var-201906-0917
Vulnerability from variot
Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Intel Dual Band Wireless-AC 8260 contains a denial-of-service (DoS) vulnerability (CWE-400). Yusuke Ogawa of Cisco Systems G.K. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An attacker may be able to cause a denial-of-service (DoS). IntelPROSet/WirelessWiFiSoftwaredriver is a wireless network card driver from Intel Corporation of the United States. The vulnerability stems from a network system or product that does not properly restrict access to resources from unauthorized roles that an attacker could use to cause a denial of service. Intel PROSet/Wireless WiFi Software driver是美国英特尔(Intel)公司的一款无线网卡驱动程序. Intel PROSet/Wireless WiFi Software driver 21.10之前版本中存在访问控制错误漏洞。该漏洞源于网络系统或产品未正确限制来自未授权角色的资源访问。以下产品及版本受到影响:Intel Dual Band Wireless-AC 3160;Dual Band Wireless-AC 7260;Dual Band Wireless-N 7260;Wireless-N 7260;Dual Band Wireless-AC 7260 for Desktop;Dual Band Wireless-AC 7265 (Rev. C);Dual Band Wireless-N 7265 (Rev. C);Wireless-N 7265 (Rev. C);Dual Band Wireless-AC 3165;Dual Band Wireless-AC 7265 (Rev. D);Dual Band Wireless-N 7265 (Rev. D);Wireless-N 7265 (Rev. D);Dual Band Wireless-AC 3168;Tri-Band Wireless-AC 17265;Dual Band Wireless-AC 8260;Tri-Band Wireless-AC 18260;Dual Band Wireless-AC 8265;Dual Band Wireless-AC 8265 Desktop Kit;Tri-Band Wireless-AC 18265;Wireless-AC 9560;Wireless-AC 9461;Wireless-AC 9462;Wireless-AC 9260;Wi-Fi 6 AX200;Wi-Fi 6 AX201. An attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. (CVE-2019-11477)
Jonathan Looney discovered that the TCP retransmission queue implementation in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. (CVE-2019-14835)
Update instructions:
The problem can be corrected by updating your livepatches to the following versions:
| Kernel | Version | flavors | |--------------------------+----------+--------------------------| | 4.4.0-148.174 | 58.1 | lowlatency, generic | | 4.4.0-148.174~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-150.176 | 58.1 | generic, lowlatency | | 4.4.0-150.176~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-151.178 | 58.1 | lowlatency, generic | | 4.4.0-151.178~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-154.181 | 58.1 | lowlatency, generic | | 4.4.0-154.181~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-157.185 | 58.1 | lowlatency, generic | | 4.4.0-157.185~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-159.187 | 58.1 | lowlatency, generic | | 4.4.0-159.187~14.04.1 | 58.1 | generic, lowlatency | | 4.4.0-161.189 | 58.1 | lowlatency, generic | | 4.4.0-161.189~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-164.192 | 58.1 | lowlatency, generic | | 4.4.0-164.192~14.04.1 | 58.1 | lowlatency, generic | | 4.4.0-165.193 | 58.1 | generic, lowlatency | | 4.4.0-1083.93 | 58.1 | aws | | 4.4.0-1084.94 | 58.1 | aws | | 4.4.0-1085.96 | 58.1 | aws | | 4.4.0-1087.98 | 58.1 | aws | | 4.4.0-1088.99 | 58.1 | aws | | 4.4.0-1090.101 | 58.1 | aws | | 4.4.0-1092.103 | 58.1 | aws | | 4.4.0-1094.105 | 58.1 | aws | | 4.15.0-50.54 | 58.1 | generic, lowlatency | | 4.15.0-50.54~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-51.55 | 58.1 | generic, lowlatency | | 4.15.0-51.55~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-52.56 | 58.1 | lowlatency, generic | | 4.15.0-52.56~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-54.58 | 58.1 | generic, lowlatency | | 4.15.0-54.58~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-55.60 | 58.1 | generic, lowlatency | | 4.15.0-58.64 | 58.1 | generic, lowlatency | | 4.15.0-58.64~16.04.1 | 58.1 | lowlatency, generic | | 4.15.0-60.67 | 58.1 | lowlatency, generic | | 4.15.0-60.67~16.04.1 | 58.1 | generic, lowlatency | | 4.15.0-62.69 | 58.1 | generic, lowlatency | | 4.15.0-62.69~16.04.1 | 58.1 | lowlatency, generic | | 4.15.0-64.73 | 58.1 | generic, lowlatency | | 4.15.0-64.73~16.04.1 | 58.1 | lowlatency, generic | | 4.15.0-65.74 | 58.1 | lowlatency, generic | | 4.15.0-1038.43 | 58.1 | oem | | 4.15.0-1039.41 | 58.1 | aws | | 4.15.0-1039.44 | 58.1 | oem | | 4.15.0-1040.42 | 58.1 | aws | | 4.15.0-1041.43 | 58.1 | aws | | 4.15.0-1043.45 | 58.1 | aws | | 4.15.0-1043.48 | 58.1 | oem | | 4.15.0-1044.46 | 58.1 | aws | | 4.15.0-1045.47 | 58.1 | aws | | 4.15.0-1045.50 | 58.1 | oem | | 4.15.0-1047.49 | 58.1 | aws | | 4.15.0-1047.51 | 58.1 | azure | | 4.15.0-1048.50 | 58.1 | aws | | 4.15.0-1049.54 | 58.1 | azure | | 4.15.0-1050.52 | 58.1 | aws | | 4.15.0-1050.55 | 58.1 | azure | | 4.15.0-1050.57 | 58.1 | oem | | 4.15.0-1051.53 | 58.1 | aws | | 4.15.0-1051.56 | 58.1 | azure | | 4.15.0-1052.57 | 58.1 | azure | | 4.15.0-1055.60 | 58.1 | azure | | 4.15.0-1056.61 | 58.1 | azure | | 4.15.0-1056.65 | 58.1 | oem | | 4.15.0-1057.62 | 58.1 | azure | | 4.15.0-1057.66 | 58.1 | oem | | 4.15.0-1059.64 | 58.1 | azure | | 5.0.0-1014.14~18.04.1 | 58.1 | azure | | 5.0.0-1016.17~18.04.1 | 58.1 | azure | | 5.0.0-1018.19~18.04.1 | 58.1 | azure | | 5.0.0-1020.21~18.04.1 | 58.1 | azure |
Support Information:
Kernels older than the levels listed below do not receive livepatch updates. Please upgrade your kernel as soon as possible.
| Series | Version | Flavors | |------------------+------------------+--------------------------| | Ubuntu 18.04 LTS | 4.15.0-1039 | aws | | Ubuntu 16.04 LTS | 4.4.0-1083 | aws | | Ubuntu 18.04 LTS | 5.0.0-1000 | azure | | Ubuntu 16.04 LTS | 4.15.0-1047 | azure | | Ubuntu 18.04 LTS | 4.15.0-50 | generic lowlatency | | Ubuntu 16.04 LTS | 4.15.0-50 | generic lowlatency | | Ubuntu 14.04 LTS | 4.4.0-148 | generic lowlatency | | Ubuntu 18.04 LTS | 4.15.0-1038 | oem | | Ubuntu 16.04 LTS | 4.4.0-148 | generic lowlatency |
References: CVE-2016-10905, CVE-2018-20856, CVE-2018-20961, CVE-2018-20976, CVE-2018-21008, CVE-2019-0136, CVE-2019-2054, CVE-2019-2181, CVE-2019-3846, CVE-2019-10126, CVE-2019-10207, CVE-2019-11477, CVE-2019-11478, CVE-2019-11833, CVE-2019-12614, CVE-2019-14283, CVE-2019-14284, CVE-2019-14814, CVE-2019-14815, CVE-2019-14816, CVE-2019-14821, CVE-2019-14835
-- ubuntu-security-announce mailing list ubuntu-security-announce@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce . ========================================================================= Ubuntu Security Notice USN-4118-1 September 02, 2019
linux-aws vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Several security issues were fixed in the Linux kernel.
