CVE-2019-14835

Priority
Description
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the
way Linux kernel's vhost functionality that translates virtqueue buffers to
IOVs, logged the buffer descriptors during migration. A privileged guest
user able to pass descriptors with invalid length to the host when
migration is underway, could use this flaw to increase their privileges on
the host.
Ubuntu-Description
Peter Pi discovered a buffer overflow in the virtio network backend
(vhost_net) implementation in the Linux kernel. An attacker in a guest may
be able to use this to cause a denial of service (host OS crash) or
possibly execute arbitrary code in the host OS.
Assigned-to
tyhicks
Notes
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.2.0-143.190)
Ubuntu 14.04 ESM (Trusty Tahr):released (3.13.0-173.224)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-164.192)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-64.73)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-29.31)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-12.13)
Patches:
Introduced by
3a4d5c94e959359ece6d6b55045c3f046677f55c
Fixed by
060423bfdee3f8bc6e2c1bac97de24d5415e2bc4
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (4.4.0-1054.58)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1094.105)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1050.52)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1016.18)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1003.3)
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1050.52~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (4.15.0-1059.64~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1059.64)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1020.21~18.04.1)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1020.21)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1002.2)
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1059.64)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1020.21~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1044.46)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1044.70)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1017.17)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1003.3)
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1044.70)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1044.46)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-1017.17~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-64.73~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.0.0-29.31~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-64.73~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):pending (5.3.0-12.13~18.04.2)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1058.65)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1046.46)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1017.18)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1003.3)
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):released (3.13.0-173.224~12.04.1)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (4.4.0-164.192~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1056.65)
Ubuntu 19.04 (Disco Dingo):pending (4.15.0-1056.65)
Ubuntu 19.10 (Eoan):pending (4.15.0-1056.65)
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1025.28~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1025.28)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1004.8)
Ubuntu 19.10 (Eoan):not-affected (5.3.0-1002.2)
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1122.131)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1047.51)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1017.17)
Ubuntu 19.10 (Eoan):not-affected (5.0.0-1017.17)
Package
Upstream:released (5.3)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.4.0-1126.132)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1064.71)
Ubuntu 19.04 (Disco Dingo):released (5.0.0-1021.22)
Ubuntu 19.10 (Eoan):DNE
More Information

Updated: 2019-10-18 02:45:24 UTC (commit cccfc4426d8c1fbf582a89d981fe7fc812124543)