PublicDateAtUSN: 2019-11-27 16:15:00 UTC
Candidate: CVE-2019-10220
PublicDate: 2019-11-27 16:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10220
 https://ubuntu.com/security/notices/USN-4226-1
Description:
 Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative
 paths injection in directory entry lists.
Ubuntu-Description:
 Michael Hanselmann discovered that the CIFS implementation in the Linux
 kernel did not sanitize paths returned by an SMB server. An attacker
 controlling an SMB server could use this to overwrite arbitrary files.
Notes:
 tyhicks> Exploiting this vulnerability requires a malicious Samba server
Mitigation:
Bugs:
 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-10220
 https://bugzilla.suse.com/show_bug.cgi?id=1144903
Priority: medium
Discovered-by:
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH]

Patches_linux:
 break-fix: 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2 8a23eb804ca4f2be909e372cf5a9e7b30ae476cd
 break-fix: 8a23eb804ca4f2be909e372cf5a9e7b30ae476cd b9959c7a347d6adbb558fba7e36e9fef3cba3b07
upstream_linux: released (5.4~rc4)
precise/esm_linux: ignored (was needs-triage ESM criteria)
trusty_linux: ignored (out of standard support)
trusty/esm_linux: ignored (was needs-triage ESM criteria)
xenial_linux: released (4.4.0-173.203)
esm-infra/xenial_linux: released (4.4.0-173.203)
bionic_linux: released (4.15.0-88.88)
disco_linux: released (5.0.0-38.41)
eoan_linux: released (5.3.0-24.26)
focal_linux: not-affected (5.4.0-9.12)
devel_linux: not-affected (5.4.0-26.30)

Patches_linux-hwe:
upstream_linux-hwe: released (5.4~rc4)
precise/esm_linux-hwe: DNE
trusty_linux-hwe: DNE
trusty/esm_linux-hwe: DNE
xenial_linux-hwe: released (4.15.0-88.88~16.04.1)
esm-infra/xenial_linux-hwe: released (4.15.0-88.88~16.04.1)
bionic_linux-hwe: released (5.3.0-26.28~18.04.1)
disco_linux-hwe: DNE
eoan_linux-hwe: DNE
focal_linux-hwe: DNE
devel_linux-hwe: DNE

Patches_linux-hwe-edge:
upstream_linux-hwe-edge: released (5.4~rc4)
precise/esm_linux-hwe-edge: DNE
trusty_linux-hwe-edge: DNE
trusty/esm_linux-hwe-edge: DNE
xenial_linux-hwe-edge: ignored (was needs-triage now end-of-life)
esm-infra/xenial_linux-hwe-edge: ignored (was needs-triage now end-of-life)
bionic_linux-hwe-edge: ignored (was needs-triage now end-of-life)
disco_linux-hwe-edge: DNE
eoan_linux-hwe-edge: DNE
focal_linux-hwe-edge: DNE
devel_linux-hwe-edge: DNE

Patches_linux-lts-xenial:
upstream_linux-lts-xenial: released (5.4~rc4)
precise/esm_linux-lts-xenial: DNE
trusty_linux-lts-xenial: ignored (out of standard support)
trusty/esm_linux-lts-xenial: ignored (was needs-triage ESM criteria)
xenial_linux-lts-xenial: DNE
bionic_linux-lts-xenial: DNE
disco_linux-lts-xenial: DNE
eoan_linux-lts-xenial: DNE
focal_linux-lts-xenial: DNE
devel_linux-lts-xenial: DNE

Patches_linux-lts-trusty:
upstream_linux-lts-trusty: released (5.4~rc4)
precise/esm_linux-lts-trusty: ignored (was needs-triage ESM criteria)
trusty_linux-lts-trusty: DNE
trusty/esm_linux-lts-trusty: DNE
xenial_linux-lts-trusty: DNE
bionic_linux-lts-trusty: DNE
disco_linux-lts-trusty: DNE
eoan_linux-lts-trusty: DNE
focal_linux-lts-trusty: DNE
devel_linux-lts-trusty: DNE

