Oval Definition:oval:com.ubuntu.disco:def:2019148990000000
Revision Date:2019-12-11Version:1
Title:CVE-2019-14899 on Ubuntu 19.04 (disco) - low.
Description:A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiting, and determine the correct sequence and acknowledgement numbers in use, allowing the bad actor to inject data into the TCP stream. This provides everything that is needed for an attacker to hijack active connections inside the VPN tunnel.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2019-14899
Platform(s):Ubuntu 19.04
Product(s):
Definition Synopsis
  • Ubuntu 19.04 (disco) is installed.
  • AND Package Information
  • linux package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-aws package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-azure package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-gcp package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-kvm package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-meta package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-meta-aws package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-meta-azure package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-meta-gcp package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-meta-kvm package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-meta-oem package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-meta-oem-osp1 package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-meta-oracle package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-meta-raspi2 package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-oem package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-oem-osp1 package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-oracle package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-raspi2 package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-signed package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-signed-azure package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-signed-gcp package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-signed-oem package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-signed-oem-osp1 package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-signed-oracle package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
  • OR linux-snapdragon package in disco is affected, but a decision has been made to defer addressing it (note: '2019-12-13').
    • BACK