Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2019-14898

Published: 8 May 2020

The fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by triggering a race condition with mmget_not_zero or get_task_mm calls.

Priority

Medium

Cvss 3 Severity Score

7.0

Score breakdown

Status

Package Release Status
linux-aws
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Ignored
(end of life)
eoan Not vulnerable
(RHEL-7 specific issue)
trusty Ignored
(was not-affected (RHEL-7 specific issue) ESM criteria)
upstream Not vulnerable
(RHEL-7 specific issue)
xenial Not vulnerable
(RHEL-7 specific issue)
linux-aws-hwe
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

eoan Does not exist

trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Not vulnerable
(RHEL-7 specific issue)
linux-aws-5.0
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Does not exist

eoan Does not exist

trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Does not exist

linux-gcp-5.3
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Does not exist

eoan Does not exist

trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Does not exist

linux
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Ignored
(end of life)
eoan Not vulnerable
(RHEL-7 specific issue)
trusty Ignored
(was not-affected (RHEL-7 specific issue) ESM criteria)
upstream Not vulnerable
(debian: RHEL-7 specific incomplete fix for CVE-2019-11599)
xenial Not vulnerable
(RHEL-7 specific issue)
linux-azure
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Ignored
(end of life)
eoan Not vulnerable
(RHEL-7 specific issue)
trusty Ignored
(was not-affected (RHEL-7 specific issue) ESM criteria)
upstream Not vulnerable
(RHEL-7 specific issue)
xenial Not vulnerable
(RHEL-7 specific issue)
linux-azure-edge
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Does not exist

eoan Does not exist

trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Ignored
(end of standard support, was not-affected)
linux-gcp
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Ignored
(end of life)
eoan Not vulnerable
(RHEL-7 specific issue)
trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Not vulnerable
(RHEL-7 specific issue)
linux-gcp-edge
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Does not exist

eoan Does not exist

trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Does not exist

linux-gke-4.15
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Does not exist

eoan Does not exist

trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Does not exist

linux-gke-5.0
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Does not exist

eoan Does not exist

trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Does not exist

linux-hwe
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Does not exist

eoan Does not exist

trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Not vulnerable
(RHEL-7 specific issue)
linux-hwe-edge
Launchpad, Ubuntu, Debian
bionic Ignored
(end of life, was not-affected)
disco Does not exist

eoan Does not exist

trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Not vulnerable
(RHEL-7 specific issue)
linux-kvm
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Ignored
(end of life)
eoan Not vulnerable
(RHEL-7 specific issue)
trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Not vulnerable
(RHEL-7 specific issue)
linux-lts-trusty
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

eoan Does not exist

trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

eoan Does not exist

trusty Ignored
(was not-affected (RHEL-7 specific issue) ESM criteria)
upstream Not vulnerable
(RHEL-7 specific issue)
xenial Does not exist

linux-oem
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Ignored
(end of life)
eoan Not vulnerable
(RHEL-7 specific issue)
trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Ignored
(end of standard support, was not-affected)
linux-oem-5.4
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Does not exist

linux-oem-osp1
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Ignored
(end of life)
eoan Not vulnerable
(RHEL-7 specific issue)
trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Does not exist

linux-oracle
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Ignored
(end of life)
eoan Not vulnerable
(RHEL-7 specific issue)
trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Not vulnerable
(RHEL-7 specific issue)
linux-oracle-5.0
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Does not exist

eoan Does not exist

trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Ignored
(end of life)
eoan Not vulnerable
(RHEL-7 specific issue)
trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Not vulnerable
(RHEL-7 specific issue)
linux-raspi2-5.3
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
eoan Does not exist

trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Does not exist

linux-snapdragon
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(RHEL-7 specific issue)
disco Ignored
(end of life)
eoan Does not exist

trusty Does not exist

upstream Not vulnerable
(RHEL-7 specific issue)
xenial Not vulnerable
(RHEL-7 specific issue)

Severity score breakdown

Parameter Value
Base score 7.0
Attack vector Local
Attack complexity High
Privileges required Low
User interaction None
Scope Unchanged
Confidentiality High
Integrity impact High
Availability impact High
Vector CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H