CVE-2019-14821

Priority
Description
An out-of-bounds access issue was found in the Linux kernel, all versions
through 5.3, in the way Linux kernel's KVM hypervisor implements the
Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct
kvm_coalesced_mmio' object, wherein write indices 'ring->first' and
'ring->last' value could be supplied by a host user-space process. An
unprivileged host user or process with access to '/dev/kvm' device could
use this flaw to crash the host kernel, resulting in a denial of service or
potentially escalating privileges on the system.
Ubuntu-Description
Matt Delco discovered that the KVM hypervisor implementation in the Linux
kernel did not properly perform bounds checking when handling coalesced
MMIO write operations. A local attacker with write access to /dev/kvm could
use this to cause a denial of service (system crash).
References
Bugs
Mitigation
Ensure that untrusted users cannot write to the /dev/kvm device
Notes
tyhicksAn attacker needs write access to the /dev/kvm device file to exploit
this flaw. By default, Ubuntu users don't have privileges to write to
/dev/kvm. This is true even when libvirt is installed and in use.
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (4.15.0-66.75)
Ubuntu 20.04 LTS:not-affected (5.4.0-9.12)
Ubuntu 16.04 ESM:released (4.4.0-166.195)
Ubuntu 14.04 ESM:ignored (was needed ESM criteria)
Patches:
Introduced by 
5f94c1741bdc7a336553122036e8a779e616ccbf
Fixed by 
b60fe990c6b07ef6d4df67bc0530c7c90a62623a
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (4.15.0-1052.54)
Ubuntu 20.04 LTS:not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:released (4.4.0-1096.107)
Ubuntu 14.04 ESM:released (4.4.0-1056.60)
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:not-affected (5.0.0-1021.24~18.04.1)
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 20.04 LTS:DNE
Ubuntu 16.04 ESM:released (4.15.0-1052.54~16.04.1)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (5.0.0-1023.24~18.04.1)
Ubuntu 20.04 LTS:not-affected (5.4.0-1006.6)
Ubuntu 16.04 ESM:released (4.15.0-1061.66)
Ubuntu 14.04 ESM:released (4.15.0-1061.66~14.04.1)
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:not-affected (5.3.0-1007.8~18.04.1)
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (5.0.0-1023.24~18.04.1)
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (5.0.0-1021.21~18.04.1)
Ubuntu 20.04 LTS:not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:released (4.15.0-1047.50)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:not-affected (5.3.0-1008.9~18.04.1)
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (5.0.0-1021.21~18.04.1)
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (4.15.0-1046.49)
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (5.0.0-1023.23~18.04.2)
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:not-affected (5.3.0-1011.12~18.04.1)
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (5.0.0-32.34~18.04.2)
Ubuntu 20.04 LTS:DNE
Ubuntu 16.04 ESM:released (4.15.0-66.75~16.04.1)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:ignored (was pending \[5.3.0-19.20~18.04.2\] now end-of-life)
Ubuntu 20.04 LTS:DNE
Ubuntu 16.04 ESM:released (4.15.0-66.75~16.04.1)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (4.15.0-1048.48)
Ubuntu 20.04 LTS:not-affected (5.4.0-1004.4)
Ubuntu 16.04 ESM:released (4.4.0-1060.67)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:released (4.4.0-166.195~14.04.1)
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (4.15.0-1059.68)
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:DNE
Ubuntu 20.04 LTS:not-affected (5.4.0-1002.4)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (5.0.0-1025.28)
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (4.15.0-1027.30)
Ubuntu 20.04 LTS:not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:released (4.15.0-1027.30~16.04.1)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:not-affected (5.0.0-1007.12~18.04.1)
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:not-affected (5.3.0-1011.12~18.04.1)
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (4.15.0-1049.53)
Ubuntu 20.04 LTS:not-affected (5.4.0-1004.4)
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:not-affected (5.3.0-1017.19~18.04.1)
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
Package
Upstream:released (5.4~rc1)
Ubuntu 18.04 LTS:released (4.15.0-1066.73)
Ubuntu 20.04 LTS:DNE
Ubuntu 14.04 ESM:DNE
Patches:
More Information

Updated: 2022-04-13 13:43:42 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)