Your submission was sent successfully! Close

CVE-2019-15223

Published: 19 August 2019

An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver.

From the Ubuntu security team

It was discovered that the Line 6 USB driver for the Linux kernel contained a race condition when the device was disconnected. A physically proximate attacker could use this to cause a denial of service (system crash).

Notes

AuthorNote
tyhicks
Setting priority to negligible since this simple DoS requires a
malicious USB device to be inserted into the system
Priority

Negligible

CVSS 3 base score: 4.6

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.13.0-16.19)
disco
Released (5.0.0-31.33)
precise Ignored
(was needs-triage ESM criteria)
trusty Ignored
(was needs-triage ESM criteria)
upstream
Released (5.2~rc3)
xenial Not vulnerable
(4.2.0-16.19)
Patches:
Introduced by

7f84ff68be05ec7a5d2acf8fdc734fe5897af48f

Fixed by 0b074ab7fc0d575247b9cc9f93bb7e007ca38840
linux-aws
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1001.1)
disco
Released (5.0.0-1018.20)
precise Does not exist

trusty Ignored
(was needs-triage ESM criteria)
upstream
Released (5.2~rc3)
xenial Not vulnerable
(4.4.0-1001.10)
linux-aws-hwe
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.2~rc3)
xenial Not vulnerable
(4.15.0-1030.31~16.04.1)
linux-azure
Launchpad, Ubuntu, Debian
bionic
Released (5.0.0-1022.23~18.04.1)
disco
Released (5.0.0-1022.23)
precise Does not exist

trusty Ignored
(was needs-triage ESM criteria)
upstream
Released (5.2~rc3)
xenial Not vulnerable
(4.11.0-1009.9)
linux-azure-edge
Launchpad, Ubuntu, Debian
bionic
Released (5.0.0-1022.23~18.04.1)
disco Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.2~rc3)
xenial Not vulnerable
(4.11.0-1009.9)
linux-gcp
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1001.1)
disco
Released (5.0.0-1020.20)
precise Does not exist

trusty Does not exist

upstream
Released (5.2~rc3)
xenial Not vulnerable
(4.10.0-1004.4)
linux-gcp-edge
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1001.1)
disco Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.2~rc3)
xenial Does not exist

linux-gke-4.15
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1030.32)
disco Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.2~rc3)
xenial Does not exist

linux-gke-5.0
Launchpad, Ubuntu, Debian
bionic
Released (5.0.0-1020.20~18.04.1)
disco Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.2~rc3)
xenial Does not exist

linux-hwe
Launchpad, Ubuntu, Debian
bionic
Released (5.0.0-31.33~18.04.1)
disco Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.2~rc3)
xenial Not vulnerable
(4.8.0-36.36~16.04.1)
linux-hwe-edge
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.0.0-15.16~18.04.1)
disco Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.2~rc3)
xenial Not vulnerable
(4.8.0-36.36~16.04.1)
linux-kvm
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1002.2)
disco
Released (5.0.0-1019.20)
precise Does not exist

trusty Does not exist

upstream
Released (5.2~rc3)
xenial Not vulnerable
(4.4.0-1004.9)
linux-lts-trusty
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

precise Ignored
(was needs-triage ESM criteria)
trusty Does not exist

upstream
Released (5.2~rc3)
xenial Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

precise Does not exist

trusty Ignored
(was needs-triage ESM criteria)
upstream
Released (5.2~rc3)
xenial Does not exist

linux-oem
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1002.3)
disco Not vulnerable
(4.15.0-1021.24)
precise Does not exist

trusty Does not exist

upstream
Released (5.2~rc3)
xenial Ignored
(was needs-triage now end-of-life)
linux-oracle
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.15.0-1007.9)
disco Not vulnerable
(4.15.0-1007.9)
precise Does not exist

trusty Does not exist

upstream
Released (5.2~rc3)
xenial Not vulnerable
(4.15.0-1007.9~16.04.1)
linux-raspi2
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.13.0-1005.5)
disco
Released (5.0.0-1019.19)
precise Does not exist

trusty Does not exist

upstream
Released (5.2~rc3)
xenial Not vulnerable
(4.2.0-1013.19)
linux-snapdragon
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(4.4.0-1077.82)
disco
Released (5.0.0-1023.24)
precise Does not exist

trusty Does not exist

upstream
Released (5.2~rc3)
xenial Not vulnerable
(4.4.0-1012.12)