CVE-2019-19077 in Ubuntu

CVE-2019-19077

Priority

Description

A memory leak in the bnxt_re_create_srq() function in
drivers/infiniband/hw/bnxt_re/ib_verbs.c in the Linux kernel through 5.3.11
allows attackers to cause a denial of service (memory consumption) by
triggering copy to udata failures, aka CID-4a9d46a9fe14.

Ubuntu-Description

It was discovered that the Broadcom Netxtreme HCA device driver in the
Linux kernel did not properly deallocate memory in certain error
conditions. A local attacker could possibly use this to cause a denial of
service (kernel memory exhaustion).

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19077
https://github.com/torvalds/linux/commit/4a9d46a9fe14401f21df69cea97c62396d5fb053
https://ubuntu.com/security/notices/USN-4258-1
https://ubuntu.com/security/notices/USN-4284-1

Notes

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	not-affected (4.13.0-16.19)
Ubuntu 20.04 LTS:	not-affected (5.4.0-9.12)
Ubuntu 16.04 ESM:	not-affected (4.2.0-16.19)
Ubuntu 14.04 ESM:	ignored (was needs-triage ESM criteria)

Patches:

Introduced by

37cb11acf1f72a007a85894a6dd2ec93932bde46

Fixed by

4a9d46a9fe14401f21df69cea97c62396d5fb053

Package

Source: linux-aws (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	not-affected (4.15.0-1001.1)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:	not-affected (4.4.0-1001.10)
Ubuntu 14.04 ESM:	ignored (was needs-triage ESM criteria)

Patches:

Package

Source: linux-aws-5.0 (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	released (5.0.0-1024.27~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-aws-5.3 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 18.04 LTS:	not-affected
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-aws-hwe (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	not-affected (4.15.0-1030.31~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	released (5.0.0-1029.31~18.04.1)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1006.6)
Ubuntu 16.04 ESM:	not-affected (4.11.0-1009.9)
Ubuntu 14.04 ESM:	ignored (was needs-triage ESM criteria)

Patches:

Package

Source: linux-azure-4.15 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 18.04 LTS:	not-affected
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure-5.3 (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-1013.14~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure-edge (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	released (5.0.0-1029.30~18.04.1)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:	not-affected (4.10.0-1004.4)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp-5.3 (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-1012.13~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp-edge (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-4.15 (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	not-affected (4.15.0-1030.32)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-5.0 (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	released (5.0.0-1029.30~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-5.3 (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-1012.13~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-hwe (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-40.32~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	not-affected (4.8.0-36.36~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-hwe-edge (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	ignored (was needed now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	ignored (was needs-triage now end-of-life)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-kvm (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	not-affected (4.15.0-1002.2)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1004.4)
Ubuntu 16.04 ESM:	not-affected (4.4.0-1004.9)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-lts-trusty (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-lts-xenial (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	ignored (was needs-triage ESM criteria)

Patches:

Package

Source: linux-oem (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	not-affected (4.15.0-1002.3)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oem-5.6 (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	not-affected (5.6.0-1007.7)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oem-osp1 (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	released (5.0.0-1037.42)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	not-affected (4.15.0-1007.9)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:	not-affected (4.15.0-1007.9~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle-5.0 (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	released (5.0.0-1010.15~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle-5.3 (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	not-affected (5.3.0-1011.12~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	not-affected (5.4.0-1007.7)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi2 (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	not-affected (4.13.0-1005.5)
Ubuntu 20.04 LTS:	ignored (was needed now end-of-life)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi2-5.3 (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-1018.20~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-riscv (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	not-affected (5.4.0-24.28)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-snapdragon (LP Ubuntu Debian)

Upstream:	released (5.4~rc1)
Ubuntu 18.04 LTS:	not-affected (4.4.0-1077.82)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

More Information

Updated: 2022-04-13 13:53:02 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)