Your submission was sent successfully! Close

CVE-2019-19049

Published: 18 November 2019

** DISPUTED ** A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the relevance of this because unittest.c can only be reached during boot.

Priority

Negligible

CVSS 3 base score: 7.5

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Not vulnerable
(option disabled)
eoan Not vulnerable
(option disabled)
precise Ignored
(was needs-triage ESM criteria)
trusty Ignored
(was needs-triage ESM criteria)
upstream
Released (5.4~rc5)
xenial Not vulnerable
(option disabled)
linux-aws
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Not vulnerable
(option disabled)
eoan Not vulnerable
(option disabled)
precise Does not exist

trusty Ignored
(was needs-triage ESM criteria)
upstream
Released (5.4~rc5)
xenial Not vulnerable
(option disabled)
linux-aws-5.0
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Does not exist

linux-aws-hwe
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Not vulnerable
(option disabled)
linux-azure
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Not vulnerable
(option disabled)
eoan Not vulnerable
(option disabled)
precise Does not exist

trusty Ignored
(was needs-triage ESM criteria)
upstream
Released (5.4~rc5)
xenial Not vulnerable
(option disabled)
linux-azure-5.3
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Does not exist

linux-azure-edge
Launchpad, Ubuntu, Debian
bionic Ignored
(was needs-triage now end-of-life)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Ignored
(was needs-triage now end-of-life)
linux-gcp
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Not vulnerable
(option disabled)
eoan Not vulnerable
(option disabled)
precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Not vulnerable
(option disabled)
linux-gcp-5.3
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Does not exist

linux-gcp-edge
Launchpad, Ubuntu, Debian
bionic Ignored
(was needs-triage now end-of-life)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Does not exist

linux-gke-4.15
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Does not exist

linux-gke-5.0
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Does not exist

linux-gke-5.3
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.3.0-1011.12~18.04.1)
eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Does not exist

linux-hwe
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Not vulnerable
(option disabled)
linux-hwe-edge
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Ignored
(was needs-triage now end-of-life)
linux-kvm
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Not vulnerable
(option disabled)
eoan Not vulnerable
(option disabled)
precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Not vulnerable
(option disabled)
linux-lts-trusty
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

eoan Does not exist

precise Ignored
(was needs-triage ESM criteria)
trusty Does not exist

upstream
Released (5.4~rc5)
xenial Does not exist

linux-lts-xenial
Launchpad, Ubuntu, Debian
bionic Does not exist

disco Does not exist

eoan Does not exist

precise Does not exist

trusty Ignored
(was needs-triage ESM criteria)
upstream
Released (5.4~rc5)
xenial Does not exist

linux-oem
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Not vulnerable
(option disabled)
eoan Not vulnerable
(option disabled)
precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Ignored
(was needs-triage now end-of-life)
linux-oem-5.4
Launchpad, Ubuntu, Debian
bionic Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Does not exist

linux-oem-osp1
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Not vulnerable
(option disabled)
eoan Not vulnerable
(option disabled)
precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Does not exist

linux-oracle
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Not vulnerable
(option disabled)
eoan Not vulnerable
(option disabled)
precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Not vulnerable
(option disabled)
linux-oracle-5.0
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Does not exist

eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Not vulnerable
(option disabled)
eoan Not vulnerable
(option disabled)
precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Not vulnerable
(option disabled)
linux-raspi2-5.3
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(5.3.0-1017.19~18.04.1)
eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Does not exist

linux-snapdragon
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(option disabled)
disco Not vulnerable
(option disabled)
eoan Does not exist

precise Does not exist

trusty Does not exist

upstream
Released (5.4~rc5)
xenial Not vulnerable
(option disabled)