4.6
CVSSv2

CVE-2019-15793

Published: 24/04/2020 Updated: 01/05/2020
CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9
CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2
Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Summary

USN-4184-1 fixed vulnerabilities in the Linux kernel. It exists that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. This update addresses both issues.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

linux linux kernel 5.0

linux linux kernel 5.3

canonical ubuntu linux 18.04

canonical ubuntu linux 19.04

Exploits

Tested on Ubuntu 1910, kernel "530-19-generic #20-Ubuntu" Ubuntu ships a filesystem "shiftfs" in fs/shiftfsc in the kernel tree that doesn't exist upstream This filesystem can be mounted from user namespaces, meaning that this is attack surface from unprivileged userspace in the default installation There are two memory safety bugs around ...

Mailing Lists

Ubuntu suffers from refcount underflow and type confusion vulnerabilities in shiftfs ...