USN-4144-1

Details

It was discovered that the XFS file system in the Linux kernel did not properly handle mount failures in some situations. A local attacker could possibly use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2018-20976)

Benjamin Moody discovered that the XFS file system in the Linux kernel did not properly handle an error condition when out of disk quota. A local attacker could possibly use this to cause a denial of service. (CVE-2019-15538)

Affected Packages

Ubuntu:16.04:LTSlinux-aws-hwe

Fixed in:

4.15.0-1051.53~16.04.1

Ubuntu:16.04:LTSlinux-azure

Fixed in:

4.15.0-1060.65

Ubuntu:16.04:LTSlinux-hwe

Fixed in:

4.15.0-65.74~16.04.1

Ubuntu:16.04:LTSlinux-oracle

Fixed in:

4.15.0-1026.29~16.04.1

Ubuntu:18.04:LTSlinux

Fixed in:

4.15.0-65.74

Ubuntu:18.04:LTSlinux-aws

Fixed in:

4.15.0-1051.53

Ubuntu:18.04:LTSlinux-kvm

Fixed in:

4.15.0-1047.47

Ubuntu:18.04:LTSlinux-oem

Fixed in:

4.15.0-1057.66

Ubuntu:18.04:LTSlinux-oracle

Fixed in:

4.15.0-1026.29

Ubuntu:18.04:LTSlinux-raspi2

Fixed in:

4.15.0-1048.52

Ubuntu:18.04:LTSlinux-snapdragon

Fixed in:

4.15.0-1065.72

References

REPORThttps://ubuntu.com/security/CVE-2018-20976 REPORThttps://ubuntu.com/security/CVE-2019-15538 ADVISORYhttps://ubuntu.com/security/notices/USN-4144-1

USN-4144-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline