Vulnetix
Try Vulnetix Request Demo
CVE-2019-19927 PUBLISHED

In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on kernel.ubuntu.com), mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read access in ttm_put_pages in drivers/gpu/drm/ttm/ttm_page_alloc.c. This is related to the vmwgfx or ttm module.

EPSS 0.21% · 42.5th percentile

Risk Scores

EPSS Score
0.21%
42.5th percentile

Affected Products

VendorProductVersions
Ubuntu:18.04:LTSlinux-azure-edge5.0.0-1012.12~18.04.2, 4.18.0-1008.8~18.04.1, 0
Ubuntu:Pro:FIPS:18.04:LTSlinux-aws-fips0, 4.15.0-2000.4
Ubuntu:20.04:LTSlinux-gke5.4.0-1041.43, 5.4.0-1042.44, 5.4.0-1043.45
Ubuntu:Pro:FIPS-updates:18.04:LTSlinux-azure-fips4.15.0-1002.2, 0
Ubuntu:22.04:LTSlinux-realtime5.15.0-1032.35, 0
Ubuntu:18.04:LTSlinux-gke-4.154.15.0-1040.42, 4.15.0-1037.39, 4.15.0-1036.38
Ubuntu:22.04:LTSlinux-intel-iot-realtime0, 5.15.0-1073.75
Ubuntu:20.04:LTSlinux-riscv5.4.0-24.28, 5.4.0-39.44, 5.4.0-37.42
Ubuntu:16.04:LTSlinux-azure4.15.0-1052.57, 4.13.0-1018.21, 4.15.0-1013.13~16.04.2
Ubuntu:Pro:FIPS:18.04:LTSlinux-azure-fips0, 4.15.0-1002.2
Ubuntu:18.04:LTSlinux-hwe4.18.0-15.16~18.04.1, 4.18.0-14.15~18.04.1, 4.18.0-13.14~18.04.1
Ubuntu:16.04:LTSlinux-aws-hwe4.15.0-1036.38~16.04.1, 4.15.0-1041.43~16.04.1, 4.15.0-1043.45~16.04.1
Ubuntu:22.04:LTSlinux-riscv5.13.0-1007.7+22.04.1, 0, 5.13.0-1004.4
Ubuntu:20.04:LTSlinux-azure-fde5.4.0-1103.109+cvm1.1, 5.4.0-1069.72+cvm1.1, 0
Ubuntu:18.04:LTSlinux-snapdragon0, 4.4.0-1077.82, 4.4.0-1078.83
Ubuntu:18.04:LTSlinux-raspi24.15.0-1028.30, 4.15.0-1043.46, 4.15.0-1041.44
Ubuntu:16.04:LTSlinux-hwe4.13.0-38.43~16.04.1, 4.15.0-30.32~16.04.1, 4.15.0-29.31~16.04.1
Ubuntu:18.04:LTSlinux-gcp-edge4.18.0-1006.7~18.04.1, 0, 4.18.0-1007.8~18.04.1
Ubuntu:18.04:LTSlinux-oracle4.15.0-1015.17, 4.15.0-1021.23, 4.15.0-1017.19
Ubuntu:16.04:LTSlinux-hwe-edge0, 4.8.0-34.36~16.04.1, 4.10.0-14.16~16.04.1

…and 14 more

Timeline

References

Open in Interactive Console →