CVE-2019-19807

Priority
Description
In the Linux kernel before 5.3.11, sound/core/timer.c has a use-after-free
caused by erroneous code refactoring, aka CID-e7af6307a8a5. This is related
to snd_timer_open and snd_timer_close_locked. The timeri variable was
originally intended to be for a newly created timer instance, but was used
for a different purpose after refactoring.
Ubuntu-Description
Tristan Madani discovered that the ALSA timer implementation in the Linux
kernel contained a use-after-free vulnerability. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code.
Notes
Package
Source: linux (LP Ubuntu Debian)
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (3.0.0-12.20)
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (3.11.0-12.19)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-16.19)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-74.84)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-10.11)
Ubuntu 19.10 (Eoan Ermine):released (5.3.0-26.28)
Ubuntu 20.04 (Focal Fossa):not-affected (5.4.0-9.12)
Patches:
Introduced by
41672c0c24a62699d20aab53b98d843b16483053
Fixed by
e7af6307a8a54f0b873960b32b6a644f2d0fbd97
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (4.4.0-1002.2)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1001.10)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1057.59)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1002.3)
Ubuntu 19.10 (Eoan Ermine):released (5.3.0-1009.10)
Ubuntu 20.04 (Focal Fossa):needed
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.0-1021.24~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1057.59~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (4.15.0-1066.71~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1066.71)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1002.2)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1003.3)
Ubuntu 19.10 (Eoan Ermine):released (5.3.0-1009.10)
Ubuntu 20.04 (Focal Fossa):needed
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.3.0-1009.10~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1052.56)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.15.0-1001.1)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1002.3)
Ubuntu 19.10 (Eoan Ermine):released (5.3.0-1011.12)
Ubuntu 20.04 (Focal Fossa):needed
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (5.3.0-1010.11~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1050.53)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.0-1011.11~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-74.83~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (4.18.0-13.14~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):ignored (was needs-triage now end-of-life)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1004.9)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1052.52)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1003.3)
Ubuntu 19.10 (Eoan Ermine):released (5.3.0-1009.10)
Ubuntu 20.04 (Focal Fossa):needed
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (3.13.0-24.46~precise1)
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (4.4.0-13.29~14.04.1)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):ignored (was needs-triage now end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1066.76)
Ubuntu 19.04 (Disco Dingo):pending (4.15.0-1066.76)
Ubuntu 19.10 (Eoan Ermine):pending (4.15.0-1066.76)
Ubuntu 20.04 (Focal Fossa):not-affected
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.0-1010.11)
Ubuntu 19.04 (Disco Dingo):not-affected (5.0.0-1010.11)
Ubuntu 19.10 (Eoan Ermine):not-affected (5.0.0-1010.11)
Ubuntu 20.04 (Focal Fossa):not-affected
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (4.15.0-1031.34~16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1031.34)
Ubuntu 19.04 (Disco Dingo):not-affected (4.15.0-1007.9)
Ubuntu 19.10 (Eoan Ermine):released (5.3.0-1008.9)
Ubuntu 20.04 (Focal Fossa):needed
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (5.0.0-1007.12~18.04.1)
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.2.0-1013.19)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1053.57)
Ubuntu 19.04 (Disco Dingo):not-affected (4.18.0-1005.7)
Ubuntu 19.10 (Eoan Ermine):released (5.3.0-1015.17)
Ubuntu 20.04 (Focal Fossa):needed
Package
Upstream:released (5.4~rc7)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (4.4.0-1012.12)
Ubuntu 18.04 LTS (Bionic Beaver):released (4.15.0-1070.77)
Ubuntu 19.04 (Disco Dingo):not-affected (5.0.0-1010.10)
Ubuntu 19.10 (Eoan Ermine):DNE
Ubuntu 20.04 (Focal Fossa):DNE
More Information

Updated: 2020-01-08 00:19:23 UTC (commit e274acc9587ddc4a9507f6e693f9f6b170204297)