Your submission was sent successfully! Close

CVE-2019-15030

Published: 9 September 2019

In the Linux kernel through 5.2.14 on the powerpc platform, a local user can read vector registers of other users' processes via a Facility Unavailable exception. To exploit the venerability, a local user starts a transaction (via the hardware transactional memory instruction tbegin) and then accesses vector registers. At some point, the vector registers will be corrupted with the values from a different local Linux process because of a missing arch/powerpc/kernel/process.c check.

From the Ubuntu security team

It was discovered that the Linux kernel on PowerPC architectures did not properly handle Facility Unavailable exceptions in some situations. A local attacker could use this to expose sensitive information.

Notes

AuthorNote
sbeattie
powerpc arches only
Priority

Medium

CVSS 3 base score: 4.4

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-64.73)
disco
Released (5.0.0-29.31)
eoan Not vulnerable
(5.3.0-10.11)
precise Not vulnerable
(3.0.0-12.20)
trusty Not vulnerable
(3.11.0-12.19)
upstream
Released (5.3~rc8)
xenial Not vulnerable
(4.2.0-16.19)
Patches:
Introduced by

f48e91e87e67b56bef63393d1a02c6e22c1d7078

Fixed by 8205d5d98ef7f155de211f5e2eb6ca03d95a5a60
linux-aws
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1050.52)
disco
Released (5.0.0-1016.18)
eoan Not vulnerable
(5.3.0-1003.3)
precise Does not exist

trusty Not vulnerable
(4.4.0-1002.2)
upstream
Released (5.3~rc8)
xenial Not vulnerable
(4.4.0-1001.10)
linux-aws-5.0
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.0.0-1021.24~18.04.1)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial Does not exist

linux-aws-hwe
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial
Released (4.15.0-1050.52~16.04.1)
linux-azure
Launchpad, Ubuntu, Debian
bionic
Released (5.0.0-1020.21~18.04.1)
disco
Released (5.0.0-1020.21)
eoan Not vulnerable
(5.3.0-1002.2)
precise Does not exist

trusty
Released (4.15.0-1059.64~14.04.1)
upstream
Released (5.3~rc8)
xenial
Released (4.15.0-1059.64)
linux-azure-5.3
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.3.0-1007.8~18.04.1)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial Does not exist

linux-azure-edge
Launchpad, Ubuntu, Debian
bionic
Released (5.0.0-1020.21~18.04.1)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial
Released (4.15.0-1059.64)
linux-gcp
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1044.70)
disco
Released (5.0.0-1017.17)
eoan Not vulnerable
(5.3.0-1003.3)
precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial
Released (4.15.0-1044.46)
linux-gcp-5.3
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.3.0-1008.9~18.04.1)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial Does not exist

linux-gcp-edge
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1044.70)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial Does not exist

linux-gke-4.15
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1044.46)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial Does not exist

linux-gke-5.0
Launchpad, Ubuntu, Debian
bionic
Released (5.0.0-1017.17~18.04.1)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial Does not exist

linux-hwe
Launchpad, Ubuntu, Debian
bionic
Released (5.0.0-29.31~18.04.1)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial
Released (4.15.0-64.73~16.04.1)
linux-hwe-edge
Launchpad, Ubuntu, Debian
bionic Ignored
(was pending \[5.3.0-19.20~18.04.2\] now end-of-life)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial
Released (4.15.0-64.73~16.04.1)
linux-kvm
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1046.46)
disco
Released (5.0.0-1017.18)
eoan Not vulnerable
(5.3.0-1003.3)
precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial Not vulnerable
(4.4.0-1004.9)
linux-lts-trusty
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

eoan Does not exist

precise Not vulnerable
(3.13.0-24.46~precise1)
trusty Does not exist

upstream
Released (5.3~rc8)
xenial Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

eoan Does not exist

precise Does not exist

trusty Not vulnerable
(4.4.0-13.29~14.04.1)
upstream
Released (5.3~rc8)
xenial Does not exist

linux-oem
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1056.65)
disco Ignored
(was pending \[4.15.0-1056.65\] now end-of-life)
eoan
Released (4.15.0-1059.68)
precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial Ignored
(was needs-triage now end-of-life)
linux-oem-5.4
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial Does not exist

linux-oem-osp1
Launchpad, Ubuntu, Debian
bionic
Released (5.0.0-1022.24)
disco Ignored
(was pending \[5.0.0-1022.24\] now end-of-life)
eoan
Released (5.0.0-1022.24)
precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial Does not exist

linux-oracle
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1025.28)
disco
Released (5.0.0-1004.8)
eoan Not vulnerable
(5.3.0-1002.2)
precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial
Released (4.15.0-1025.28~16.04.1)
linux-oracle-5.0
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.0.0-1007.12~18.04.1)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1047.51)
disco
Released (5.0.0-1017.17)
eoan Not vulnerable
(5.0.0-1017.17)
precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial Not vulnerable
(4.2.0-1013.19)
linux-raspi2-5.3
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.3.0-1017.19~18.04.1)
eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial Does not exist

linux-snapdragon
Launchpad, Ubuntu, Debian
bionic
Released (4.15.0-1064.71)
disco
Released (5.0.0-1021.22)
eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.3~rc8)
xenial Not vulnerable
(4.4.0-1012.12)