Software Description: - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems
Details:
It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. (CVE-2018-13053)
Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. (CVE-2018-13093)
Wen Xu discovered that the f2fs file system implementation in the Linux kernel did not properly validate metadata. (CVE-2018-13096, CVE-2018-13097, CVE-2018-13098, CVE-2018-13099, CVE-2018-13100, CVE-2018-14614, CVE-2018-14615, CVE-2018-14616)
Wen Xu and Po-Ning Tseng discovered that btrfs file system implementation in the Linux kernel did not properly validate metadata. (CVE-2018-14609, CVE-2018-14610, CVE-2018-14611, CVE-2018-14612, CVE-2018-14613)
Wen Xu discovered that the HFS+ filesystem implementation in the Linux kernel did not properly handle malformed catalog data in some situations. (CVE-2018-14617)
Vasily Averin and Pavel Tikhomirov discovered that the cleancache subsystem of the Linux kernel did not properly initialize new files in some situations. A local attacker could use this to expose sensitive information. (CVE-2018-16862)
Hui Peng and Mathias Payer discovered that the Option USB High Speed driver in the Linux kernel did not properly validate metadata received from the device. (CVE-2018-19985)
Hui Peng and Mathias Payer discovered that the USB subsystem in the Linux kernel did not properly handle size checks when handling an extra USB descriptor. (CVE-2018-20169)
Zhipeng Xie discovered that an infinite loop could triggered in the CFS Linux kernel process scheduler. (CVE-2018-20784)
It was discovered that a use-after-free error existed in the block layer subsystem of the Linux kernel when certain failure conditions occurred. (CVE-2018-20856)
Eli Biham and Lior Neumann discovered that the Bluetooth implementation in the Linux kernel did not properly validate elliptic curve parameters during Diffie-Hellman key exchange in some situations. An attacker could use this to expose sensitive information. (CVE-2018-5383)
It was discovered that the Intel wifi device driver in the Linux kernel did not properly validate certain Tunneled Direct Link Setup (TDLS). (CVE-2019-0136)
It was discovered that a heap buffer overflow existed in the Marvell Wireless LAN device driver for the Linux kernel. (CVE-2019-10126)
It was discovered that the Bluetooth UART implementation in the Linux kernel did not properly check for missing tty operations. (CVE-2019-10207)
Amit Klein and Benny Pinkas discovered that the Linux kernel did not sufficiently randomize IP ID values generated for connectionless networking protocols. A remote attacker could use this to track particular Linux devices. (CVE-2019-10638)
Amit Klein and Benny Pinkas discovered that the location of kernel addresses could exposed by the implementation of connection-less network protocols in the Linux kernel. A remote attacker could possibly use this to assist in the exploitation of another vulnerability in the Linux kernel. (CVE-2019-10639)
Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in the Linux kernel did not properly restrict mmap() ranges in some situations. (CVE-2019-11085)
It was discovered that an integer overflow existed in the Linux kernel when reference counting pages, leading to potential use-after-free issues. (CVE-2019-11487)
Jann Horn discovered that a race condition existed in the Linux kernel when performing core dumps. (CVE-2019-11599)
It was discovered that a null pointer dereference vulnerability existed in the LSI Logic MegaRAID driver in the Linux kernel. (CVE-2019-11810)
It was discovered that a race condition leading to a use-after-free existed in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel. The RDS protocol is blacklisted by default in Ubuntu. (CVE-2019-11815)
It was discovered that the ext4 file system implementation in the Linux kernel did not properly zero out memory in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-11833)
It was discovered that the Bluetooth Human Interface Device Protocol (HIDP) implementation in the Linux kernel did not properly verify strings were NULL terminated in certain situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2019-11884)
It was discovered that a NULL pointer dereference vulnerabilty existed in the Near-field communication (NFC) implementation in the Linux kernel. (CVE-2019-12818)
It was discovered that the MDIO bus devices subsystem in the Linux kernel improperly dropped a device reference in an error condition, leading to a use-after-free. (CVE-2019-12819)
It was discovered that a NULL pointer dereference vulnerability existed in the Near-field communication (NFC) implementation in the Linux kernel. (CVE-2019-12984)
Jann Horn discovered a use-after-free vulnerability in the Linux kernel when accessing LDT entries in some situations. (CVE-2019-13233)
Jann Horn discovered that the ptrace implementation in the Linux kernel did not properly record credentials in some situations. (CVE-2019-13272)
It was discovered that the GTCO tablet input driver in the Linux kernel did not properly bounds check the initial HID report sent by the device. (CVE-2019-13631)
It was discovered that the floppy driver in the Linux kernel did not properly validate meta data, leading to a buffer overread. (CVE-2019-14283)
It was discovered that the floppy driver in the Linux kernel did not properly validate ioctl() calls, leading to a division-by-zero. (CVE-2019-14284)
Tuba Yavuz discovered that a race condition existed in the DesignWare USB3 DRD Controller device driver in the Linux kernel. (CVE-2019-14763)
It was discovered that an out-of-bounds read existed in the QLogic QEDI iSCSI Initiator Driver in the Linux kernel. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-15090)
It was discovered that the Raremono AM/FM/SW radio device driver in the Linux kernel did not properly allocate memory, leading to a use-after-free. (CVE-2019-15211)
It was discovered at a double-free error existed in the USB Rio 500 device driver for the Linux kernel. (CVE-2019-15212)
It was discovered that a race condition existed in the Advanced Linux Sound Architecture (ALSA) subsystem of the Linux kernel, leading to a potential use-after-free. (CVE-2019-15214)
It was discovered that a race condition existed in the CPiA2 video4linux device driver for the Linux kernel, leading to a use-after-free. (CVE-2019-15215)
It was discovered that a race condition existed in the Softmac USB Prism54 device driver in the Linux kernel. (CVE-2019-15220)
It was discovered that a use-after-free vulnerability existed in the Appletalk implementation in the Linux kernel if an error occurs during initialization. (CVE-2019-15292)
It was discovered that the Empia EM28xx DVB USB device driver implementation in the Linux kernel contained a use-after-free vulnerability when disconnecting the device. (CVE-2019-2024)
It was discovered that the USB video device class implementation in the Linux kernel did not properly validate control bits, resulting in an out of bounds buffer read. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2019-2101)
It was discovered that the Marvell Wireless LAN device driver in the Linux kernel did not properly validate the BSS descriptor. (CVE-2019-3846)
Jason Wang discovered that an infinite loop vulnerability existed in the virtio net driver in the Linux kernel. (CVE-2019-3900)
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper B. Rasmussen discovered that the Bluetooth protocol BR/EDR specification did not properly require sufficiently strong encryption key lengths. A physicall proximate attacker could use this to expose sensitive information. (CVE-2019-9506)
It was discovered that the Appletalk IP encapsulation driver in the Linux kernel did not properly prevent kernel addresses from being copied to user space. A local attacker with the CAP_NET_ADMIN capability could use this to expose sensitive information. (CVE-2018-20511)
It was discovered that a race condition existed in the USB YUREX device driver in the Linux kernel. (CVE-2019-15216)
It was discovered that the Siano USB MDTV receiver device driver in the Linux kernel made improper assumptions about the device characteristics. (CVE-2019-15218)
It was discovered that the Line 6 POD USB device driver in the Linux kernel did not properly validate data size information from the device. (CVE-2019-15221)
Muyu Yu discovered that the CAN implementation in the Linux kernel in some situations did not properly restrict the field size when processing outgoing frames. A local attacker with CAP_NET_ADMIN privileges could use this to execute arbitrary code. (CVE-2019-3701)
Vladis Dronov discovered that the debug interface for the Linux kernel's HID subsystem did not properly validate passed parameters in some situations. (CVE-2019-3819)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 18.04 LTS: linux-image-4.15.0-1047-aws 4.15.0-1047.49 linux-image-aws 4.15.0.1047.46
Ubuntu 16.04 LTS: linux-image-4.15.0-1047-aws 4.15.0-1047.49~16.04.1 linux-image-aws-hwe 4.15.0.1047.47
After a standard system update you need to reboot your computer to make all the necessary changes.
