VDB
CVE-2019-19533
CVE-2019-19533
PUBLISHED
In the Linux kernel before 5.3.4, there is an info-leak bug that can be caused by a malicious USB device in the drivers/media/usb/ttusb-dec/ttusb_dec.c driver, aka CID-a10feaf8c464.
EPSS 0.05% · 17.3th percentile
Risk Scores
EPSS Score
0.05%
17.3th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:16.04:LTS | linux-aws-hwe | 4.15.0-1044.46~16.04.1, 4.15.0-1030.31~16.04.1, 4.15.0-1051.53~16.04.1 |
| Ubuntu:18.04:LTS | linux-hwe-edge | 0, 5.0.0-15.16~18.04.1, 5.0.0-20.21~18.04.1 |
| Ubuntu:16.04:LTS | linux-raspi2 | 4.4.0-1100.108, 4.4.0-1101.109, 4.4.0-1102.110 |
| Ubuntu:20.04:LTS | linux-azure-fde | 5.4.0-1103.109+cvm1.1, 5.4.0-1063.66+cvm2.2, 5.4.0-1064.67+cvm1.1 |
| Ubuntu:24.04:LTS | linux-raspi-realtime | 0, 6.8.0-2019.20 |
| Ubuntu:18.04:LTS | linux | 4.15.0-43.46, 4.15.0-46.49, 4.15.0-47.50 |
| Ubuntu:22.04:LTS | linux-realtime | 0, 5.15.0-1032.35 |
| Ubuntu:16.04:LTS | linux-snapdragon | 4.4.0-1046.50, 0, 4.4.0-1013.14 |
| Ubuntu:18.04:LTS | linux-hwe | 5.0.0-27.28~18.04.1, 5.0.0-29.31~18.04.1, 5.0.0-31.33~18.04.1 |
| Ubuntu:16.04:LTS | linux | 4.4.0-62.83, 4.4.0-53.74, 4.4.0-51.72 |
| Ubuntu:16.04:LTS | linux-oracle | 4.15.0-1025.28~16.04.1, 4.15.0-1022.25~16.04.1, 4.15.0-1021.23~16.04.1 |
| Ubuntu:18.04:LTS | linux-kvm | 4.15.0-1044.44, 4.15.0-1031.31, 4.15.0-1032.32 |
| Ubuntu:20.04:LTS | linux-raspi2 | 5.3.0-1014.16, 5.3.0-1007.8, 5.3.0-1017.19 |
| Ubuntu:18.04:LTS | linux-gke-4.15 | 4.15.0-1046.49, 0, 4.15.0-1030.32 |
| Ubuntu:18.04:LTS | linux-azure | *, 4.15.0-1012.12, 4.15.0-1036.38 |
| Ubuntu:Pro:14.04:LTS | linux-aws | 4.4.0-1022.22, 4.4.0-1011.11, 4.4.0-1037.40 |
| Ubuntu:18.04:LTS | linux-raspi2 | 4.13.0-1005.5, 4.13.0-1008.8, 4.15.0-1006.7 |
| Ubuntu:Pro:FIPS-updates:18.04:LTS | linux-aws-fips | 0, 4.15.0-2000.4 |
| Ubuntu:Pro:14.04:LTS | linux-lts-xenial | 4.4.0-142.168~14.04.1, 4.4.0-140.166~14.04.1, 4.4.0-139.165~14.04.1 |
| Ubuntu:Pro:FIPS:18.04:LTS | linux-gcp-fips | 4.15.0-1001.1, 0 |
…and 24 more
Timeline
- Dec 3, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Oct 26, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- May 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2019-19533 third-party-advisory
- https://git.kernel.org/linus/a10feaf8c464c3f9cfdd3a8a7ce17e1c0d498da1 third-party-advisory
- http://www.openwall.com/lists/oss-security/2019/12/03/4 third-party-advisory
- https://cdn.kernel.org/pub/linux/kernel/v5.x/ChangeLog-5.3.4 third-party-advisory
- https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=a10feaf8c464c3f9cfdd3a8a7ce17e1c0d498da1 third-party-advisory
- https://www.cve.org/CVERecord?id=CVE-2019-19533 third-party-advisory