Your submission was sent successfully! Close

CVE-2019-16089

Published: 6 September 2019

An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.

From the Ubuntu Security Team

It was discovered that the network block device (nbd) implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service (system crash).

Notes

AuthorNote
sbeattie 
fix has not landed upstream as of 2020-04-22
Priority

Low

CVSS 3 base score: 4.1

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian 		bionic
Released (4.15.0-109.110)
disco Ignored
(reached end-of-life)
eoan Ignored
(was pending \[5.3.0-63.57\] now end-of-life)
focal
Released (5.4.0-42.46)
groovy Not vulnerable
(5.4.0-42.46)
hirsute Not vulnerable
(5.8.0-36.40+21.04.1)
precise Ignored
(was needs-triage ESM criteria)
trusty Ignored
(was needs-triage ESM criteria)
upstream Needed

xenial Not vulnerable
(4.4.0-2.16)
Patches:
Introduced by

47d902b90a32a42a3d33aef3a02170fc6f70aa23

Fixed by local-2019-16089-fix
linux-aws
Launchpad, Ubuntu, Debian 		bionic
Released (4.15.0-1077.81)
disco Ignored
(reached end-of-life)
eoan Ignored
(was pending \[5.3.0-1031.33\] now end-of-life)
focal
Released (5.4.0-1020.20)
groovy Not vulnerable
(5.4.0-1020.20)
hirsute Not vulnerable
(5.8.0-1018.20+21.04.1)
precise Does not exist

trusty Ignored
(was needs-triage ESM criteria)
upstream Needed

xenial Not vulnerable
(4.4.0-1001.10)
linux-aws-5.0
Launchpad, Ubuntu, Debian 		bionic Ignored
(was needed now end-of-life)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-aws-5.11
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.11.0-1009.9~20.04.2)
hirsute Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-aws-5.3
Launchpad, Ubuntu, Debian 		bionic
Released (5.3.0-1032.34~18.04.2)
eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-aws-5.4
Launchpad, Ubuntu, Debian 		bionic
Released (5.4.0-1020.20~18.04.2)
focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-aws-5.8
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.8.0-1035.37~20.04.1)
groovy Does not exist

hirsute Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-aws-hwe
Launchpad, Ubuntu, Debian 		bionic Does not exist

disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial
Released (4.15.0-1079.83~16.04.1)
linux-azure
Launchpad, Ubuntu, Debian 		bionic Ignored
(was needed now end-of-life)
disco Ignored
(reached end-of-life)
eoan Ignored
(was pending \[5.3.0-1033.34\] now end-of-life)
focal
Released (5.4.0-1022.22)
groovy Not vulnerable
(5.4.0-1022.22)
hirsute Not vulnerable
(5.8.0-1016.17+21.04.1)
precise Does not exist

trusty
Released (4.15.0-1091.101~14.04.1)
upstream Needed

xenial
Released (4.15.0-1091.101~16.04.1)
linux-azure-4.15
Launchpad, Ubuntu, Debian 		bionic
Released (4.15.0-1091.101)
eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-azure-5.11
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.11.0-1007.7~20.04.2)
hirsute Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-azure-5.3
Launchpad, Ubuntu, Debian 		bionic
Released (5.3.0-1034.35~18.04.1)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-azure-5.4
Launchpad, Ubuntu, Debian 		bionic
Released (5.4.0-1022.22~18.04.1)
focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-azure-5.8
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.8.0-1033.35~20.04.1)
groovy Does not exist

hirsute Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-azure-edge
Launchpad, Ubuntu, Debian 		bionic Ignored
(was needed now end-of-life)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-bluefield
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.4.0-1007.10)
hirsute Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-dell300x
Launchpad, Ubuntu, Debian 		bionic Not vulnerable
(4.15.0-1005.8)
focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-gcp
Launchpad, Ubuntu, Debian 		bionic Ignored
(was needed now end-of-life)
disco Ignored
(reached end-of-life)
eoan Ignored
(was pending \[5.3.0-1031.33\] now end-of-life)
focal
Released (5.4.0-1021.21)
groovy Not vulnerable
(5.4.0-1021.21)
hirsute Not vulnerable
(5.8.0-1015.15+21.04.1)
precise Does not exist

trusty Does not exist

upstream Needed

xenial
Released (4.15.0-1080.90~16.04.1)
linux-gcp-4.15
Launchpad, Ubuntu, Debian 		bionic
Released (4.15.0-1080.90)
eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-gcp-5.3
Launchpad, Ubuntu, Debian 		bionic
Released (5.3.0-1032.34~18.04.1)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-gcp-5.4
Launchpad, Ubuntu, Debian 		bionic
Released (5.4.0-1021.21~18.04.1)
focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-gcp-5.8
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.8.0-1032.34~20.04.1)
groovy Does not exist