ATTENTION: Due to an unavoidable ABI change the kernel updates have been given a new version number, which requires you to recompile and reinstall all third party kernel modules you might have installed. Unless you manually uninstalled the standard kernel metapackages (e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual, linux-powerpc), a standard system upgrade will automatically perform this as well.
References: https://usn.ubuntu.com/4118-1 CVE-2018-13053, CVE-2018-13093, CVE-2018-13096, CVE-2018-13097, CVE-2018-13098, CVE-2018-13099, CVE-2018-13100, CVE-2018-14609, CVE-2018-14610, CVE-2018-14611, CVE-2018-14612, CVE-2018-14613, CVE-2018-14614, CVE-2018-14615, CVE-2018-14616, CVE-2018-14617, CVE-2018-16862, CVE-2018-19985, CVE-2018-20169, CVE-2018-20511, CVE-2018-20784, CVE-2018-20856, CVE-2018-5383, CVE-2019-0136, CVE-2019-10126, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639, CVE-2019-11085, CVE-2019-11487, CVE-2019-11599, CVE-2019-11810, CVE-2019-11815, CVE-2019-11833, CVE-2019-11884, CVE-2019-12818, CVE-2019-12819, CVE-2019-12984, CVE-2019-13233, CVE-2019-13272, CVE-2019-13631, CVE-2019-14283, CVE-2019-14284, CVE-2019-14763, CVE-2019-15090, CVE-2019-15211, CVE-2019-15212, CVE-2019-15214, CVE-2019-15215, CVE-2019-15216, CVE-2019-15218, CVE-2019-15220, CVE-2019-15221, CVE-2019-15292, CVE-2019-2024, CVE-2019-2101, CVE-2019-3701, CVE-2019-3819, CVE-2019-3846, CVE-2019-3900, CVE-2019-9506
Package Information: https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1047.49 https://launchpad.net/ubuntu/+source/linux-aws-hwe/4.15.0-1047.49~16.04.1 . Unfortunately, as part of the update, a regression was introduced that caused a kernel crash when handling fragmented packets in some situations. This update addresses the issue.
We apologize for the inconvenience
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201906-0917",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 1.2,
"vendor": "intel",
"version": "7265"
},
{
"model": "dual band wireless-n",
"scope": "eq",
"trust": 1.2,
"vendor": "intel",
"version": "7265"
},
{
"model": "wireless-n",
"scope": "eq",
"trust": 1.2,
"vendor": "intel",
"version": "7265"
},
{
"model": "proset\\/wireless wifi",
"scope": "lt",
"trust": 1.0,
"vendor": "intel",
"version": "21.10"
},
{
"model": "accelerated storage manager",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "chipset device software",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "compute card",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "compute stick",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i3",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core i5",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "core x-series",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "nuc kit",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "omni-path fabric manager gui",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "pentium",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "processor 2000 series"
},
{
"model": "pentium",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "processor 3000 series"
},
{
"model": "pentium",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "processor g series"
},
{
"model": "proset/wireless software driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "raid web console v3",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "for windows"
},
{
"model": "sgx dcap linux driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "sgx linux client driver",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "turbo boost max technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "xeon",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "processor e7 v3 family"
},
{
"model": "xeon",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "processor e7 v5 family"
},
{
"model": "xeon",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "processor e7 v7 family"
},
{
"model": "ite tech* consumer infrared driver",
"scope": "eq",
"trust": 0.8,
"vendor": "intel",
"version": "for windows 10"
},
{
"model": "open cloud integrity technology",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "openattestation",
"scope": null,
"trust": 0.8,
"vendor": "intel",
"version": null
},
{
"model": "dual band wireless-ac 8260",
"scope": "lte",
"trust": 0.8,
"vendor": "intel",
"version": "windows10 driver version 20.50.1.1"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "3160"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "7260"
},
{
"model": "dual band wireless-ac for desktop",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "7260"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "3165"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "3168"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "8260"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "8265"
},
{
"model": "dual band wireless-ac desktop kit",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "8265"
},
{
"model": "dual band wireless-n",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "7260"
},
{
"model": "tri-band wireless-ac",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "18265"
},
{
"model": "tri-band wireless-ac",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "17265"
},
{
"model": "tri-band wireless-ac",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "18260"
},
{
"model": "wireless-ac",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "9560"
},
{
"model": "wireless-ac",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "9461"
},
{
"model": "wireless-ac",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "9462"
},
{
"model": "wireless-ac",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "9260"
},
{
"model": "wireless-n",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "7260"
},
{
"model": "wi-fi ax200",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "6"
},
{
"model": "wi-fi ax201",
"scope": "eq",
"trust": 0.6,
"vendor": "intel",
"version": "6"
},
{
"model": "wireless-n",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "72600"
},
{
"model": "wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "95600"
},
{
"model": "wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "94620"
},
{
"model": "wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "94610"
},
{
"model": "wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "92600"
},
{
"model": "wi-fi ax201",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "60"
},
{
"model": "wi-fi ax200",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "60"
},
{
"model": "tri-band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "182650"
},
{
"model": "tri-band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "182600"
},
{
"model": "tri-band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "172650"
},
{
"model": "proset/wireless wifi software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "20.120.1"
},
{
"model": "proset/wireless wifi software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "17.16"
},
{
"model": "proset/wireless wifi software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "16.1.1"
},
{
"model": "proset/wireless wifi software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "15.8"
},
{
"model": "proset/wireless wifi software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "21.0"
},
{
"model": "proset/wireless wifi software",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "20.100"
},
{
"model": "dual band wireless-n",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "72650"
},
{
"model": "dual band wireless-n",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "72600"
},
{
"model": "dual band wireless-ac desktop kit",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "82650"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "82650"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "82600"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "72650"
},
{
"model": "dual band wireless-ac for desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "72600"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "72600"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "31680"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "31650"
},
{
"model": "dual band wireless-ac",
"scope": "eq",
"trust": 0.3,
"vendor": "intel",
"version": "31600"
},
{
"model": "proset/wireless wifi software",
"scope": "ne",
"trust": 0.3,
"vendor": "intel",
"version": "21.10"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25748"
