CVE-2019-19241 in Ubuntu

CVE-2019-19241

Priority

Description

In the Linux kernel before 5.4.2, the io_uring feature leads to requests
that inadvertently have UID 0 and full capabilities, aka CID-181e448d8709.
This is related to fs/io-wq.c, fs/io_uring.c, and net/socket.c. For
example, an attacker can bypass intended restrictions on adding an IPv4
address to the loopback interface. This occurs because IORING_OP_SENDMSG
operations, although requested in the context of an unprivileged user, are
sometimes performed by a kernel worker thread without considering that
context.

Ubuntu-Description

It was discovered that the IO uring implementation in the Linux kernel did
not properly perform credentials checks in certain situations. A local
attacker could possibly use this to gain administrative privileges.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19241
https://bugs.chromium.org/p/project-zero/issues/detail?id=1975
https://git.kernel.org/linus/181e448d8709e517c9c7b523fcd209f24eb38ca7
https://git.kernel.org/linus/d69e07793f891524c6bbf1e75b9ae69db4450953
https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.4.2
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=181e448d8709e517c9c7b523fcd209f24eb38ca7
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=d69e07793f891524c6bbf1e75b9ae69db4450953
https://ubuntu.com/security/notices/USN-4284-1

Notes

Package

Source: linux (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (4.13.0-16.19)
Ubuntu 20.04 LTS:	not-affected (5.4.0-9.12)
Ubuntu 16.04 ESM:	not-affected (4.2.0-16.19)
Ubuntu 14.04 ESM:	ignored (was needs-triage ESM criteria)

Patches:

Introduced by 771b53d033e8663abdf59704806aa856b236dcdb	Fixed by 181e448d8709e517c9c7b523fcd209f24eb38ca7
Introduced by 6c271ce2f1d572f7fa225700a13cfe7ced492434	Fixed by 181e448d8709e517c9c7b523fcd209f24eb38ca7
Introduced by 0fa03c624d8fc9932d0f27c39a9deca6a37e0e17	Fixed by d69e07793f891524c6bbf1e75b9ae69db4450953
Introduced by aa1fa28fc73ea6b740ee7b62bf3b07141883dbb8	Fixed by d69e07793f891524c6bbf1e75b9ae69db4450953

Package

Source: linux-aws (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (4.15.0-1001.1)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:	not-affected (4.4.0-1001.10)
Ubuntu 14.04 ESM:	ignored (was needs-triage ESM criteria)

Patches:

Package

Source: linux-aws-5.0 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (5.0.0-1021.24~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-aws-5.3 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 18.04 LTS:	not-affected
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-aws-hwe (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	not-affected (4.15.0-1030.31~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (4.15.0-1002.2)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1006.6)
Ubuntu 16.04 ESM:	not-affected (4.11.0-1009.9)
Ubuntu 14.04 ESM:	ignored (was needs-triage ESM criteria)

Patches:

Package

Source: linux-azure-4.15 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 18.04 LTS:	not-affected
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure-5.3 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-1013.14~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-azure-edge (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (4.15.0-1001.1)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:	not-affected (4.10.0-1004.4)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp-5.3 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-1012.13~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gcp-edge (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-4.15 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (4.15.0-1030.32)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-5.0 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (5.0.0-1011.11~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-gke-5.3 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-1012.13~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-hwe (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-40.32~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	not-affected (4.8.0-36.36~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-hwe-edge (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	ignored (was needs-triage now end-of-life)
Ubuntu 20.04 LTS:	DNE
Ubuntu 16.04 ESM:	ignored (was needs-triage now end-of-life)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-kvm (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (4.15.0-1002.2)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1004.4)
Ubuntu 16.04 ESM:	not-affected (4.4.0-1004.9)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-lts-trusty (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-lts-xenial (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	ignored (was needs-triage ESM criteria)

Patches:

Package

Source: linux-oem (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (4.15.0-1002.3)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oem-5.6 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	not-affected (5.6.0-1007.7)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oem-osp1 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (5.0.0-1010.11)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (4.15.0-1007.9)
Ubuntu 20.04 LTS:	not-affected (5.4.0-1005.5)
Ubuntu 16.04 ESM:	not-affected (4.15.0-1007.9~16.04.1)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle-5.0 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (5.0.0-1007.12~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-oracle-5.3 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (5.3.0-1011.12~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	not-affected (5.4.0-1007.7)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi2 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (4.13.0-1005.5)
Ubuntu 20.04 LTS:	ignored (was needed now end-of-life)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-raspi2-5.3 (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	released (5.3.0-1018.20~18.04.1)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-riscv (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	DNE
Ubuntu 20.04 LTS:	not-affected (5.4.0-24.28)
Ubuntu 14.04 ESM:	DNE

Patches:

Package

Source: linux-snapdragon (LP Ubuntu Debian)

Upstream:	released (5.5~rc1)
Ubuntu 18.04 LTS:	not-affected (4.4.0-1077.82)
Ubuntu 20.04 LTS:	DNE
Ubuntu 14.04 ESM:	DNE

Patches:

More Information

Updated: 2022-04-13 13:53:09 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)