CVE 2019-11487
The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h, include/
Related bugs and status
CVE-2019-11487 (Candidate) is related to these bugs:
Bug #1840081: Xenial update: 4.4.187 upstream stable release
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1840081 | Xenial update: 4.4.187 upstream stable release | linux (Ubuntu) | Undecided | Invalid | ||
1840081 | Xenial update: 4.4.187 upstream stable release | linux (Ubuntu Xenial) | Medium | Fix Released |
Bug #1840289: Xenial update: 4.4.188 upstream stable release
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1840289 | Xenial update: 4.4.188 upstream stable release | linux (Ubuntu) | Undecided | Invalid | ||
1840289 | Xenial update: 4.4.188 upstream stable release | linux (Ubuntu Xenial) | Medium | Fix Released |
Bug #1840335: Xenial update: 4.4.189 upstream stable release
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1840335 | Xenial update: 4.4.189 upstream stable release | linux (Ubuntu) | Undecided | Invalid | ||
1840335 | Xenial update: 4.4.189 upstream stable release | linux (Ubuntu Xenial) | Medium | Fix Released |
Bug #1840619: skb_warn_bad_offload kernel splat due to CHECKSUM target not compatible with GSO skbs
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1840619 | skb_warn_bad_offload kernel splat due to CHECKSUM target not compatible with GSO skbs | linux (Ubuntu) | Undecided | Fix Released | ||
1840619 | skb_warn_bad_offload kernel splat due to CHECKSUM target not compatible with GSO skbs | linux (Ubuntu Xenial) | Medium | Fix Released |
Bug #1841461: AWS: per-device block I/O timeout support
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1841461 | AWS: per-device block I/O timeout support | linux-aws (Ubuntu) | Undecided | In Progress | ||
1841461 | AWS: per-device block I/O timeout support | linux-aws (Ubuntu Xenial) | Undecided | Fix Released | ||
1841461 | AWS: per-device block I/O timeout support | linux-aws (Ubuntu Disco) | Undecided | Fix Released | ||
1841461 | AWS: per-device block I/O timeout support | linux-aws (Ubuntu Bionic) | Undecided | Fix Released |
Bug #1844166: linux-aws: update EFA driver to version 1.4.0
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1844166 | linux-aws: update EFA driver to version 1.4.0 | linux-aws (Ubuntu) | Undecided | In Progress | ||
1844166 | linux-aws: update EFA driver to version 1.4.0 | linux-aws (Ubuntu Bionic) | Undecided | Fix Released | ||
1844166 | linux-aws: update EFA driver to version 1.4.0 | linux-aws (Ubuntu Disco) | Undecided | Fix Released | ||
1844166 | linux-aws: update EFA driver to version 1.4.0 | linux-aws (Ubuntu Xenial) | Undecided | Fix Released |
Bug #1844406: xenial/linux-aws: 4.4.0-1095.106 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1844406 | xenial/linux-aws: 4.4.0-1095.106 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1844406 | xenial/linux-aws: 4.4.0-1095.106 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1844406 | xenial/linux-aws: 4.4.0-1095.106 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
1844406 | xenial/linux-aws: 4.4.0-1095.106 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1844406 | xenial/linux-aws: 4.4.0-1095.106 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1844406 | xenial/linux-aws: 4.4.0-1095.106 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1844406 | xenial/linux-aws: 4.4.0-1095.106 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
1844406 | xenial/linux-aws: 4.4.0-1095.106 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
1844406 | xenial/linux-aws: 4.4.0-1095.106 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
1844406 | xenial/linux-aws: 4.4.0-1095.106 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1844406 | xenial/linux-aws: 4.4.0-1095.106 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
1844406 | xenial/linux-aws: 4.4.0-1095.106 -proposed tracker | linux-aws (Ubuntu) | Undecided | Invalid | ||
1844406 | xenial/linux-aws: 4.4.0-1095.106 -proposed tracker | linux-aws (Ubuntu Xenial) | Medium | Fix Released |
Bug #1844407: xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1844407 | xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1844407 | xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1844407 | xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Invalid | ||
1844407 | xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1844407 | xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1844407 | xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1844407 | xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
1844407 | xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
1844407 | xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
1844407 | xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1844407 | xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
1844407 | xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker | linux-kvm (Ubuntu) | Undecided | Invalid | ||
1844407 | xenial/linux-kvm: 4.4.0-1059.66 -proposed tracker | linux-kvm (Ubuntu Xenial) | Medium | Fix Released |