},
{
"db": "BID",
"id": "108777"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004980"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000046"
},
{
"db": "NVD",
"id": "CVE-2019-0136"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:intel:proset\\/wireless_wifi:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "21.10",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:linux:linux_kernel:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_10:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_7:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:microsoft:windows_8.1:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
},
{
"cpe23Uri": "cpe:2.3:o:google:chrome_os:-:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": false
}
],
"operator": "OR"
}
],
"cpe_match": [],
"operator": "AND"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0136"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Ubuntu,JPCERT",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-530"
}
],
"trust": 0.6
},
"cve": "CVE-2019-0136",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"impactScore": 2.9,
"integrityImpact": "NONE",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Adjacent Network",
"authentication": "None",
"author": "IPA",
"availabilityImpact": "Partial",
"baseScore": 3.3,
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-000046",
"impactScore": null,
"integrityImpact": "None",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "Low",
"trust": 0.8,
"userInteractionRequired": null,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "ADJACENT_NETWORK",
"authentication": "NONE",
"author": "CNVD",
"availabilityImpact": "PARTIAL",
"baseScore": 3.3,
"confidentialityImpact": "NONE",
"exploitabilityScore": 6.5,
"id": "CNVD-2019-25748",
"impactScore": 2.9,
"integrityImpact": "NONE",
"severity": "LOW",
"trust": 0.6,
"vectorString": "AV:A/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"exploitabilityScore": 2.8,
"impactScore": 4.0,
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Adjacent Network",
"author": "IPA",
"availabilityImpact": "Low",
"baseScore": 4.3,
"baseSeverity": "Medium",
"confidentialityImpact": "None",
"exploitabilityScore": null,
"id": "JVNDB-2019-000046",
"impactScore": null,
"integrityImpact": "None",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2019-0136",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "IPA",
"id": "JVNDB-2019-000046",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNVD",
"id": "CNVD-2019-25748",
"trust": 0.6,
"value": "LOW"
},
{
"author": "CNNVD",
"id": "CNNVD-201906-530",
"trust": 0.6,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25748"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000046"
},
{
"db": "NVD",
"id": "CVE-2019-0136"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-530"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Insufficient access control in the Intel(R) PROSet/Wireless WiFi Software driver before version 21.10 may allow an unauthenticated user to potentially enable denial of service via adjacent access. Intel Dual Band Wireless-AC 8260 contains a denial-of-service (DoS) vulnerability (CWE-400). Yusuke Ogawa of Cisco Systems G.K. reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning Partnership.An attacker may be able to cause a denial-of-service (DoS). IntelPROSet/WirelessWiFiSoftwaredriver is a wireless network card driver from Intel Corporation of the United States. The vulnerability stems from a network system or product that does not properly restrict access to resources from unauthorized roles that an attacker could use to cause a denial of service. Intel PROSet/Wireless WiFi Software driver\u662f\u7f8e\u56fd\u82f1\u7279\u5c14\uff08Intel\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u65e0\u7ebf\u7f51\u5361\u9a71\u52a8\u7a0b\u5e8f. \nIntel PROSet/Wireless WiFi Software driver 21.10\u4e4b\u524d\u7248\u672c\u4e2d\u5b58\u5728\u8bbf\u95ee\u63a7\u5236\u9519\u8bef\u6f0f\u6d1e\u3002\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u6b63\u786e\u9650\u5236\u6765\u81ea\u672a\u6388\u6743\u89d2\u8272\u7684\u8d44\u6e90\u8bbf\u95ee\u3002\u4ee5\u4e0b\u4ea7\u54c1\u53ca\u7248\u672c\u53d7\u5230\u5f71\u54cd\uff1aIntel Dual Band Wireless-AC 3160\uff1bDual Band Wireless-AC 7260\uff1bDual Band Wireless-N 7260\uff1bWireless-N 7260\uff1bDual Band Wireless-AC 7260 for Desktop\uff1bDual Band Wireless-AC 7265 (Rev. C)\uff1bDual Band Wireless-N 7265 (Rev. C)\uff1bWireless-N 7265 (Rev. C)\uff1bDual Band Wireless-AC 3165\uff1bDual Band Wireless-AC 7265 (Rev. D)\uff1bDual Band Wireless-N 7265 (Rev. D)\uff1bWireless-N 7265 (Rev. D)\uff1bDual Band Wireless-AC 3168\uff1bTri-Band Wireless-AC 17265\uff1bDual Band Wireless-AC 8260\uff1bTri-Band Wireless-AC 18260\uff1bDual Band Wireless-AC 8265\uff1bDual Band Wireless-AC 8265 Desktop Kit\uff1bTri-Band Wireless-AC 18265\uff1bWireless-AC 9560\uff1bWireless-AC 9461\uff1bWireless-AC 9462\uff1bWireless-AC 9260\uff1bWi-Fi 6 AX200\uff1bWi-Fi 6 AX201. \nAn attacker can exploit this issue to cause a denial-of-service condition, denying service to legitimate users. \n(CVE-2019-11477)\n\nJonathan Looney discovered that the TCP retransmission queue implementation\nin the Linux kernel could be fragmented when handling certain TCP Selective\nAcknowledgment (SACK) sequences. (CVE-2019-14835)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your livepatches to the following\nversions:\n\n| Kernel | Version | flavors |\n|--------------------------+----------+--------------------------|\n| 4.4.0-148.174 | 58.1 | lowlatency, generic |\n| 4.4.0-148.174~14.04.1 | 58.1 | lowlatency, generic |\n| 4.4.0-150.176 | 58.1 | generic, lowlatency |\n| 4.4.0-150.176~14.04.1 | 58.1 | lowlatency, generic |\n| 4.4.0-151.178 | 58.1 | lowlatency, generic |\n| 4.4.0-151.178~14.04.1 | 58.1 | generic, lowlatency |\n| 4.4.0-154.181 | 58.1 | lowlatency, generic |\n| 4.4.0-154.181~14.04.1 | 58.1 | generic, lowlatency |\n| 4.4.0-157.185 | 58.1 | lowlatency, generic |\n| 4.4.0-157.185~14.04.1 | 58.1 | generic, lowlatency |\n| 4.4.0-159.187 | 58.1 | lowlatency, generic |\n| 4.4.0-159.187~14.04.1 | 58.1 | generic, lowlatency |\n| 4.4.0-161.189 | 58.1 | lowlatency, generic |\n| 4.4.0-161.189~14.04.1 | 58.1 | lowlatency, generic |\n| 4.4.0-164.192 | 58.1 | lowlatency, generic |\n| 4.4.0-164.192~14.04.1 | 58.1 | lowlatency, generic |\n| 4.4.0-165.193 | 58.1 | generic, lowlatency |\n| 4.4.0-1083.93 | 58.1 | aws |\n| 4.4.0-1084.94 | 58.1 | aws |\n| 4.4.0-1085.96 | 58.1 | aws |\n| 4.4.0-1087.98 | 58.1 | aws |\n| 4.4.0-1088.99 | 58.1 | aws |\n| 4.4.0-1090.101 | 58.1 | aws |\n| 4.4.0-1092.103 | 58.1 | aws |\n| 4.4.0-1094.105 | 58.1 | aws |\n| 4.15.0-50.54 | 58.1 | generic, lowlatency |\n| 4.15.0-50.54~16.04.1 | 58.1 | generic, lowlatency |\n| 4.15.0-51.55 | 58.1 | generic, lowlatency |\n| 4.15.0-51.55~16.04.1 | 58.1 | generic, lowlatency |\n| 4.15.0-52.56 | 58.1 | lowlatency, generic |\n| 4.15.0-52.56~16.04.1 | 58.1 | generic, lowlatency |\n| 4.15.0-54.58 | 58.1 | generic, lowlatency |\n| 4.15.0-54.58~16.04.1 | 58.1 | generic, lowlatency |\n| 4.15.0-55.60 | 58.1 | generic, lowlatency |\n| 4.15.0-58.64 | 58.1 | generic, lowlatency |\n| 4.15.0-58.64~16.04.1 | 58.1 | lowlatency, generic |\n| 4.15.0-60.67 | 58.1 | lowlatency, generic |\n| 4.15.0-60.67~16.04.1 | 58.1 | generic, lowlatency |\n| 4.15.0-62.69 | 58.1 | generic, lowlatency |\n| 4.15.0-62.69~16.04.1 | 58.1 | lowlatency, generic |\n| 4.15.0-64.73 | 58.1 | generic, lowlatency |\n| 4.15.0-64.73~16.04.1 | 58.1 | lowlatency, generic |\n| 4.15.0-65.74 | 58.1 | lowlatency, generic |\n| 4.15.0-1038.43 | 58.1 | oem |\n| 4.15.0-1039.41 | 58.1 | aws |\n| 4.15.0-1039.44 | 58.1 | oem |\n| 4.15.0-1040.42 | 58.1 | aws |\n| 4.15.0-1041.43 | 58.1 | aws |\n| 4.15.0-1043.45 | 58.1 | aws |\n| 4.15.0-1043.48 | 58.1 | oem |\n| 4.15.0-1044.46 | 58.1 | aws |\n| 4.15.0-1045.47 | 58.1 | aws |\n| 4.15.0-1045.50 | 58.1 | oem |\n| 4.15.0-1047.49 | 58.1 | aws |\n| 4.15.0-1047.51 | 58.1 | azure |\n| 4.15.0-1048.50 | 58.1 | aws |\n| 4.15.0-1049.54 | 58.1 | azure |\n| 4.15.0-1050.52 | 58.1 | aws |\n| 4.15.0-1050.55 | 58.1 | azure |\n| 4.15.0-1050.57 | 58.1 | oem |\n| 4.15.0-1051.53 | 58.1 | aws |\n| 4.15.0-1051.56 | 58.1 | azure |\n| 4.15.0-1052.57 | 58.1 | azure |\n| 4.15.0-1055.60 | 58.1 | azure |\n| 4.15.0-1056.61 | 58.1 | azure |\n| 4.15.0-1056.65 | 58.1 | oem |\n| 4.15.0-1057.62 | 58.1 | azure |\n| 4.15.0-1057.66 | 58.1 | oem |\n| 4.15.0-1059.64 | 58.1 | azure |\n| 5.0.0-1014.14~18.04.1 | 58.1 | azure |\n| 5.0.0-1016.17~18.04.1 | 58.1 | azure |\n| 5.0.0-1018.19~18.04.1 | 58.1 | azure |\n| 5.0.0-1020.21~18.04.1 | 58.1 | azure |\n\nSupport Information:\n\nKernels older than the levels listed below do not receive livepatch\nupdates. Please upgrade your kernel as soon as possible. \n\n| Series | Version | Flavors |\n|------------------+------------------+--------------------------|\n| Ubuntu 18.04 LTS | 4.15.0-1039 | aws |\n| Ubuntu 16.04 LTS | 4.4.0-1083 | aws |\n| Ubuntu 18.04 LTS | 5.0.0-1000 | azure |\n| Ubuntu 16.04 LTS | 4.15.0-1047 | azure |\n| Ubuntu 18.04 LTS | 4.15.0-50 | generic lowlatency |\n| Ubuntu 16.04 LTS | 4.15.0-50 | generic lowlatency |\n| Ubuntu 14.04 LTS | 4.4.0-148 | generic lowlatency |\n| Ubuntu 18.04 LTS | 4.15.0-1038 | oem |\n| Ubuntu 16.04 LTS | 4.4.0-148 | generic lowlatency |\n\nReferences:\n CVE-2016-10905, CVE-2018-20856, CVE-2018-20961, CVE-2018-20976, \n CVE-2018-21008, CVE-2019-0136, CVE-2019-2054, CVE-2019-2181, \n CVE-2019-3846, CVE-2019-10126, CVE-2019-10207, CVE-2019-11477, \n CVE-2019-11478, CVE-2019-11833, CVE-2019-12614, CVE-2019-14283, \n CVE-2019-14284, CVE-2019-14814, CVE-2019-14815, CVE-2019-14816, \n CVE-2019-14821, CVE-2019-14835\n\n\n-- \nubuntu-security-announce mailing list\nubuntu-security-announce@lists.ubuntu.com\nModify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce\n. =========================================================================\nUbuntu Security Notice USN-4118-1\nSeptember 02, 2019\n\nlinux-aws vulnerabilities\n=========================================================================\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 18.04 LTS\n- Ubuntu 16.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in the Linux kernel. \n\nSoftware Description:\n- linux-aws: Linux kernel for Amazon Web Services (AWS) systems\n- linux-aws-hwe: Linux kernel for Amazon Web Services (AWS-HWE) systems\n\nDetails:\n\nIt was discovered that the alarmtimer implementation in the Linux kernel\ncontained an integer overflow vulnerability. (CVE-2018-13053)\n\nWen Xu discovered that the XFS filesystem implementation in the Linux\nkernel did not properly track inode validations. (CVE-2018-13093)\n\nWen Xu discovered that the f2fs file system implementation in the Linux\nkernel did not properly validate metadata. (CVE-2018-13096, CVE-2018-13097, CVE-2018-13098,\nCVE-2018-13099, CVE-2018-13100, CVE-2018-14614, CVE-2018-14615,\nCVE-2018-14616)\n\nWen Xu and Po-Ning Tseng discovered that btrfs file system implementation\nin the Linux kernel did not properly validate metadata. (CVE-2018-14609, CVE-2018-14610,\nCVE-2018-14611, CVE-2018-14612, CVE-2018-14613)\n\nWen Xu discovered that the HFS+ filesystem implementation in the Linux\nkernel did not properly handle malformed catalog data in some situations. (CVE-2018-14617)\n\nVasily Averin and Pavel Tikhomirov discovered that the cleancache subsystem\nof the Linux kernel did not properly initialize new files in some\nsituations. A local attacker could use this to expose sensitive\ninformation. (CVE-2018-16862)\n\nHui Peng and Mathias Payer discovered that the Option USB High Speed driver\nin the Linux kernel did not properly validate metadata received from the\ndevice. (CVE-2018-19985)\n\nHui Peng and Mathias Payer discovered that the USB subsystem in the Linux\nkernel did not properly handle size checks when handling an extra USB\ndescriptor. (CVE-2018-20169)\n\nZhipeng Xie discovered that an infinite loop could triggered in the CFS\nLinux kernel process scheduler. (CVE-2018-20784)\n\nIt was discovered that a use-after-free error existed in the block layer\nsubsystem of the Linux kernel when certain failure conditions occurred. (CVE-2018-20856)\n\nEli Biham and Lior Neumann discovered that the Bluetooth implementation in\nthe Linux kernel did not properly validate elliptic curve parameters during\nDiffie-Hellman key exchange in some situations. An attacker could use this\nto expose sensitive information. (CVE-2018-5383)\n\nIt was discovered that the Intel wifi device driver in the Linux kernel did\nnot properly validate certain Tunneled Direct Link Setup (TDLS). (CVE-2019-0136)\n\nIt was discovered that a heap buffer overflow existed in the Marvell\nWireless LAN device driver for the Linux kernel. (CVE-2019-10126)\n\nIt was discovered that the Bluetooth UART implementation in the Linux\nkernel did not properly check for missing tty operations. (CVE-2019-10207)\n\nAmit Klein and Benny Pinkas discovered that the Linux kernel did not\nsufficiently randomize IP ID values generated for connectionless networking\nprotocols. A remote attacker could use this to track particular Linux\ndevices. (CVE-2019-10638)\n\nAmit Klein and Benny Pinkas discovered that the location of kernel\naddresses could exposed by the implementation of connection-less network\nprotocols in the Linux kernel. A remote attacker could possibly use this to\nassist in the exploitation of another vulnerability in the Linux kernel. \n(CVE-2019-10639)\n\nAdam Zabrocki discovered that the Intel i915 kernel mode graphics driver in\nthe Linux kernel did not properly restrict mmap() ranges in some\nsituations. (CVE-2019-11085)\n\nIt was discovered that an integer overflow existed in the Linux kernel when\nreference counting pages, leading to potential use-after-free issues. (CVE-2019-11487)\n\nJann Horn discovered that a race condition existed in the Linux kernel when\nperforming core dumps. (CVE-2019-11599)\n\nIt was discovered that a null pointer dereference vulnerability existed in\nthe LSI Logic MegaRAID driver in the Linux kernel. (CVE-2019-11810)\n\nIt was discovered that a race condition leading to a use-after-free existed\nin the Reliable Datagram Sockets (RDS) protocol implementation in the Linux\nkernel. The RDS protocol is blacklisted by default in Ubuntu. (CVE-2019-11815)\n\nIt was discovered that the ext4 file system implementation in the Linux\nkernel did not properly zero out memory in some situations. A local\nattacker could use this to expose sensitive information (kernel memory). \n(CVE-2019-11833)\n\nIt was discovered that the Bluetooth Human Interface Device Protocol (HIDP)\nimplementation in the Linux kernel did not properly verify strings were\nNULL terminated in certain situations. A local attacker could use this to\nexpose sensitive information (kernel memory). (CVE-2019-11884)\n\nIt was discovered that a NULL pointer dereference vulnerabilty existed in\nthe Near-field communication (NFC) implementation in the Linux kernel. \n(CVE-2019-12818)\n\nIt was discovered that the MDIO bus devices subsystem in the Linux kernel\nimproperly dropped a device reference in an error condition, leading to a\nuse-after-free. (CVE-2019-12819)\n\nIt was discovered that a NULL pointer dereference vulnerability existed in\nthe Near-field communication (NFC) implementation in the Linux kernel. \n(CVE-2019-12984)\n\nJann Horn discovered a use-after-free vulnerability in the Linux kernel\nwhen accessing LDT entries in some situations. (CVE-2019-13233)\n\nJann Horn discovered that the ptrace implementation in the Linux kernel did\nnot properly record credentials in some situations. (CVE-2019-13272)\n\nIt was discovered that the GTCO tablet input driver in the Linux kernel did\nnot properly bounds check the initial HID report sent by the device. (CVE-2019-13631)\n\nIt was discovered that the floppy driver in the Linux kernel did not\nproperly validate meta data, leading to a buffer overread. \n(CVE-2019-14283)\n\nIt was discovered that the floppy driver in the Linux kernel did not\nproperly validate ioctl() calls, leading to a division-by-zero. \n(CVE-2019-14284)\n\nTuba Yavuz discovered that a race condition existed in the DesignWare USB3\nDRD Controller device driver in the Linux kernel. (CVE-2019-14763)\n\nIt was discovered that an out-of-bounds read existed in the QLogic QEDI\niSCSI Initiator Driver in the Linux kernel. A local attacker could possibly\nuse this to expose sensitive information (kernel memory). (CVE-2019-15090)\n\nIt was discovered that the Raremono AM/FM/SW radio device driver in the\nLinux kernel did not properly allocate memory, leading to a use-after-free. (CVE-2019-15211)\n\nIt was discovered at a double-free error existed in the USB Rio 500 device\ndriver for the Linux kernel. (CVE-2019-15212)\n\nIt was