CVE-2019-19066 in Ubuntu

CVE-2019-19066

Priority

Description

A memory leak in the bfad_im_get_stats() function in
drivers/scsi/bfa/bfad_attr.c in the Linux kernel through 5.3.11 allows
attackers to cause a denial of service (memory consumption) by triggering
bfa_port_get_stats() failures, aka CID-0e62395da2bd.

Ubuntu-Description

It was discovered that the Brocade BFA Fibre Channel device driver in the
Linux kernel did not properly deallocate memory in certain error
conditions. A local attacker could possibly use this to cause a denial of
service (kernel memory exhaustion).

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19066
https://github.com/torvalds/linux/commit/0e62395da2bd5166d7c9e14cbc7503b256a34cb0
https://ubuntu.com/security/notices/USN-4286-1
https://ubuntu.com/security/notices/USN-4286-2
https://ubuntu.com/security/notices/USN-4300-1
https://ubuntu.com/security/notices/USN-4301-1
https://ubuntu.com/security/notices/USN-4302-1

Notes

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-91.92)
Ubuntu 20.04 LTS:	not-affected (5.4.0-18.22)
Ubuntu 16.04 ESM:	released (4.4.0-174.204)
Ubuntu 14.04 ESM:	ignored (was needs-triage ESM criteria)

Patches:

Introduced by

a36c61f9025b8924f99f54d518763bee7aa84085

Fixed by

0e62395da2bd5166d7c9e14cbc7503b256a34cb0

Package

Source: linux-aws (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1063.67)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:	released (4.4.0-1102.113)
Ubuntu 14.04 ESM:	released (4.4.0-1062.66)

Patches:

Package

Source: linux-aws-5.0 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.0.0-1027.30)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-aws-hwe (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	released (4.15.0-1063.67~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.0.0-1035.37)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1006.6)
Ubuntu 16.04 ESM:	released (4.15.0-1075.80)
Ubuntu 14.04 ESM:	released (4.15.0-1074.79~14.04.1)

Patches:

Package

Source: linux-azure-5.3 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-1016.17~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure-edge (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.0.0-1033.34)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:	released (4.15.0-1058.62)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp-5.3 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-1014.15~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp-edge (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-4.15 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1055.58)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-5.0 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.0.0-1032.33)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-5.3 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-1014.15~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-hwe (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-42.34~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	released (4.15.0-91.92~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-hwe-edge (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	ignored (was needed now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	ignored (was needs-triage now end-of-life)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-kvm (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1056.57)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1004.4)
Ubuntu 16.04 ESM:	released (4.4.0-1066.73)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-lts-trusty (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-lts-xenial (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	released (4.4.0-174.204~14.04.1)

Patches:

Package

Source: linux-oem (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1076.86)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oem-5.6 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	not-affected (5.6.0-1007.7)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oem-osp1 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.0.0-1043.48)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1035.39)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:	released (4.15.0-1035.38~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle-5.0 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.0.0-1013.18)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle-5.3 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (5.3.0-1011.12~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi2 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1057.61)
Ubuntu 20.04 LTS:	ignored (was needed now end-of-life)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi2-5.3 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-1019.21~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-snapdragon (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (4.15.0-1074.81)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

More Information

Updated: 2022-04-13 13:52:51 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)