UBUNTU-CVE-2019-19053

Details

A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.

Affected Packages(25 packages)

linux-hwe-edge

Ubuntu 16.04 LTS

Affected versions:

4.10.0-14.16~16.04.14.10.0-19.21~16.04.14.10.0-20.22~16.04.14.10.0-21.23~16.04.14.10.0-22.24~16.04.14.10.0-24.28~16.04.14.10.0-26.30~16.04.14.11.0-13.19~16.04.14.11.0-14.20~16.04.14.13.0-16.19~16.04.3+13 more

linux-aws-5.0

Ubuntu 18.04 LTS

Fixed in:

5.0.0-1027.30

linux-azure

Ubuntu 18.04 LTS

Fixed in:

5.0.0-1035.37

linux-azure-5.3

Ubuntu 18.04 LTS

Fixed in:

5.3.0-1016.17~18.04.1

linux-azure-edge

Ubuntu 18.04 LTS

Affected versions:

4.18.0-1006.6~18.04.14.18.0-1007.7~18.04.14.18.0-1008.8~18.04.15.0.0-1012.12~18.04.2

linux-gcp

Ubuntu 18.04 LTS

Fixed in:

5.0.0-1033.34

linux-gcp-5.3

Ubuntu 18.04 LTS

Fixed in:

5.3.0-1014.15~18.04.1

linux-gcp-edge

Ubuntu 18.04 LTS

Affected versions:

4.18.0-1004.5~18.04.14.18.0-1005.6~18.04.14.18.0-1006.7~18.04.14.18.0-1007.8~18.04.14.18.0-1008.9~18.04.14.18.0-1009.10~18.04.14.18.0-1011.12~18.04.14.18.0-1012.13~18.04.14.18.0-1013.14~18.04.14.18.0-1015.16~18.04.1+2 more

linux-gke-5.0

Ubuntu 18.04 LTS

Fixed in:

5.0.0-1032.33

linux-gke-5.3

Ubuntu 18.04 LTS

Fixed in:

5.3.0-1014.15~18.04.1

References

REPORT

https://github.com/torvalds/linux/commit/bbe692e349e2a1edf3fe0a29a0e05899c9c94d51

REPORT

https://ubuntu.com/security/CVE-2019-19053

ADVISORY

https://ubuntu.com/security/notices/USN-4300-1

ADVISORY

https://ubuntu.com/security/notices/USN-4301-1

REPORT

https://www.cve.org/CVERecord?id=CVE-2019-19053