discovered that a race condition existed in the Advanced Linux Sound\nArchitecture (ALSA) subsystem of the Linux kernel, leading to a potential\nuse-after-free. \n(CVE-2019-15214)\n\nIt was discovered that a race condition existed in the CPiA2 video4linux\ndevice driver for the Linux kernel, leading to a use-after-free. (CVE-2019-15215)\n\nIt was discovered that a race condition existed in the Softmac USB Prism54\ndevice driver in the Linux kernel. (CVE-2019-15220)\n\nIt was discovered that a use-after-free vulnerability existed in the\nAppletalk implementation in the Linux kernel if an error occurs during\ninitialization. (CVE-2019-15292)\n\nIt was discovered that the Empia EM28xx DVB USB device driver\nimplementation in the Linux kernel contained a use-after-free vulnerability\nwhen disconnecting the device. (CVE-2019-2024)\n\nIt was discovered that the USB video device class implementation in the\nLinux kernel did not properly validate control bits, resulting in an out of\nbounds buffer read. A local attacker could use this to possibly expose\nsensitive information (kernel memory). (CVE-2019-2101)\n\nIt was discovered that the Marvell Wireless LAN device driver in the Linux\nkernel did not properly validate the BSS descriptor. (CVE-2019-3846)\n\nJason Wang discovered that an infinite loop vulnerability existed in the\nvirtio net driver in the Linux kernel. \n(CVE-2019-3900)\n\nDaniele Antonioli, Nils Ole Tippenhauer, and Kasper B. Rasmussen discovered\nthat the Bluetooth protocol BR/EDR specification did not properly require\nsufficiently strong encryption key lengths. A physicall proximate attacker\ncould use this to expose sensitive information. (CVE-2019-9506)\n\nIt was discovered that the Appletalk IP encapsulation driver in the Linux\nkernel did not properly prevent kernel addresses from being copied to user\nspace. A local attacker with the CAP_NET_ADMIN capability could use this to\nexpose sensitive information. (CVE-2018-20511)\n\nIt was discovered that a race condition existed in the USB YUREX device\ndriver in the Linux kernel. (CVE-2019-15216)\n\nIt was discovered that the Siano USB MDTV receiver device driver in the\nLinux kernel made improper assumptions about the device characteristics. (CVE-2019-15218)\n\nIt was discovered that the Line 6 POD USB device driver in the Linux kernel\ndid not properly validate data size information from the device. (CVE-2019-15221)\n\nMuyu Yu discovered that the CAN implementation in the Linux kernel in some\nsituations did not properly restrict the field size when processing\noutgoing frames. A local attacker with CAP_NET_ADMIN privileges could use\nthis to execute arbitrary code. (CVE-2019-3701)\n\nVladis Dronov discovered that the debug interface for the Linux kernel\u0027s\nHID subsystem did not properly validate passed parameters in some\nsituations. (CVE-2019-3819)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 18.04 LTS:\n linux-image-4.15.0-1047-aws 4.15.0-1047.49\n linux-image-aws 4.15.0.1047.46\n\nUbuntu 16.04 LTS:\n linux-image-4.15.0-1047-aws 4.15.0-1047.49~16.04.1\n linux-image-aws-hwe 4.15.0.1047.47\n\nAfter a standard system update you need to reboot your computer to make\nall the necessary changes. \n\nATTENTION: Due to an unavoidable ABI change the kernel updates have\nbeen given a new version number, which requires you to recompile and\nreinstall all third party kernel modules you might have installed. \nUnless you manually uninstalled the standard kernel metapackages\n(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,\nlinux-powerpc), a standard system upgrade will automatically perform\nthis as well. \n\nReferences:\n https://usn.ubuntu.com/4118-1\n CVE-2018-13053, CVE-2018-13093, CVE-2018-13096, CVE-2018-13097,\n CVE-2018-13098, CVE-2018-13099, CVE-2018-13100, CVE-2018-14609,\n CVE-2018-14610, CVE-2018-14611, CVE-2018-14612, CVE-2018-14613,\n CVE-2018-14614, CVE-2018-14615, CVE-2018-14616, CVE-2018-14617,\n CVE-2018-16862, CVE-2018-19985, CVE-2018-20169, CVE-2018-20511,\n CVE-2018-20784, CVE-2018-20856, CVE-2018-5383, CVE-2019-0136,\n CVE-2019-10126, CVE-2019-10207, CVE-2019-10638, CVE-2019-10639,\n CVE-2019-11085, CVE-2019-11487, CVE-2019-11599, CVE-2019-11810,\n CVE-2019-11815, CVE-2019-11833, CVE-2019-11884, CVE-2019-12818,\n CVE-2019-12819, CVE-2019-12984, CVE-2019-13233, CVE-2019-13272,\n CVE-2019-13631, CVE-2019-14283, CVE-2019-14284, CVE-2019-14763,\n CVE-2019-15090, CVE-2019-15211, CVE-2019-15212, CVE-2019-15214,\n CVE-2019-15215, CVE-2019-15216, CVE-2019-15218, CVE-2019-15220,\n CVE-2019-15221, CVE-2019-15292, CVE-2019-2024, CVE-2019-2101,\n CVE-2019-3701, CVE-2019-3819, CVE-2019-3846, CVE-2019-3900,\n CVE-2019-9506\n\nPackage Information:\n https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1047.49\n https://launchpad.net/ubuntu/+source/linux-aws-hwe/4.15.0-1047.49~16.04.1\n. Unfortunately, as part of the update,\na regression was introduced that caused a kernel crash when handling\nfragmented packets in some situations. This update addresses the issue. \n\nWe apologize for the inconvenience",
"sources": [
{
"db": "NVD",
"id": "CVE-2019-0136"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000046"
},
{
"db": "CNVD",
"id": "CNVD-2019-25748"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-530"
},
{
"db": "BID",
"id": "108777"
},
{
"db": "PACKETSTORM",
"id": "154951"
},
{
"db": "PACKETSTORM",
"id": "154315"
},
{
"db": "PACKETSTORM",
"id": "154695"
},
{
"db": "PACKETSTORM",
"id": "154326"
},
{
"db": "PACKETSTORM",
"id": "154740"
},
{
"db": "PACKETSTORM",
"id": "154446"
}
],
"trust": 3.51
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2019-0136",
"trust": 4.7
},
{
"db": "BID",
"id": "108777",
"trust": 2.5
},
{
"db": "JVN",
"id": "JVN75617741",
"trust": 2.4
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000046",
"trust": 2.0
},
{
"db": "PACKETSTORM",
"id": "154951",
"trust": 1.7
},
{
"db": "LENOVO",
"id": "LEN-27828",
"trust": 1.6
},
{
"db": "JVN",
"id": "JVNVU95572531",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004980",
"trust": 0.8
},
{
"db": "PACKETSTORM",
"id": "154326",
"trust": 0.7
},
{
"db": "CNVD",
"id": "CNVD-2019-25748",
"trust": 0.6
},
{
"db": "LENOVO",
"id": "LEN-27701",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2020.0766",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2022.0615",
"trust": 0.6
},
{
"db": "AUSCERT",
"id": "ESB-2019.3334",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201906-530",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "154315",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154695",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154740",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "154446",
"trust": 0.1
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25748"
},
{
"db": "BID",
"id": "108777"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004980"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000046"
},
{
"db": "PACKETSTORM",
"id": "154951"
},
{
"db": "PACKETSTORM",
"id": "154315"
},
{
"db": "PACKETSTORM",
"id": "154695"
},
{
"db": "PACKETSTORM",
"id": "154326"
},
{
"db": "PACKETSTORM",
"id": "154740"
},
{
"db": "PACKETSTORM",
"id": "154446"
},
{
"db": "NVD",
"id": "CVE-2019-0136"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-530"
}
]
},
"id": "VAR-201906-0917",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25748"
}
],
"trust": 1.1401698649999998
},
"iot_taxonomy": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"category": [
"Network device"
],
"sub_category": null,
"trust": 0.6
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25748"
}
]
},
"last_update_date": "2023-12-22T21:37:22.289000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "[INTEL-SA-00232] Intel PROSet/Wireless WiFi Software Advisory",
"trust": 1.6,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00232.html"
},
{
"title": "[INTEL-SA-00248] Open Cloud Integrity Technology and OpenAttestation Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00248.html"
},
{
"title": "[INTEL-SA-00257] Intel Omni-Path Fabric Manager GUI Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00257.html"
},
{
"title": "[INTEL-SA-00259] Intel RAID Web Console 3 for Windows* Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00259.html"
},
{
"title": "[INTEL-SA-00224] Intel Chipset Device Software (INF Update Utility) Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00224.html"
},
{
