UBUNTU-CVE-2019-9453
Vulnerability Summary
Timeline
Description
In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.
CVSS Metrics
- v3.1•MEDIUM•Score: 4.4CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N
Affected Systems
- ubuntu•linux
all | < 4.4.0-190.220 | < 4.15.0-60.67
- ubuntu•linux-aws
< 4.4.0-1078.82 | < 4.4.0-1114.127 | < 4.15.0-1047.49
- ubuntu•linux-aws-5.0
all
- ubuntu•linux-aws-fips
< 4.15.0-2018.18 | all
- ubuntu•linux-aws-hwe
< 4.15.0-1047.49~16.04.1
- ubuntu•linux-azure
< 4.15.0-1059.64~14.04.1 | < 4.15.0-1056.61 | all
- ubuntu•linux-azure-edge
all
- ubuntu•linux-azure-fde
all
- ubuntu•linux-azure-fips
< 4.15.0-2006.7 | all
- ubuntu•linux-bluefield
all
- ubuntu•linux-fips
< 4.4.0-1046.51 | all
- ubuntu•linux-gcp
< 4.15.0-1041.43 | all
- ubuntu•linux-gcp-edge
all
- ubuntu•linux-gcp-fips
all
- ubuntu•linux-gke
all
- ubuntu•linux-gke-4.15
< 4.15.0-1041.43
- ubuntu•linux-gke-5.0
< 5.0.0-1020.20~18.04.1
- ubuntu•linux-hwe
< 4.15.0-60.67~16.04.1 | < 5.0.0-31.33~18.04.1
- ubuntu•linux-hwe-edge
all | < 5.3.0-19.20~18.04.2
- ubuntu•linux-intel-iot-realtime
all
- ubuntu•linux-kvm
< 4.4.0-1080.87 | < 4.15.0-1043.43
- ubuntu•linux-lts-xenial
< 4.4.0-190.220~14.04.1
- ubuntu•linux-nvidia
all
- ubuntu•linux-oem
< 4.15.0-1056.65
- ubuntu•linux-oem-osp1
< 5.0.0-1024.27
- ubuntu•linux-oracle
< 4.15.0-1022.25~16.04.1 | < 4.15.0-1022.25
- ubuntu•linux-oracle-5.0
all
- ubuntu•linux-raspi-realtime
all
- ubuntu•linux-raspi2
< 4.4.0-1139.148 | < 4.15.0-1044.47 | all
- ubuntu•linux-realtime
all
- ubuntu•linux-riscv
all
- ubuntu•linux-snapdragon
< 4.4.0-1143.152 | < 4.15.0-1062.69