CVE-2019-5489

2019-01-0700:00:00

ubuntu.com

CVSS2

2.1

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:L/AC:L/Au:N/C:P/I:N/A:N

CVSS3

5.5

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

EPSS

Percentile

10.1%

JSON

The mincore() implementation in mm/mincore.c in the Linux kernel through
4.19.13 allowed local attackers to observe page cache access patterns of
other processes on the same system, potentially allowing sniffing of secret
information. (Fixing this affects the output of the fincore program.)
Limited remote exploitation may be possible, as demonstrated by latency
differences in accessing public files from an Apache HTTP Server.

Notes

Author	Note
tyhicks	On 2018-01-06, a potential fix for this issue was committed in the upstream kernel git tree. The potential fix changes the behavior of the mincore(2) system call in ways that could possibly break userspace applications. The potential fix landed during the kernel’s “merge window” which allows for the change to mature and receive additional testing. Applying the potential fix to Ubuntu kernels, at this time, could potentially break some existing applications. Ubuntu will continue to monitor related changes in the upstream kernel and evaluate/test the potential fix.
sbeattie	v1 fix was reverted. v2 of fix is now 134fca9063ad4851de767d1768180e5dede9a881

Author

Note

tyhicks

On 2018-01-06, a potential fix for this issue was committed in the upstream kernel git tree. The potential fix changes the behavior of the mincore(2) system call in ways that could possibly break userspace applications. The potential fix landed during the kernel’s “merge window” which allows for the change to mature and receive additional testing. Applying the potential fix to Ubuntu kernels, at this time, could potentially break some existing applications. Ubuntu will continue to monitor related changes in the upstream kernel and evaluate/test the potential fix.

sbeattie

v1 fix was reverted. v2 of fix is now 134fca9063ad4851de767d1768180e5dede9a881

OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchlinux< 4.15.0-60.67UNKNOWN
ubuntu19.04noarchlinux< 5.0.0-25.26UNKNOWN
ubuntu16.04noarchlinux< 4.4.0-157.185UNKNOWN
ubuntu18.04noarchlinux-aws< 4.15.0-1047.49UNKNOWN
ubuntu16.04noarchlinux-aws< 4.4.0-1090.101UNKNOWN
ubuntu16.04noarchlinux-aws-hwe< 4.15.0-1047.49~16.04.1UNKNOWN
ubuntu18.04noarchlinux-azure< 5.0.0-1014.14~18.04.1UNKNOWN
ubuntu19.04noarchlinux-azure< 5.0.0-1014.14UNKNOWN
ubuntu16.04noarchlinux-azure< 4.15.0-1056.61UNKNOWN
ubuntu18.04noarchlinux-azure-edge< 5.0.0-1014.14~18.04.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	18.04	noarch	linux	< 4.15.0-60.67	UNKNOWN
ubuntu	19.04	noarch	linux	< 5.0.0-25.26	UNKNOWN
ubuntu	16.04	noarch	linux	< 4.4.0-157.185	UNKNOWN
ubuntu	18.04	noarch	linux-aws	< 4.15.0-1047.49	UNKNOWN
ubuntu	16.04	noarch	linux-aws	< 4.4.0-1090.101	UNKNOWN
ubuntu	16.04	noarch	linux-aws-hwe	< 4.15.0-1047.49~16.04.1	UNKNOWN
ubuntu	18.04	noarch	linux-azure	< 5.0.0-1014.14~18.04.1	UNKNOWN
ubuntu	19.04	noarch	linux-azure	< 5.0.0-1014.14	UNKNOWN
ubuntu	16.04	noarch	linux-azure	< 4.15.0-1056.61	UNKNOWN
ubuntu	18.04	noarch	linux-azure-edge	< 5.0.0-1014.14~18.04.1	UNKNOWN