"title": "[INTEL-SA-00264] Intel NUC Firmware Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00264.html"
},
{
"title": "[INTEL-SA-00226] Intel Accelerated Storage Manager in Intel Rapid Storage Technology Enterprise Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00226.html"
},
{
"title": "[INTEL-SA-00206] ITE Tech* Consumer Infrared Driver for Windows 10 Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00206.html"
},
{
"title": "[INTEL-SA-00235] Intel SGX for Linux Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00235.html"
},
{
"title": "[INTEL-SA-00243] Intel Turbo Boost Max Technology 3.0 Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00243.html"
},
{
"title": "[INTEL-SA-00247] Partial Physical Address Leakage Advisory",
"trust": 0.8,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00247.html"
},
{
"title": "Downloads for Intel Dual Band Wireless-AC 8260",
"trust": 0.8,
"url": "https://downloadcenter.intel.com/en/product/86068"
},
{
"title": "IntelPROSet/WirelessWiFiSoftwaredriver Access Control Error Vulnerability Patch",
"trust": 0.6,
"url": "https://www.cnvd.org.cn/patchinfo/show/173035"
},
{
"title": "Intel PROSet/Wireless WiFi Software driver Fixes for access control error vulnerabilities",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=93761"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25748"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004980"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000046"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-530"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "NVD-CWE-noinfo",
"trust": 1.0
},
{
"problemtype": "CWE-Other",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2019-000046"
},
{
"db": "NVD",
"id": "CVE-2019-0136"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.8,
"url": "http://www.securityfocus.com/bid/108777"
},
{
"trust": 2.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0136"
},
{
"trust": 2.4,
"url": "http://jvn.jp/en/jp/jvn75617741/index.html"
},
{
"trust": 2.2,
"url": "https://usn.ubuntu.com/4115-1/"
},
{
"trust": 2.2,
"url": "https://usn.ubuntu.com/4147-1/"
},
{
"trust": 1.9,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00232.html"
},
{
"trust": 1.6,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0136"
},
{
"trust": 1.6,
"url": "http://packetstormsecurity.com/files/154951/kernel-live-patch-security-notice-lsn-0058-1.html"
},
{
"trust": 1.6,
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00014.html"
},
{
"trust": 1.6,
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00015.html"
},
{
"trust": 1.6,
"url": "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html"
},
{
"trust": 1.6,
"url": "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html"
},
{
"trust": 1.6,
"url": "https://support.lenovo.com/us/en/product_security/len-27828"
},
{
"trust": 1.6,
"url": "https://usn.ubuntu.com/4118-1/"
},
{
"trust": 1.6,
"url": "https://usn.ubuntu.com/4145-1/"
},
{
"trust": 1.2,
"url": "https://jvndb.jvn.jp/en/contents/2019/jvndb-2019-000046.html"
},
{
"trust": 1.2,
"url": "https://www.intel.com/content/www/us/en/security-center/advisory/in"
},
{
"trust": 0.9,
"url": "http://www.intel.com/"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0130"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0179"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11123"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0180"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11124"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0157"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0181"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11125"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0164"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0182"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11126"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11127"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0174"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0183"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11128"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0175"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11092"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11129"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-3702"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0177"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11117"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0128"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-0178"
},
{
"trust": 0.8,
"url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11119"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu95572531"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0128"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0178"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11119"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0130"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0179"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11123"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0180"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11124"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0157"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0181"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11125"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0164"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0182"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11126"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0174"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0183"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11127"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0175"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11092"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11128"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-3702"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-0177"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11117"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11129"
},
{
"trust": 0.6,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10207"
},
{
"trust": 0.6,
"url": "https://usn.ubuntu.com/4116-1/"
},
{
"trust": 0.6,
"url": "https://usn.ubuntu.com/4114-1/"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/zh/product_security/len-27828"
},
{
"trust": 0.6,
"url": "https://support.lenovo.com/us/en/product_security/len-27701"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2019.3334/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2020.0766/"
},
{
"trust": 0.6,
"url": "https://www.auscert.org.au/bulletins/esb-2022.0615"
},
{
"trust": 0.6,
"url": "https://packetstormsecurity.com/files/154326/ubuntu-security-notice-usn-4118-1.html"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13631"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11487"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15211"
},
{
"trust": 0.4,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15215"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14284"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14283"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15221"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11599"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15090"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20784"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15220"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-19985"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10639"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10638"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15218"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15212"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20856"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-10905"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-10126"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20976"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20961"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11810"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3819"
},
{
"trust": 0.2,
