| Revision Date: | 2019-03-27 | Version: | 1 | | Title: | CVE-2019-10124 on Ubuntu 16.04 LTS (xenial) - medium. | | Description: | An issue was discovered in the hwpoison implementation in mm/memory-failure.c in the Linux kernel before 5.0.4. When soft_offline_in_use_page() runs on a thp tail page after pmd is split, an attacker can cause a denial of service (BUG).
| | Family: | unix | Class: | vulnerability | | Status: | | Reference(s): | CVE-2019-10124
| | Platform(s): | Ubuntu 16.04 LTS
| Product(s): | | | Definition Synopsis | | Ubuntu 16.04 LTS (xenial) is installed. AND Package Information
linux-image-4.4.0-146-generic package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-4.4.0-146-generic-lpae package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-4.4.0-146-lowlatency package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-4.4.0-146-powerpc-e500mc package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-4.4.0-146-powerpc-smp package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-4.4.0-146-powerpc64-emb package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-4.4.0-146-powerpc64-smp package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-unsigned-4.4.0-146-generic package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-unsigned-4.4.0-146-lowlatency package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-4.4.0-1079-aws package in xenial, is related to the CVE in some way and has been fixed (note: '4.4.0-1001.10').
OR linux-image-4.15.0-1035-aws package in xenial is affected and needs fixing.
OR linux-image-unsigned-4.15.0-1042-azure package in xenial is affected and needs fixing.
OR linux-image-4.4.0-9029-euclid: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'was needs-triage ESM criteria').
OR linux-image-extra-4.4.0-9029-euclid: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'was needs-triage ESM criteria').
OR linux-image-3.4.0-5-flo: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'abandoned').
OR linux-image-unsigned-4.15.0-1029-gcp package in xenial is affected and needs fixing.
OR linux-image-4.4.0-1034-gke: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'end-of-life').
OR linux-image-extra-4.4.0-1034-gke: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'end-of-life').
OR linux-image-3.4.0-4-goldfish: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'end-of-life').
OR linux-image-4.15.0-48-generic package in xenial is affected and needs fixing.
OR linux-image-4.15.0-48-generic-lpae package in xenial is affected and needs fixing.
OR linux-image-4.15.0-48-lowlatency package in xenial is affected and needs fixing.
OR linux-image-unsigned-4.15.0-48-generic package in xenial is affected and needs fixing.
OR linux-image-unsigned-4.15.0-48-lowlatency package in xenial is affected and needs fixing.
OR linux-image-4.4.0-1044-kvm package in xenial, is related to the CVE in some way and has been fixed (note: '4.4.0-1004.9').
OR linux-image-3.4.0-7-mako: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'abandoned').
OR linux-image-extra-virtual package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-extra-virtual-lts-utopic package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-extra-virtual-lts-vivid package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-extra-virtual-lts-wily package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-extra-virtual-lts-xenial package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-generic package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-generic-lpae package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-generic-lpae-lts-utopic package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-generic-lpae-lts-vivid package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-generic-lpae-lts-wily package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-generic-lpae-lts-xenial package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-generic-lts-utopic package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-generic-lts-vivid package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-generic-lts-wily package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-generic-lts-xenial package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-hwe-generic-trusty package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-hwe-virtual-trusty package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-lowlatency package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-lowlatency-lts-utopic package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-lowlatency-lts-vivid package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-lowlatency-lts-wily package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-lowlatency-lts-xenial package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc-e500mc package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc-e500mc-lts-utopic package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc-e500mc-lts-vivid package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc-e500mc-lts-wily package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc-e500mc-lts-xenial package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc-smp package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc-smp-lts-utopic package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc-smp-lts-vivid package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc-smp-lts-wily package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc-smp-lts-xenial package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc64-emb package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc64-emb-lts-utopic package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc64-emb-lts-vivid package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc64-emb-lts-wily package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc64-emb-lts-xenial package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc64-smp package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc64-smp-lts-utopic package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc64-smp-lts-vivid package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc64-smp-lts-wily package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-powerpc64-smp-lts-xenial package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-virtual package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-virtual-lts-utopic package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-virtual-lts-vivid package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-virtual-lts-wily package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-virtual-lts-xenial package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-aws package in xenial, is related to the CVE in some way and has been fixed (note: '4.4.0-1001.10').
OR linux-image-aws-hwe package in xenial is affected and needs fixing.
OR linux-image-azure package in xenial is affected and needs fixing.
OR linux-image-gcp package in xenial is affected and needs fixing.
OR linux-image-gke package in xenial is affected and needs fixing.
OR linux-image-extra-virtual-hwe-16.04 package in xenial is affected and needs fixing.
OR linux-image-generic-hwe-16.04 package in xenial is affected and needs fixing.
OR linux-image-generic-lpae-hwe-16.04 package in xenial is affected and needs fixing.
OR linux-image-lowlatency-hwe-16.04 package in xenial is affected and needs fixing.
OR linux-image-oem package in xenial is affected and needs fixing.
OR linux-image-virtual-hwe-16.04 package in xenial is affected and needs fixing.
OR linux-image-kvm package in xenial, is related to the CVE in some way and has been fixed (note: '4.4.0-1004.9').
OR linux-image-oracle package in xenial is affected and needs fixing.
OR linux-image-raspi2 package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-1013.19').
OR linux-image-snapdragon package in xenial, is related to the CVE in some way and has been fixed (note: '4.4.0-1012.12').
OR linux-image-4.13.0-1032-oem: while related to the CVE in some way, a decision has been made to ignore this issue (note: 'was needs-triage now end-of-life').
OR linux-image-unsigned-4.15.0-1011-oracle package in xenial is affected and needs fixing.
OR linux-image-4.4.0-1107-raspi2 package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-1013.19').
OR linux-image-4.4.0-146-generic package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-4.4.0-146-lowlatency package in xenial, is related to the CVE in some way and has been fixed (note: '4.2.0-16.19').
OR linux-image-4.15.0-1042-azure package in xenial is affected and needs fixing.
OR linux-image-4.15.0-1030-gcp package in xenial is affected and needs fixing.
OR linux-image-4.15.0-48-generic package in xenial is affected and needs fixing.
OR linux-image-4.15.0-48-lowlatency package in xenial is affected and needs fixing.
OR linux-image-4.15.0-1011-oracle package in xenial is affected and needs fixing.
OR linux-image-4.4.0-1111-snapdragon package in xenial, is related to the CVE in some way and has been fixed (note: '4.4.0-1012.12').
|
|