Patches_linux-oem:
upstream_linux-oem: released (5.4~rc4)
precise/esm_linux-oem: DNE
trusty_linux-oem: DNE
trusty/esm_linux-oem: DNE
xenial_linux-oem: ignored (was needs-triage now end-of-life)
bionic_linux-oem: released (4.15.0-1073.83)
disco_linux-oem: ignored (reached end-of-life)
eoan_linux-oem: pending (4.15.0-1076.86)
focal_linux-oem: DNE
devel_linux-oem: DNE

Patches_linux-oem-osp1:
upstream_linux-oem-osp1: released (5.4~rc4)
precise/esm_linux-oem-osp1: DNE
trusty_linux-oem-osp1: DNE
trusty/esm_linux-oem-osp1: DNE
xenial_linux-oem-osp1: DNE
bionic_linux-oem-osp1: released (5.0.0-1033.38)
disco_linux-oem-osp1: ignored (reached end-of-life)
eoan_linux-oem-osp1: released (5.0.0-1033.38)
focal_linux-oem-osp1: DNE
devel_linux-oem-osp1: DNE

Patches_linux-kvm:
upstream_linux-kvm: released (5.4~rc4)
precise/esm_linux-kvm: DNE
trusty_linux-kvm: DNE
trusty/esm_linux-kvm: DNE
xenial_linux-kvm: released (4.4.0-1065.72)
esm-infra/xenial_linux-kvm: released (4.4.0-1065.72)
bionic_linux-kvm: released (4.15.0-1053.53)
disco_linux-kvm: released (5.0.0-1024.26)
eoan_linux-kvm: released (5.3.0-1008.9)
focal_linux-kvm: not-affected (5.4.0-1004.4)
devel_linux-kvm: not-affected (5.4.0-1009.9)

Patches_linux-aws:
upstream_linux-aws: released (5.4~rc4)
precise/esm_linux-aws: DNE
trusty_linux-aws: ignored (out of standard support)
trusty/esm_linux-aws: ignored (was needs-triage ESM criteria)
xenial_linux-aws: released (4.4.0-1101.112)
esm-infra/xenial_linux-aws: released (4.4.0-1101.112)
bionic_linux-aws: released (4.15.0-1060.62)
disco_linux-aws: released (5.0.0-1023.26)
eoan_linux-aws: released (5.3.0-1008.9)
focal_linux-aws: not-affected (5.4.0-1005.5)
devel_linux-aws: not-affected (5.4.0-1009.9)

Patches_linux-aws-hwe:
upstream_linux-aws-hwe: released (5.4~rc4)
precise/esm_linux-aws-hwe: DNE
trusty_linux-aws-hwe: DNE
trusty/esm_linux-aws-hwe: DNE
xenial_linux-aws-hwe: released (4.15.0-1060.62~16.04.1)
esm-infra/xenial_linux-aws-hwe: released (4.15.0-1060.62~16.04.1)
bionic_linux-aws-hwe: DNE
disco_linux-aws-hwe: DNE
eoan_linux-aws-hwe: DNE
focal_linux-aws-hwe: DNE
devel_linux-aws-hwe: DNE

Patches_linux-azure:
upstream_linux-azure: released (5.4~rc4)
precise/esm_linux-azure: DNE
trusty_linux-azure: ignored (out of standard support)
trusty/esm_linux-azure: ignored (was needs-triage ESM criteria)
xenial_linux-azure: released (4.15.0-1071.76)
esm-infra/xenial_linux-azure: released (4.15.0-1071.76)
bionic_linux-azure: released (5.0.0-1028.30~18.04.1)
disco_linux-azure: released (5.0.0-1028.30)
eoan_linux-azure: released (5.3.0-1008.9)
focal_linux-azure: not-affected (5.4.0-1006.6)
devel_linux-azure: not-affected (5.4.0-1010.10)

