OVAL Reference oval:com.ubuntu.disco:def:2019118330000000

Oval Definition:

oval:com.ubuntu.disco:def:2019118330000000

Revision Date:	2019-05-15	Version:	1
Title:	CVE-2019-11833 on Ubuntu 19.04 (disco) - medium.
Description:	fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem. It was discovered that the ext4 file system implementation in the Linux kernel did not properly zero out memory in some situations. A local attacker could use this to expose sensitive information (kernel memory).
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2019-11833
Platform(s):	Ubuntu 19.04	Product(s):
Definition Synopsis
Ubuntu 19.04 (disco) is installed. AND Package Information linux package in disco was vulnerable but has been fixed (note: '5.0.0-21.22'). OR linux-aws package in disco was vulnerable but has been fixed (note: '5.0.0-1011.12'). OR linux-azure package in disco was vulnerable but has been fixed (note: '5.0.0-1012.12'). OR linux-gcp package in disco was vulnerable but has been fixed (note: '5.0.0-1011.11'). OR linux-kvm package in disco was vulnerable but has been fixed (note: '5.0.0-1011.12'). OR linux-meta package in disco was vulnerable but has been fixed (note: '5.0.0-21.22'). OR linux-meta-aws package in disco was vulnerable but has been fixed (note: '5.0.0-1011.12'). OR linux-meta-azure package in disco was vulnerable but has been fixed (note: '5.0.0-1012.12'). OR linux-meta-gcp package in disco was vulnerable but has been fixed (note: '5.0.0-1011.11'). OR linux-meta-kvm package in disco was vulnerable but has been fixed (note: '5.0.0-1011.12'). OR linux-meta-oem package in disco was vulnerable but has been fixed (note: '4.15.0-1050.57'). OR linux-meta-oem-osp1 package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1015.16'). OR linux-meta-oracle package in disco was vulnerable but has been fixed (note: '4.15.0-1018.20'). OR linux-meta-raspi2 package in disco was vulnerable but has been fixed (note: '5.0.0-1013.13'). OR linux-oem package in disco was vulnerable but has been fixed (note: '4.15.0-1050.57'). OR linux-oem-osp1 package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1015.16'). OR linux-oracle package in disco was vulnerable but has been fixed (note: '4.15.0-1018.20'). OR linux-raspi2 package in disco was vulnerable but has been fixed (note: '5.0.0-1013.13'). OR linux-signed package in disco was vulnerable but has been fixed (note: '5.0.0-21.22'). OR linux-signed-azure package in disco was vulnerable but has been fixed (note: '5.0.0-1012.12'). OR linux-signed-gcp package in disco was vulnerable but has been fixed (note: '5.0.0-1011.11'). OR linux-signed-oem package in disco was vulnerable but has been fixed (note: '4.15.0-1050.57'). OR linux-signed-oem-osp1 package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1015.16'). OR linux-signed-oracle package in disco was vulnerable but has been fixed (note: '4.15.0-1018.20'). OR linux-snapdragon package in disco was vulnerable but has been fixed (note: '5.0.0-1017.18').

BACK