CVE-2019-0804

Name	CVE-2019-0804
Description	An information disclosure vulnerability exists in the way Azure WaLinuxAgent creates swap files on resource disks, aka 'Azure Linux Agent Information Disclosure Vulnerability'.
Source	CVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-1709-1, DSA-4406-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
waagent (PTS)	bullseye	2.2.47-2	fixed
	bookworm	2.7.3.0-4.1	fixed
	trixie	2.12.0.2-3	fixed
	forky, sid	2.12.0.2-4	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Urgency	Origin	Debian Bugs
waagent	source	jessie	2.2.18-3~deb8u2		DLA-1709-1
waagent	source	stretch	2.2.18-3~deb9u2		DSA-4406-1
waagent	source	(unstable)	2.2.34-3