Patches_linux-azure-edge:
upstream_linux-azure-edge: released (5.4~rc4)
precise/esm_linux-azure-edge: DNE
trusty_linux-azure-edge: DNE
trusty/esm_linux-azure-edge: DNE
xenial_linux-azure-edge: DNE
bionic_linux-azure-edge: ignored (was needs-triage now end-of-life)
disco_linux-azure-edge: DNE
eoan_linux-azure-edge: DNE
focal_linux-azure-edge: DNE
devel_linux-azure-edge: DNE

Patches_linux-gcp:
upstream_linux-gcp: released (5.4~rc4)
precise/esm_linux-gcp: DNE
trusty_linux-gcp: DNE
trusty/esm_linux-gcp: DNE
xenial_linux-gcp: released (4.15.0-1055.59)
esm-infra/xenial_linux-gcp: released (4.15.0-1055.59)
bionic_linux-gcp: released (5.0.0-1028.29~18.04.1)
disco_linux-gcp: released (5.0.0-1028.29)
eoan_linux-gcp: released (5.3.0-1009.10)
focal_linux-gcp: not-affected (5.4.0-1005.5)
devel_linux-gcp: not-affected (5.4.0-1009.9)

Patches_linux-gcp-edge:
upstream_linux-gcp-edge: released (5.4~rc4)
precise/esm_linux-gcp-edge: DNE
trusty_linux-gcp-edge: DNE
trusty/esm_linux-gcp-edge: DNE
xenial_linux-gcp-edge: DNE
bionic_linux-gcp-edge: ignored (was needs-triage now end-of-life)
disco_linux-gcp-edge: DNE
eoan_linux-gcp-edge: DNE
focal_linux-gcp-edge: DNE
devel_linux-gcp-edge: DNE

Patches_linux-gke-4.15:
upstream_linux-gke-4.15: released (5.4~rc4)
precise/esm_linux-gke-4.15: DNE
trusty_linux-gke-4.15: DNE
trusty/esm_linux-gke-4.15: DNE
xenial_linux-gke-4.15: DNE
bionic_linux-gke-4.15: released (4.15.0-1052.55)
disco_linux-gke-4.15: DNE
eoan_linux-gke-4.15: DNE
focal_linux-gke-4.15: DNE
devel_linux-gke-4.15: DNE

Patches_linux-gke-5.0:
upstream_linux-gke-5.0: released (5.4~rc4)
precise/esm_linux-gke-5.0: DNE
trusty_linux-gke-5.0: DNE
trusty/esm_linux-gke-5.0: DNE
xenial_linux-gke-5.0: DNE
bionic_linux-gke-5.0: released (5.0.0-1027.28~18.04.1)
disco_linux-gke-5.0: DNE
eoan_linux-gke-5.0: DNE
focal_linux-gke-5.0: DNE
devel_linux-gke-5.0: DNE

Patches_linux-oracle:
upstream_linux-oracle: released (5.4~rc4)
precise/esm_linux-oracle: DNE
trusty_linux-oracle: DNE
trusty/esm_linux-oracle: DNE
xenial_linux-oracle: released (4.15.0-1033.36~16.04.1)
esm-infra/xenial_linux-oracle: released (4.15.0-1033.36~16.04.1)
bionic_linux-oracle: released (4.15.0-1033.36)
disco_linux-oracle: released (5.0.0-1009.14)
eoan_linux-oracle: released (5.3.0-1007.8)
focal_linux-oracle: not-affected (5.4.0-1005.5)
devel_linux-oracle: not-affected (5.4.0-1009.9)

