USN-4210-1

Advisory lineage Upstream: 12 Downstream: 0
Published: 03 Dec 2019, 01:00
Last modified:03 Jun 2026, 13:33

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

03 Dec 2019, 01:00
Published
Vulnerability first disclosed
03 Jun 2026, 13:33
Last Modified
Vulnerability information updated

Description

linux, linux-aws, linux-aws-hwe, linux-gcp, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon vulnerabilities It was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-16746) Nicolas Waisman discovered that the WiFi driver stack in the Linux kernel did not properly validate SSID lengths. A physically proximate attacker could use this to cause a denial of service (system crash). (CVE-2019-17133) It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19060) It was discovered that the Intel OPA Gen1 Infiniband Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19065) It was discovered that the Cascoda CA8210 SPI 802.15.4 wireless controller driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19075) Nicolas Waisman discovered that the Chelsio T4/T5 RDMA Driver for the Linux kernel performed DMA from a kernel stack. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-17075)

Affected Systems

  • ubuntulinux

    < 4.15.0-72.81

  • ubuntulinux-aws

    < 4.15.0-1056.58

  • ubuntulinux-aws-hwe

    < 4.15.0-1056.58~16.04.1

  • ubuntulinux-gcp

    < 4.15.0-1050.53

  • ubuntulinux-gke-4.15

    < 4.15.0-1049.52

  • ubuntulinux-hwe

    < 4.15.0-72.81~16.04.1

  • ubuntulinux-kvm

    < 4.15.0-1051.51

  • ubuntulinux-oem

    < 4.15.0-1065.75

  • ubuntulinux-oracle

    < 4.15.0-1030.33~16.04.1 | < 4.15.0-1030.33

  • ubuntulinux-raspi2

    < 4.15.0-1052.56

  • ubuntulinux-snapdragon

    < 4.15.0-1069.76

References (7)