CVE-2019-3460

Published: 14 January 2019

A heap data infoleak in multiple locations including L2CAP_PARSE_CONF_RSP was found in the Linux kernel before 5.1-rc1.

From the Ubuntu security team

Shlomi Oberman, Yuli Shapiro, and Ran Menscher discovered an information leak in the Bluetooth implementation of the Linux kernel. An attacker within Bluetooth range could use this to expose sensitive information (kernel memory).

Priority

Medium

CVSS 3 base score: 6.5

Status

Package Release Status
linux
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (4.15.0-47.50)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.4.0-145.171)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (3.13.0-168.218)
Patches:
Introduced by 1da177e4c3f41524e886b7f1b8a0c1fc7321cac2
Fixed by af3d5d1c87664a4f150fcf3534c6567cb19909b0
linux-aws
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (4.15.0-1035.37)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.4.0-1079.89)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (4.4.0-1040.43)
linux-aws-hwe
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.15.0-1035.37~16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-azure
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (4.18.0-1014.14~18.04.1)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.15.0-1041.45)
Ubuntu 14.04 ESM (Trusty Tahr)
Released (4.15.0-1041.45~14.04.1)
linux-azure-edge
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (4.18.0-1014.14~18.04.1)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.15.0-1041.45)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-euclid
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Ignored
(was needs-triage ESM criteria)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-flo
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Ignored
(abandoned)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [abandoned])
linux-gcp
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (4.15.0-1029.31)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.15.0-1029.31~16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gcp-edge
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (4.18.0-1008.9~18.04.1)
Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-gke
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable

Ubuntu 16.04 LTS (Xenial Xerus) Ignored
(end-of-life)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-goldfish
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Ignored
(end-of-life)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [abandoned])
linux-grouper
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [abandoned])
linux-hwe
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (4.18.0-17.18~18.04.1)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.15.0-47.50~16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-hwe-edge
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Not vulnerable
(5.0.0-15.16~18.04.1)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.15.0-47.50~16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-kvm
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (4.15.0-1031.31)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.4.0-1043.49)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-trusty
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-lts-utopic
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [end-of-life])
linux-lts-vivid
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [end-of-life])
linux-lts-wily
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [end-of-life])
linux-lts-xenial
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr)
Released (4.4.0-144.170~14.04.1)
linux-maguro
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [abandoned])
linux-mako
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Ignored
(abandoned)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [abandoned])
linux-manta
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver) Does not exist

Ubuntu 16.04 LTS (Xenial Xerus) Does not exist

Ubuntu 14.04 ESM (Trusty Tahr) Does not exist
(trusty was ignored [abandoned])
linux-oem
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (4.15.0-1035.40)
Ubuntu 16.04 LTS (Xenial Xerus) Ignored
(was needs-triage now end-of-life)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-oracle
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (4.15.0-1010.12)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.15.0-1010.12~16.04.1)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-raspi2
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (4.15.0-1033.35)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.4.0-1106.114)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist

linux-snapdragon
Launchpad, Ubuntu, Debian
Upstream
Released (5.1~rc1)
Ubuntu 18.04 LTS (Bionic Beaver)
Released (4.15.0-1053.57)
Ubuntu 16.04 LTS (Xenial Xerus)
Released (4.4.0-1110.115)
Ubuntu 14.04 ESM (Trusty Tahr) Does not exist