Patches_linux-raspi2:
upstream_linux-raspi2: released (5.4~rc4)
precise/esm_linux-raspi2: DNE
trusty_linux-raspi2: DNE
trusty/esm_linux-raspi2: DNE
xenial_linux-raspi2: released (4.4.0-1128.137)
bionic_linux-raspi2: released (4.15.0-1055.59)
disco_linux-raspi2: released (5.0.0-1024.25)
eoan_linux-raspi2: released (5.3.0-1014.16)
focal_linux-raspi2: ignored (was needed now end-of-life)
devel_linux-raspi2: DNE

Patches_linux-snapdragon:
upstream_linux-snapdragon: released (5.4~rc4)
precise/esm_linux-snapdragon: DNE
trusty_linux-snapdragon: DNE
trusty/esm_linux-snapdragon: DNE
xenial_linux-snapdragon: released (4.4.0-1132.140)
bionic_linux-snapdragon: released (4.15.0-1072.79)
disco_linux-snapdragon: ignored (was pending \[5.0.0-1028.30\] now end-of-life)
eoan_linux-snapdragon: DNE
focal_linux-snapdragon: DNE
devel_linux-snapdragon: DNE

Patches_linux-gcp-5.3:
upstream_linux-gcp-5.3: released (5.4~rc4)
precise/esm_linux-gcp-5.3: DNE
trusty_linux-gcp-5.3: DNE
trusty/esm_linux-gcp-5.3: DNE
xenial_linux-gcp-5.3: DNE
bionic_linux-gcp-5.3: released (5.3.0-1009.10~18.04.1)
disco_linux-gcp-5.3: DNE
eoan_linux-gcp-5.3: DNE
focal_linux-gcp-5.3: DNE
devel_linux-gcp-5.3: DNE

Patches_linux-oracle-5.0:
upstream_linux-oracle-5.0: released (5.4~rc4)
precise/esm_linux-oracle-5.0: DNE
trusty_linux-oracle-5.0: DNE
trusty/esm_linux-oracle-5.0: DNE
xenial_linux-oracle-5.0: DNE
bionic_linux-oracle-5.0: released (5.0.0-1009.14~18.04.1)
disco_linux-oracle-5.0: DNE
eoan_linux-oracle-5.0: DNE
focal_linux-oracle-5.0: DNE
devel_linux-oracle-5.0: DNE

Patches_linux-aws-5.0:
upstream_linux-aws-5.0: released (5.4~rc4)
precise/esm_linux-aws-5.0: DNE
trusty_linux-aws-5.0: DNE
trusty/esm_linux-aws-5.0: DNE
xenial_linux-aws-5.0: DNE
bionic_linux-aws-5.0: released (5.0.0-1023.26~18.04.1)
disco_linux-aws-5.0: DNE
eoan_linux-aws-5.0: DNE
focal_linux-aws-5.0: DNE
devel_linux-aws-5.0: DNE

Patches_linux-azure-5.3:
upstream_linux-azure-5.3: released (5.4~rc4)
precise/esm_linux-azure-5.3: DNE
trusty_linux-azure-5.3: DNE
trusty/esm_linux-azure-5.3: DNE
xenial_linux-azure-5.3: DNE
bionic_linux-azure-5.3: released (5.3.0-1008.9~18.04.1)
disco_linux-azure-5.3: DNE
eoan_linux-azure-5.3: DNE
focal_linux-azure-5.3: DNE
devel_linux-azure-5.3: DNE

Patches_linux-raspi2-5.3:
upstream_linux-raspi2-5.3: released (5.4~rc4)
precise/esm_linux-raspi2-5.3: DNE
trusty_linux-raspi2-5.3: DNE
trusty/esm_linux-raspi2-5.3: DNE
xenial_linux-raspi2-5.3: DNE
bionic_linux-raspi2-5.3: not-affected (5.3.0-1017.19~18.04.1)
eoan_linux-raspi2-5.3: DNE
focal_linux-raspi2-5.3: DNE
devel_linux-raspi2-5.3: DNE

