Oval Definition:oval:com.ubuntu.bionic:def:20197222000
Revision Date:2019-03-21Version:1
Title:CVE-2019-7222 on Ubuntu 18.04 LTS (bionic) - medium.
Description:The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak. Felix Wilhelm discovered that an information leak vulnerability existed in the KVM subsystem of the Linux kernel, when nested virtualization is used. A local attacker could use this to expose sensitive information (host system memory to a guest VM).
Family:unixClass:vulnerability
Status:Reference(s):CVE-2019-7222
Platform(s):Ubuntu 18.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 18.04 LTS (bionic) is installed.
  • AND Package Information
  • The 'linux' package in bionic was vulnerable but has been fixed (note: '4.15.0-47.50').
  • OR The 'linux-aws' package in bionic was vulnerable but has been fixed (note: '4.15.0-1035.37').
  • OR The 'linux-azure' package in bionic was vulnerable but has been fixed (note: '4.18.0-1014.14~18.04.1').
  • OR The 'linux-azure-edge' package in bionic was vulnerable but has been fixed (note: '4.18.0-1014.14~18.04.1').
  • OR The 'linux-gcp' package in bionic was vulnerable but has been fixed (note: '4.15.0-1029.31').
  • OR The 'linux-gcp-edge' package in bionic was vulnerable but has been fixed (note: '4.18.0-1008.9~18.04.1').
  • OR NOT While related to the CVE in some way, the 'linux-gke' package in bionic is not affected.
  • OR The 'linux-hwe' package in bionic was vulnerable but has been fixed (note: '4.18.0-17.18~18.04.1').
  • OR NOT While related to the CVE in some way, the 'linux-hwe-edge' package in bionic is not affected (note: '5.0.0-14.15~18.04.1').
  • OR The 'linux-kvm' package in bionic was vulnerable but has been fixed (note: '4.15.0-1031.31').
  • OR The 'linux-oem' package in bionic was vulnerable but has been fixed (note: '4.15.0-1035.40').
  • OR The 'linux-oracle' package in bionic was vulnerable but has been fixed (note: '4.15.0-1010.12').
  • OR The 'linux-raspi2' package in bionic was vulnerable but has been fixed (note: '4.15.0-1033.35').
  • OR The 'linux-snapdragon' package in bionic is affected. An update containing the fix has been completed and is pending publication (note: '4.15.0-1052.56').
    • BACK