CVE-2019-14821

Priority
Description
An out-of-bounds access issue was found in the Linux kernel, all versions
through 5.3, in the way Linux kernel's KVM hypervisor implements the
Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct
kvm_coalesced_mmio' object, wherein write indices 'ring->first' and
'ring->last' value could be supplied by a host user-space process. An
unprivileged host user or process with access to '/dev/kvm' device could
use this flaw to crash the host kernel, resulting in a denial of service or
potentially escalating privileges on the system.
Ubuntu-Description
Matt Delco discovered that the KVM hypervisor implementation in the Linux
kernel did not properly perform bounds checking when handling coalesced
MMIO write operations. A local attacker with write access to /dev/kvm could
use this to cause a denial of service (system crash).
Mitigation
Ensure that untrusted users cannot write to the /dev/kvm device
Notes
tyhicksAn attacker needs write access to the /dev/kvm device file to exploit
this flaw. By default, Ubuntu users don't have privileges to write to
/dev/kvm. This is true even when libvirt is installed and in use.
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needed ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needed ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.4.0-166.195)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-66.75)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-32.34)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-17.18)
Patches:
Introduced by
5f94c1741bdc7a336553122036e8a779e616ccbf
Fixed by
b60fe990c6b07ef6d4df67bc0530c7c90a62623a
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needed ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.4.0-1096.107)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1052.54)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1019.21)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1003.3)
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-1052.54~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needed ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-1061.66)
Ubuntu 18.04 LTS (Bionic Beaver):pending (5.0.0-1023.24~18.04.1)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1023.24)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1002.2)
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-1061.66)
Ubuntu 18.04 LTS (Bionic Beaver):pending (5.0.0-1023.24~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-1047.50)
Ubuntu 18.04 LTS (Bionic Beaver):pending (5.0.0-1021.21~18.04.1)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1021.21)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1003.3)
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):pending (5.0.0-1021.21~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1046.49)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):pending (5.0.0-1023.23~18.04.2)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-66.75~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):pending (5.0.0-32.34~18.04.2)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-66.75~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):pending (5.3.0-18.19~18.04.2)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.4.0-1060.67)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1048.48)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1020.21)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1003.3)
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):ignored (was needed ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):ignored (was needed ESM criteria)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1059.68)
Ubuntu 19.04 (Disco Dingo):needed
Ubuntu 19.10 (Eoan):needed
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.15.0-1027.30~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1027.30)
Ubuntu 19.04 (Disco Dingo):pending (5.0.0-1005.9)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1002.2)
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.4.0-1124.133)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1049.53)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1020.20)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1006.7)
Package
Upstream:released (5.4~rc1)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):pending (4.4.0-1128.136)
Ubuntu 18.04 LTS (Bionic Beaver):pending (4.15.0-1066.73)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1024.25)
Ubuntu 19.10 (Eoan):DNE
More Information

Updated: 2019-10-17 06:14:52 UTC (commit 83d020defd5b0901f37369060729cc460a25e633)