Patches_linux-oem-5.6:
upstream_linux-oem-5.6: released (5.4~rc4)
precise/esm_linux-oem-5.6: DNE
trusty_linux-oem-5.6: DNE
trusty/esm_linux-oem-5.6: DNE
xenial_linux-oem-5.6: DNE
bionic_linux-oem-5.6: DNE
eoan_linux-oem-5.6: DNE
focal_linux-oem-5.6: not-affected (5.6.0-1007.7)
devel_linux-oem-5.6: not-affected (5.6.0-1007.7)

Patches_linux-gke-5.3:
upstream_linux-gke-5.3: released (5.4~rc4)
precise/esm_linux-gke-5.3: DNE
trusty_linux-gke-5.3: DNE
trusty/esm_linux-gke-5.3: DNE
xenial_linux-gke-5.3: DNE
bionic_linux-gke-5.3: not-affected (5.3.0-1011.12~18.04.1)
eoan_linux-gke-5.3: DNE
focal_linux-gke-5.3: DNE
devel_linux-gke-5.3: DNE

Patches_linux-oracle-5.3:
upstream_linux-oracle-5.3: released (5.4~rc4)
precise/esm_linux-oracle-5.3: DNE
trusty_linux-oracle-5.3: DNE
trusty/esm_linux-oracle-5.3: DNE
xenial_linux-oracle-5.3: DNE
bionic_linux-oracle-5.3: not-affected (5.3.0-1011.12~18.04.1)
eoan_linux-oracle-5.3: DNE
focal_linux-oracle-5.3: DNE
devel_linux-oracle-5.3: DNE

Patches_linux-riscv:
upstream_linux-riscv: released (5.4~rc4)
precise/esm_linux-riscv: DNE
trusty_linux-riscv: DNE
trusty/esm_linux-riscv: DNE
xenial_linux-riscv: DNE
bionic_linux-riscv: DNE
eoan_linux-riscv: DNE
focal_linux-riscv: not-affected (5.4.0-24.28)
devel_linux-riscv: not-affected (5.4.0-24.28)

Patches_linux-raspi:
upstream_linux-raspi: released (5.4~rc4)
precise/esm_linux-raspi: DNE
trusty_linux-raspi: DNE
trusty/esm_linux-raspi: DNE
xenial_linux-raspi: DNE
bionic_linux-raspi: DNE
eoan_linux-raspi: DNE
focal_linux-raspi: not-affected (5.4.0-1007.7)
devel_linux-raspi: not-affected (5.4.0-1008.8)

Patches_linux-azure-4.15:
upstream_linux-azure-4.15: released (5.4~rc4)
precise/esm_linux-azure-4.15: DNE
trusty_linux-azure-4.15: DNE
trusty/esm_linux-azure-4.15: DNE
xenial_linux-azure-4.15: DNE
bionic_linux-azure-4.15: not-affected (4.15.0-1082.92)
eoan_linux-azure-4.15: DNE
focal_linux-azure-4.15: DNE
devel_linux-azure-4.15: DNE

Patches_linux-aws-5.3:
upstream_linux-aws-5.3: released (5.4~rc4)
precise/esm_linux-aws-5.3: DNE
trusty_linux-aws-5.3: DNE
trusty/esm_linux-aws-5.3: DNE
xenial_linux-aws-5.3: DNE
bionic_linux-aws-5.3: not-affected (5.3.0-1016.17~18.04.1)
eoan_linux-aws-5.3: DNE
focal_linux-aws-5.3: DNE
devel_linux-aws-5.3: DNE

Patches_linux-gcp-4.15:
upstream_linux-gcp-4.15: released (5.4~rc4)
precise/esm_linux-gcp-4.15: DNE
trusty_linux-gcp-4.15: DNE
trusty/esm_linux-gcp-4.15: DNE
xenial_linux-gcp-4.15: DNE
bionic_linux-gcp-4.15: not-affected (4.15.0-1071.81)
eoan_linux-gcp-4.15: DNE
focal_linux-gcp-4.15: DNE
devel_linux-gcp-4.15: DNE