UBUNTU-CVE-2019-18786

Advisory lineage Upstream: 1 Downstream: 4

Upstream

CVE-2019-18786

Downstream

USN-4284-1 USN-4285-1 USN-4287-1 USN-4287-2

Published: 06 Nov 2019, 03:15

Last modified:20 May 2026, 16:03

Vulnerability Summary

Overall Risk (default)

low

22/100

CVSS Score

5.5 MEDIUM

3.1 (osv_ubuntu)

EPSS Score

No data

KEV

Not listed

Ransomware

No reports

Public exploits

None found

Dark Web

Not detected

Timeline

06 Nov 2019, 03:15

Published

Vulnerability first disclosed

20 May 2026, 16:03

Last Modified

Vulnerability information updated

Description

In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem.

CVSS Metrics

v3.1•MEDIUM•Score: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Affected Systems

ubuntu•linux
all | < 4.15.0-88.88
ubuntu•linux-aws
all | < 4.15.0-1060.62
ubuntu•linux-aws-5.0
< 5.0.0-1025.28
ubuntu•linux-aws-hwe
< 4.15.0-1060.62~16.04.1
ubuntu•linux-azure
< 4.15.0-1071.76~14.04.1 | < 4.15.0-1071.76 | < 5.0.0-1032.34
ubuntu•linux-azure-5.3
< 5.3.0-1013.14~18.04.1
ubuntu•linux-azure-edge
all
ubuntu•linux-gcp
< 4.15.0-1055.59 | < 5.0.0-1031.32
ubuntu•linux-gcp-5.3
< 5.3.0-1012.13~18.04.1
ubuntu•linux-gcp-edge
all
ubuntu•linux-gke-4.15
< 4.15.0-1052.55
ubuntu•linux-gke-5.0
< 5.0.0-1030.31
ubuntu•linux-gke-5.3
< 5.3.0-1012.13~18.04.1
ubuntu•linux-hwe
< 4.15.0-88.88~16.04.1 | < 5.3.0-40.32~18.04.1
ubuntu•linux-hwe-edge
all | all
ubuntu•linux-kvm
< 4.15.0-1053.53
ubuntu•linux-lts-xenial
all
ubuntu•linux-oem
< 4.15.0-1073.83
ubuntu•linux-oem-osp1
< 5.0.0-1039.44
ubuntu•linux-oracle
< 4.15.0-1033.36~16.04.1 | < 4.15.0-1033.36
ubuntu•linux-oracle-5.0
< 5.0.0-1011.16
ubuntu•linux-raspi2
< 4.15.0-1055.59 | all
ubuntu•linux-raspi2-5.3
< 5.3.0-1018.20~18.04.1
ubuntu•linux-snapdragon
< 4.15.0-1072.79