Bug #1844409: xenial/linux-raspi2: 4.4.0-1123.132 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1844409 | xenial/linux-raspi2: 4.4.0-1123.132 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1844409 | xenial/linux-raspi2: 4.4.0-1123.132 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1844409 | xenial/linux-raspi2: 4.4.0-1123.132 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Fix Released | ||
1844409 | xenial/linux-raspi2: 4.4.0-1123.132 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1844409 | xenial/linux-raspi2: 4.4.0-1123.132 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1844409 | xenial/linux-raspi2: 4.4.0-1123.132 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1844409 | xenial/linux-raspi2: 4.4.0-1123.132 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
1844409 | xenial/linux-raspi2: 4.4.0-1123.132 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
1844409 | xenial/linux-raspi2: 4.4.0-1123.132 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Invalid | ||
1844409 | xenial/linux-raspi2: 4.4.0-1123.132 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1844409 | xenial/linux-raspi2: 4.4.0-1123.132 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
1844409 | xenial/linux-raspi2: 4.4.0-1123.132 -proposed tracker | linux-raspi2 (Ubuntu) | Undecided | Invalid | ||
1844409 | xenial/linux-raspi2: 4.4.0-1123.132 -proposed tracker | linux-raspi2 (Ubuntu Xenial) | Medium | Fix Released |
Bug #1844412: xenial/linux-snapdragon: 4.4.0-1127.135 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1844412 | xenial/linux-snapdragon: 4.4.0-1127.135 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1844412 | xenial/linux-snapdragon: 4.4.0-1127.135 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1844412 | xenial/linux-snapdragon: 4.4.0-1127.135 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Fix Released | ||
1844412 | xenial/linux-snapdragon: 4.4.0-1127.135 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1844412 | xenial/linux-snapdragon: 4.4.0-1127.135 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1844412 | xenial/linux-snapdragon: 4.4.0-1127.135 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1844412 | xenial/linux-snapdragon: 4.4.0-1127.135 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
1844412 | xenial/linux-snapdragon: 4.4.0-1127.135 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
1844412 | xenial/linux-snapdragon: 4.4.0-1127.135 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Invalid | ||
1844412 | xenial/linux-snapdragon: 4.4.0-1127.135 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1844412 | xenial/linux-snapdragon: 4.4.0-1127.135 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
1844412 | xenial/linux-snapdragon: 4.4.0-1127.135 -proposed tracker | linux-snapdragon (Ubuntu) | Undecided | Invalid | ||
1844412 | xenial/linux-snapdragon: 4.4.0-1127.135 -proposed tracker | linux-snapdragon (Ubuntu Xenial) | Medium | Fix Released |
Bug #1844416: xenial/linux: 4.4.0-165.193 -proposed tracker
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1844416 | xenial/linux: 4.4.0-165.193 -proposed tracker | Kernel SRU Workflow | Medium | Fix Released | ||
1844416 | xenial/linux: 4.4.0-165.193 -proposed tracker | Kernel SRU Workflow automated-testing | Medium | Fix Released | ||
1844416 | xenial/linux: 4.4.0-165.193 -proposed tracker | Kernel SRU Workflow certification-testing | Medium | Fix Released | ||
1844416 | xenial/linux: 4.4.0-165.193 -proposed tracker | Kernel SRU Workflow prepare-package | Medium | Fix Released | ||
1844416 | xenial/linux: 4.4.0-165.193 -proposed tracker | Kernel SRU Workflow prepare-package-meta | Medium | Fix Released | ||
1844416 | xenial/linux: 4.4.0-165.193 -proposed tracker | Kernel SRU Workflow prepare-package-signed | Medium | Fix Released | ||
1844416 | xenial/linux: 4.4.0-165.193 -proposed tracker | Kernel SRU Workflow promote-to-proposed | Medium | Fix Released | ||
1844416 | xenial/linux: 4.4.0-165.193 -proposed tracker | Kernel SRU Workflow promote-to-security | Medium | Fix Released | ||
1844416 | xenial/linux: 4.4.0-165.193 -proposed tracker | Kernel SRU Workflow promote-to-updates | Medium | Fix Released | ||
1844416 | xenial/linux: 4.4.0-165.193 -proposed tracker | Kernel SRU Workflow regression-testing | Medium | Fix Released | ||
1844416 | xenial/linux: 4.4.0-165.193 -proposed tracker | Kernel SRU Workflow security-signoff | Medium | Fix Released | ||
1844416 | xenial/linux: 4.4.0-165.193 -proposed tracker | Kernel SRU Workflow verification-testing | Medium | Fix Released | ||
1844416 | xenial/linux: 4.4.0-165.193 -proposed tracker | linux (Ubuntu) | Undecided | Invalid | ||
1844416 | xenial/linux: 4.4.0-165.193 -proposed tracker | linux (Ubuntu Xenial) | Medium | Fix Released |
Bug #1868628: Xenial update: 4.4.216 upstream stable release
Summary | In | Importance | Status | |||
---|---|---|---|---|---|---|
1868628 | Xenial update: 4.4.216 upstream stable release | linux (Ubuntu) | Undecided | Invalid | ||
1868628 | Xenial update: 4.4.216 upstream stable release | linux (Ubuntu Xenial) | Undecided | Fix Released |
See the
CVE page on Mitre.org
for more details.