"url": "https://usn.ubuntu.com/4115-1"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-13648"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15292"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3701"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3900"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15216"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14763"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15214"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15926"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14815"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11478"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2181"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14821"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14835"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11477"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-3846"
},
{
"trust": 0.1,
"url": "https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14816"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-12614"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-21008"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11833"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-2054"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-14814"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1022.25~16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1022.25"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-60.67~16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1043.43"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gke-4.15/4.15.0-1041.43"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/4.15.0-60.67"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1056.61"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1041.43"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1044.47"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/4.4.0-1095.106"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.4.0-1123.132"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2017-18509"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.4.0-1059.66"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/4.4.0-165.193"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4145-1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/4.4.0-1127.135"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-16862"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14610"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4118-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14616"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-13098"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-13093"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20169"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14614"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-11085"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14611"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-13053"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1047.49"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14612"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-13099"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-20511"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-13100"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-14617"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws-hwe/4.15.0-1047.49~16.04.1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2018-5383"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15223"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/5.0.0-31.33"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15538"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4147-1"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15118"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15217"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15925"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-snapdragon/5.0.0-1023.24"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe/5.0.0-31.33~18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/5.0.0-1020.20"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-15117"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/5.0.0-1019.19"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2019-9506"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/5.0.0-1018.20"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/5.0.0-1022.23"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gke-5.0/5.0.0-1020.20~18.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/5.0.0-1019.20"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux/4.15.0-62.69"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1023.26"
},
{
"trust": 0.1,
"url": "https://launchpad.net/bugs/1842447"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-kvm/4.15.0-1044.44"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gke-4.15/4.15.0-1042.44"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-azure/4.15.0-1057.62"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-raspi2/4.15.0-1045.49"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-oracle/4.15.0-1023.26~16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-gcp/4.15.0-1042.44"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/4115-2"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-hwe/4.15.0-62.69~16.04.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws/4.15.0-1048.50"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/linux-aws-hwe/4.15.0-1048.50~16.04.1"
}
],
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25748"
},
{
"db": "BID",
"id": "108777"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004980"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000046"
},
{
"db": "PACKETSTORM",
"id": "154951"
},
{
"db": "PACKETSTORM",
"id": "154315"
},
{
"db": "PACKETSTORM",
"id": "154695"
},
{
"db": "PACKETSTORM",
"id": "154326"
},
{
"db": "PACKETSTORM",
"id": "154740"
},
{
"db": "PACKETSTORM",
"id": "154446"
},
{
"db": "NVD",
"id": "CVE-2019-0136"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-530"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "CNVD",
"id": "CNVD-2019-25748"
},
{
"db": "BID",
"id": "108777"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-004980"
},
{
"db": "JVNDB",
"id": "JVNDB-2019-000046"
},
{
"db": "PACKETSTORM",
"id": "154951"
},
{
"db": "PACKETSTORM",
"id": "154315"
},
{
"db": "PACKETSTORM",
"id": "154695"
},
{
"db": "PACKETSTORM",
"id": "154326"
},
{
"db": "PACKETSTORM",
"id": "154740"
},
{
"db": "PACKETSTORM",
"id": "154446"
},
{
"db": "NVD",
"id": "CVE-2019-0136"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-530"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-25748"
},
{
"date": "2019-06-11T00:00:00",
"db": "BID",
"id": "108777"
},
{
"date": "2019-06-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004980"
},
{
"date": "2019-07-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-000046"
},
{
"date": "2019-10-23T18:32:10",
"db": "PACKETSTORM",
"id": "154951"
},
{
"date": "2019-09-02T23:48:23",
"db": "PACKETSTORM",
"id": "154315"
},
{
"date": "2019-10-01T20:45:14",
"db": "PACKETSTORM",
"id": "154695"
},
{
"date": "2019-09-03T16:47:23",
"db": "PACKETSTORM",
"id": "154326"
},
{
"date": "2019-10-05T14:13:57",
"db": "PACKETSTORM",
"id": "154740"
},
{
"date": "2019-09-11T13:57:38",
"db": "PACKETSTORM",
"id": "154446"
},
{
"date": "2019-06-13T16:29:00.763000",
"db": "NVD",
"id": "CVE-2019-0136"
},
{
"date": "2019-06-11T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-530"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2019-08-04T00:00:00",
"db": "CNVD",
"id": "CNVD-2019-25748"
},
{
"date": "2019-06-11T00:00:00",
"db": "BID",
"id": "108777"
},
{
"date": "2019-06-13T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-004980"
},
{
"date": "2019-07-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2019-000046"
},
{
"date": "2020-08-24T17:37:01.140000",
"db": "NVD",
"id": "CVE-2019-0136"
},
{
"date": "2022-03-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201906-530"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote or local",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-530"
}
],
"trust": 0.6
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Intel PROSet/Wireless WiFi Software driver Access Control Error Vulnerability",
"sources": [
{
"db": "CNVD",
"id": "CNVD-2019-25748"
},
{
"db": "CNNVD",
"id": "CNNVD-201906-530"
}
],
"trust": 1.2
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "access control error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201906-530"
}
],
"trust": 0.6
}
}
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.