 1 months ago

Fix available

Details

Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.

Affected Packages(53 packages)

linux

Ubuntu 16.04 LTS

Fixed in:

4.4.0-198.230

linux-aws

Ubuntu 16.04 LTS

Fixed in:

4.4.0-1119.133

linux-aws-hwe

Ubuntu 16.04 LTS

Fixed in:

4.15.0-1083.87~16.04.1

linux-azure

Ubuntu 16.04 LTS

Fixed in:

4.15.0-1096.106~16.04.1

linux-gcp

Ubuntu 16.04 LTS

Fixed in:

4.15.0-1084.95~16.04.1

linux-hwe

Ubuntu 16.04 LTS

Fixed in:

4.15.0-118.119~16.04.1

linux-hwe-edge

Ubuntu 16.04 LTS

Affected versions:

4.10.0-14.16~16.04.14.10.0-19.21~16.04.14.10.0-20.22~16.04.14.10.0-21.23~16.04.14.10.0-22.24~16.04.14.10.0-24.28~16.04.14.10.0-26.30~16.04.14.11.0-13.19~16.04.14.11.0-14.20~16.04.14.13.0-16.19~16.04.3+13 more

linux-kvm

Ubuntu 16.04 LTS

Fixed in:

4.4.0-1085.94

linux-oracle

Ubuntu 16.04 LTS

Fixed in:

4.15.0-1054.58~16.04.1

linux-raspi2

Ubuntu 16.04 LTS

Fixed in:

4.4.0-1143.153

References

https://lists.osuosl.org/pipermail/intel-wired-lan/Week-of-Mon-20200810/021006.html

https://lore.kernel.org/stable/20200807205517.1740307-1-jesse.brandeburg@intel.com/

https://ubuntu.com/security/CVE-2019-0148

https://ubuntu.com/security/notices/USN-4681-1

https://www.cve.org/CVERecord?id=CVE-2019-0148

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00255.html

CVSS Analysis

CVSS v3.1

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

LowAC:L

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

Scope

UnchangedS:U

Impact

Confidentiality

NoneC:N

Integrity

NoneI:N

Availability

HighA:H

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Upstream

Related

Ecosystems(9)

Ubuntu 16.04 LTS Ubuntu 18.04 LTS Ubuntu 20.04 LTS Ubuntu 22.04 LTS Ubuntu 24.04 LTS

Timeline

PublishedNov 14, 2019

ModifiedFeb 23, 2026

UBUNTU-CVE-2019-0148 | Mondoo Vulnerability Intelligence