Oval Definition:	oval:com.ubuntu.disco:def:2019190490000000
Revision Date: 2019-11-18 Version: 1 Title: CVE-2019-19049 on Ubuntu 19.04 (disco) - negligible. Description: ** DISPUTED ** A memory leak in the unittest_data_add() function in drivers/of/unittest.c in the Linux kernel before 5.3.10 allows attackers to cause a denial of service (memory consumption) by triggering of_fdt_unflatten_tree() failures, aka CID-e13de8fe0d6a. NOTE: third parties dispute the relevance of this because unittest.c can only be reached during boot. Family: unix Class: vulnerability Status: Reference(s): CVE-2019-19049 Platform(s): Ubuntu 19.04 Product(s): Definition Synopsis Ubuntu 19.04 (disco) is installed. AND Package Information linux package in disco is affected. An update containing the fix has been completed and is pending publication. OR linux-aws package in disco is affected and needs fixing. OR linux-azure package in disco is affected and needs fixing. OR linux-gcp package in disco is affected and needs fixing. OR linux-kvm package in disco is affected and needs fixing. OR linux-meta package in disco is affected. An update containing the fix has been completed and is pending publication. OR linux-meta-aws package in disco is affected and needs fixing. OR linux-meta-azure package in disco is affected and needs fixing. OR linux-meta-gcp package in disco is affected and needs fixing. OR linux-meta-kvm package in disco is affected and needs fixing. OR linux-meta-oem package in disco is affected and needs fixing. OR linux-meta-oem-osp1 package in disco is affected and needs fixing. OR linux-meta-oracle package in disco is affected and needs fixing. OR linux-meta-raspi2 package in disco is affected and needs fixing. OR linux-oem package in disco is affected and needs fixing. OR linux-oem-osp1 package in disco is affected and needs fixing. OR linux-oracle package in disco is affected and needs fixing. OR linux-raspi2 package in disco is affected and needs fixing. OR linux-signed package in disco is affected. An update containing the fix has been completed and is pending publication. OR linux-signed-azure package in disco is affected and needs fixing. OR linux-signed-gcp package in disco is affected and needs fixing. OR linux-signed-oem package in disco is affected and needs fixing. OR linux-signed-oem-osp1 package in disco is affected and needs fixing. OR linux-signed-oracle package in disco is affected and needs fixing. OR linux-snapdragon package in disco is affected and needs fixing.
BACK