USN-4211-1

Details

Zhipeng Xie discovered that an infinite loop could be triggered in the CFS Linux kernel process scheduler. A local attacker could possibly use this to cause a denial of service. (CVE-2018-20784)

Nicolas Waisman discovered that the WiFi driver stack in the Linux kernel did not properly validate SSID lengths. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-17133)

Nicolas Waisman discovered that the Chelsio T4/T5 RDMA Driver for the Linux kernel performed DMA from a kernel stack. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-17075)

Affected Packages

Ubuntu:16.04:LTSlinux

Fixed in:

4.4.0-170.199

Ubuntu:16.04:LTSlinux-aws

Fixed in:

4.4.0-1099.110

Ubuntu:16.04:LTSlinux-kvm

Fixed in:

4.4.0-1063.70

Ubuntu:16.04:LTSlinux-raspi2

Fixed in:

4.4.0-1126.135

Ubuntu:16.04:LTSlinux-snapdragon

Fixed in:

4.4.0-1130.138

References

REPORThttps://ubuntu.com/security/CVE-2018-20784 REPORThttps://ubuntu.com/security/CVE-2019-17075 REPORThttps://ubuntu.com/security/CVE-2019-17133 ADVISORYhttps://ubuntu.com/security/notices/USN-4211-1

USN-4211-1

Details

Affected Packages

References

Upstream

Ecosystems

Timeline