CVE-2019-19080
Publication date 18 November 2019
Last updated 24 July 2024
Ubuntu priority
Four memory leaks in the nfp_flower_spawn_phy_reprs() function in drivers/net/ethernet/netronome/nfp/flower/main.c in the Linux kernel before 5.3.4 allow attackers to cause a denial of service (memory consumption), aka CID-8572cea1461a.
Status
| Package | Ubuntu Release | Status |
|---|---|---|
| linux | 20.04 LTS focal |
Not affected
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Ignored was needs-triage ESM criteria | |
| linux-aws | 20.04 LTS focal |
Not affected
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Ignored was needs-triage ESM criteria | |
| linux-aws-5.0 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-aws-hwe | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Not in release | |
| linux-azure | 20.04 LTS focal |
Not affected
|
| 18.04 LTS bionic |
Fixed 5.0.0-1025.27~18.04.1
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Ignored was needs-triage ESM criteria | |
| linux-azure-5.3 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-azure-edge | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic | Ignored end of life, was needs-triage | |
| 16.04 LTS xenial | Ignored end of standard support, was needs-triage | |
| 14.04 LTS trusty | Not in release | |
| linux-gcp | 20.04 LTS focal |
Not affected
|
| 18.04 LTS bionic |
Fixed 5.0.0-1025.26~18.04.1
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Not in release | |
| linux-gcp-5.3 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gcp-edge | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic | Ignored end of life, was needs-triage | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gke-4.15 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gke-5.0 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.0.0-1025.26~18.04.1
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-gke-5.3 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-hwe | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.0.0-35.38~18.04.1
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Not in release | |
| linux-hwe-edge | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic | Ignored end of life, was pending | |
| 16.04 LTS xenial | Ignored end of life, was needs-triage | |
| 14.04 LTS trusty | Not in release | |
| linux-kvm | 20.04 LTS focal |
Not affected
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Not in release | |
| linux-lts-trusty | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-lts-xenial | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Ignored was needs-triage ESM criteria | |
| linux-oem | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Ignored end of standard support, was needs-triage | |
| 14.04 LTS trusty | Not in release | |
| linux-oem-5.6 | 20.04 LTS focal |
Not affected
|
| 18.04 LTS bionic | Not in release | |
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oem-osp1 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Fixed 5.0.0-1027.31
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oracle | 20.04 LTS focal |
Not affected
|
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Not in release | |
| linux-oracle-5.0 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-oracle-5.3 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-raspi2 | 20.04 LTS focal | Ignored end of life, was needed |
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Not in release | |
| linux-raspi2-5.3 | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial | Not in release | |
| 14.04 LTS trusty | Not in release | |
| linux-snapdragon | 20.04 LTS focal | Not in release |
| 18.04 LTS bionic |
Not affected
|
|
| 16.04 LTS xenial |
Not affected
|
|
| 14.04 LTS trusty | Not in release |
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score |
5.9 · Medium
|
| Attack vector | Network |
| Attack complexity | High |
| Privileges required | None |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | None |
| Integrity impact | None |
| Availability impact | High |
| Vector | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |