Oval Definition:	oval:com.ubuntu.disco:def:2019188050000000
Revision Date: 2019-11-07 Version: 1 Title: CVE-2019-18805 on Ubuntu 19.04 (disco) - low. Description: An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6. Family: unix Class: vulnerability Status: Reference(s): CVE-2019-18805 Platform(s): Ubuntu 19.04 Product(s): Definition Synopsis Ubuntu 19.04 (disco) is installed. AND Package Information linux package in disco was vulnerable but has been fixed (note: '5.0.0-21.22'). OR linux-aws package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1011.12'). OR linux-azure package in disco was vulnerable but has been fixed (note: '5.0.0-1012.12'). OR linux-gcp package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1011.11'). OR linux-kvm package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1011.12'). OR linux-meta package in disco was vulnerable but has been fixed (note: '5.0.0-21.22'). OR linux-meta-aws package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1011.12'). OR linux-meta-azure package in disco was vulnerable but has been fixed (note: '5.0.0-1012.12'). OR linux-meta-gcp package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1011.11'). OR linux-meta-kvm package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1011.12'). OR linux-meta-oem package in disco is affected. An update containing the fix has been completed and is pending publication (note: '4.15.0-1056.65'). OR linux-meta-oem-osp1 package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1015.16'). OR linux-meta-oracle package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1004.8'). OR linux-meta-raspi2 package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1013.13'). OR linux-oem package in disco is affected. An update containing the fix has been completed and is pending publication (note: '4.15.0-1056.65'). OR linux-oem-osp1 package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1015.16'). OR linux-oracle package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1004.8'). OR linux-raspi2 package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1013.13'). OR linux-signed package in disco was vulnerable but has been fixed (note: '5.0.0-21.22'). OR linux-signed-azure package in disco was vulnerable but has been fixed (note: '5.0.0-1012.12'). OR linux-signed-gcp package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1011.11'). OR linux-signed-oem package in disco is affected. An update containing the fix has been completed and is pending publication (note: '4.15.0-1056.65'). OR linux-signed-oem-osp1 package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1015.16'). OR linux-signed-oracle package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1004.8'). OR linux-snapdragon package in disco is affected. An update containing the fix has been completed and is pending publication (note: '5.0.0-1017.18').
BACK