hirsute Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-gcp-edge
Launchpad, Ubuntu, Debian 		bionic Ignored
(was needed now end-of-life)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-gke
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.4.0-1033.35)
groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Ignored
(reached end of standard support)
linux-gke-4.15
Launchpad, Ubuntu, Debian 		bionic
Released (4.15.0-1066.69)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-gke-5.0
Launchpad, Ubuntu, Debian 		bionic
Released (5.0.0-1045.46)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-gke-5.3
Launchpad, Ubuntu, Debian 		bionic
Released (5.3.0-1032.34~18.04.1)
eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-gke-5.4
Launchpad, Ubuntu, Debian 		bionic Not vulnerable
(5.4.0-1025.25~18.04.1)
focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-gkeop
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.4.0-1008.9)
groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-gkeop-5.4
Launchpad, Ubuntu, Debian 		bionic Not vulnerable
(5.4.0-1001.1)
focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-hwe
Launchpad, Ubuntu, Debian 		bionic
Released (5.3.0-64.58~18.04.1)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial
Released (4.15.0-112.113~16.04.1)
linux-hwe-5.11
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.11.0-22.23~20.04.1)
hirsute Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-hwe-5.4
Launchpad, Ubuntu, Debian 		bionic
Released (5.4.0-42.46~18.04.1)
focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-hwe-5.8
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.8.0-23.24~20.04.1)
groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-hwe-edge
Launchpad, Ubuntu, Debian 		bionic Ignored
(was needed now end-of-life)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Ignored
(was needed now end-of-life)
linux-kvm
Launchpad, Ubuntu, Debian 		bionic
Released (4.15.0-1069.70)
disco Ignored
(reached end-of-life)
eoan Ignored
(was pending \[5.3.0-1025.27\] now end-of-life)
focal
Released (5.4.0-1020.20)
groovy Not vulnerable
(5.4.0-1020.20)
hirsute Not vulnerable
(5.8.0-1010.11+21.04.1)
precise Does not exist

trusty Does not exist

upstream Needed

xenial Not vulnerable
(4.4.0-1004.9)
linux-lts-trusty
Launchpad, Ubuntu, Debian 		bionic Does not exist

disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Ignored
(was needs-triage ESM criteria)
trusty Does not exist

upstream Needed

xenial Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian 		bionic Does not exist

disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Ignored
(was needs-triage ESM criteria)
upstream Needed

xenial Does not exist

linux-oem
Launchpad, Ubuntu, Debian 		bionic
Released (4.15.0-1091.101)
disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Ignored
(was needs-triage now end-of-life)
linux-oem-5.10
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.10.0-1008.9)
groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-oem-5.13
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.13.0-1009.10)
hirsute Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-oem-5.6
Launchpad, Ubuntu, Debian 		bionic Does not exist

eoan Does not exist

focal Ignored
(was needed now end-of-life)
groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-oem-osp1
Launchpad, Ubuntu, Debian 		bionic
Released (5.0.0-1065.70)
disco Ignored
(reached end-of-life)
eoan Ignored
(reached end-of-life)
focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-oracle
Launchpad, Ubuntu, Debian 		bionic
Released (4.15.0-1048.52)
disco Ignored
(reached end-of-life)
eoan Ignored
(was pending \[5.3.0-1029.31\] now end-of-life)
focal
Released (5.4.0-1021.21)
groovy Not vulnerable
(5.4.0-1021.21)
hirsute Not vulnerable
(5.8.0-1014.14+21.04.1)
precise Does not exist

trusty Does not exist

upstream Needed

xenial
Released (4.15.0-1050.54~16.04.1)
linux-oracle-5.0
Launchpad, Ubuntu, Debian 		bionic Ignored
(was needed now end-of-life)
disco Does not exist

eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-oracle-5.11
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.11.0-1008.8~20.04.1)
hirsute Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-oracle-5.3
Launchpad, Ubuntu, Debian 		bionic
Released (5.3.0-1030.32~18.04.1)
eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-oracle-5.4
Launchpad, Ubuntu, Debian 		bionic
Released (5.4.0-1021.21~18.04.1)
focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-oracle-5.8
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.8.0-1031.32~20.04.2)
groovy Does not exist

hirsute Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-raspi
Launchpad, Ubuntu, Debian 		bionic Does not exist

eoan Does not exist

focal
Released (5.4.0-1015.15)
groovy Not vulnerable
(5.4.0-1015.15)
hirsute Not vulnerable
(5.8.0-1008.11+21.04.1)
precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-raspi-5.4
Launchpad, Ubuntu, Debian 		bionic
Released (5.4.0-1015.15~18.04.1)
focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian 		bionic
Released (4.15.0-1065.69)
disco Ignored
(reached end-of-life)
eoan Ignored
(was pending \[5.3.0-1029.31\] now end-of-life)
focal Ignored
(was needed now end-of-life)
groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Not vulnerable
(4.2.0-1013.19)
linux-raspi2-5.3
Launchpad, Ubuntu, Debian 		bionic
Released (5.3.0-1030.32~18.04.2)
eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-riscv
Launchpad, Ubuntu, Debian 		bionic Does not exist

eoan Does not exist

focal
Released (5.4.0-30.34)
groovy Not vulnerable
(5.4.0-30.34)
hirsute Not vulnerable
(5.8.0-10.12+21.04.1)
precise Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-riscv-5.11
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.11.0-1015.16~20.04.1)
hirsute Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-riscv-5.8
Launchpad, Ubuntu, Debian 		bionic Does not exist

focal Not vulnerable
(5.8.0-14.16~20.04.1)
groovy Does not exist

hirsute Does not exist

trusty Does not exist

upstream Needed

xenial Does not exist

linux-snapdragon
Launchpad, Ubuntu, Debian 		bionic
Released (4.15.0-1083.91)
disco Ignored
(reached end-of-life)
eoan Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

precise Does not exist

trusty Does not exist

upstream Needed

xenial Not vulnerable
(4.4.0-1013.15)

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading