VDB
CVE-2019-9453
CVE-2019-9453
PUBLISHED
In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.
EPSS 0.04% · 12.5th percentile
Risk Scores
EPSS Score
0.04%
12.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ubuntu:20.04:LTS | linux-azure-fde | *, *, * |
| Ubuntu:20.04:LTS | linux-raspi2 | 5.3.0-1007.8, 5.3.0-1015.17, 5.3.0-1014.16 |
| Ubuntu:18.04:LTS | linux-kvm | 4.15.0-1034.34, 0, 4.15.0-1002.2 |
| Ubuntu:18.04:LTS | linux-azure-edge | 0, 4.18.0-1006.6~18.04.1, 4.18.0-1007.7~18.04.1 |
| Ubuntu:Pro:14.04:LTS | linux-lts-xenial | 4.4.0-92.115~14.04.1, 4.4.0-91.114~14.04.1, 4.4.0-89.112~14.04.1 |
| Ubuntu:16.04:LTS | linux-kvm | 4.4.0-1033.39, 4.4.0-1032.38, 4.4.0-1031.37 |
| Ubuntu:18.04:LTS | linux-azure | 4.18.0-1020.20~18.04.1, 4.15.0-1037.39, 4.15.0-1035.36 |
| Ubuntu:18.04:LTS | linux-hwe | 4.18.0-14.15~18.04.1, 0, 5.0.0-25.26~18.04.1 |
| Ubuntu:18.04:LTS | linux-aws | 4.15.0-1032.34, 4.15.0-1037.39, 4.15.0-1039.41 |
| Ubuntu:22.04:LTS | linux-intel-iot-realtime | 5.15.0-1073.75, 0 |
| Ubuntu:16.04:LTS | linux-snapdragon | 4.4.0-1107.112, 4.4.0-1081.86, 4.4.0-1071.76 |
| Ubuntu:18.04:LTS | linux-gcp-edge | 5.0.0-1011.11~18.04.1, *, 0 |
| Ubuntu:18.04:LTS | linux-gke-4.15 | 4.15.0-1030.32, 0, 4.15.0-1032.34 |
| Ubuntu:18.04:LTS | linux-hwe-edge | 5.0.0-20.21~18.04.1, 5.0.0-19.20~18.04.1, 5.0.0-16.17~18.04.1 |
| Ubuntu:18.04:LTS | linux | 4.15.0-42.45, 4.15.0-43.46, 4.15.0-45.48 |
| Ubuntu:22.04:LTS | linux-riscv | 5.15.0-1020.23, 5.13.0-1004.4, 5.13.0-1006.6+22.04.1 |
| Ubuntu:24.04:LTS | linux-raspi-realtime | 0, 6.8.0-2019.20 |
| Ubuntu:18.04:LTS | linux-snapdragon | 4.15.0-1058.64, 4.15.0-1057.62, 4.4.0-1078.83 |
| Ubuntu:20.04:LTS | linux-gke | 5.4.0-1097.104, 0, 5.4.0-1036.38 |
| Ubuntu:18.04:LTS | linux-aws-5.0 | 5.0.0-1024.27~18.04.1, 5.0.0-1022.25~18.04.1, 5.0.0-1027.30 |
…and 26 more
Timeline
- Sep 6, 2019 CVE Published
- Apr 14, 2021 EPSS Score
- Jun 23, 2021 EPSS Score
- Aug 24, 2021 EPSS Score
- Dec 27, 2021 EPSS Score
- Jan 6, 2022 EPSS Score
- Feb 4, 2022 EPSS Score
- Feb 28, 2022 EPSS Score
- Apr 1, 2022 EPSS Score
- Jul 3, 2022 EPSS Score
- Sep 4, 2022 EPSS Score
- Nov 6, 2022 EPSS Score
References
- https://ubuntu.com/security/CVE-2019-9453 third-party-advisory
- https://git.kernel.org/linus/2777e654371dd4207a3a7f4fb5fa39550053a080 third-party-advisory
- https://source.android.com/security/bulletin/pixel/2019-09-01 third-party-advisory
- https://ubuntu.com/security/notices/USN-4527-1 vendor-advisory
- https://www.cve.org/CVERecord?id=CVE-2019-9453 third-party-advisory