Published: 24/04/2020 Updated: 01/05/2020

CVSS v2 Base Score: 4.6 | Impact Score: 6.4 | Exploitability Score: 3.9

CVSS v3 Base Score: 8.8 | Impact Score: 6 | Exploitability Score: 2

VMScore: 465

Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P

USN-4184-1 fixed vulnerabilities in the Linux kernel. It exists that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. This update addresses both issues.

Vulnerable Product	Search on Vulmon	Subscribe to Product
linux linux kernel 5.0
linux linux kernel 5.3
canonical ubuntu linux 18.04
canonical ubuntu linux 19.04

Several issues were fixed in the Linux kernel ...

Several security issues were fixed in the Linux kernel ...

Tested on Ubuntu 1910, kernel "530-19-generic #20-Ubuntu" Ubuntu ships a filesystem "shiftfs" in fs/shiftfsc in the kernel tree that doesn't exist upstream This filesystem can be mounted from user namespaces, meaning that this is attack surface from unprivileged userspace in the default installation There are two memory safety bugs around ...

Ubuntu suffers from refcount underflow and type confusion vulnerabilities in shiftfs ...

CWE-276 https://usn.ubuntu.com/usn/usn-4183-1 https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/eoan/commit/?id=3644b9d5688da86f18e017c9c580b75cf52927bb https://usn.ubuntu.com/usn/usn-4184-1 https://nvd.nist.gov https://www.exploit-db.com/exploits/47693 https://usn.ubuntu.com/4184-2/

CVE-2019-15793

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

References

Vulmon Search

About

Products

Connect