1. Home
  2. Security Advisories
  3. Ubuntu
  4. USN-3652-1

[USN-3652-1] Linux kernel vulnerability

Severity Medium
Affected Packages 11
CVEs 1
Info Packages Vulnerabilities

The system could be made to expose sensitive information.

Jann Horn and Ken Johnson discovered that microprocessors utilizing
speculative execution of a memory read may allow unauthorized memory
reads via a sidechannel attack. This flaw is known as Spectre
Variant 4. A local attacker could use this to expose sensitive
information, including kernel memory.

Package Affected Version
pkg:deb/ubuntu/linux-image-unsigned-4.15.0-22-lowlatency?distro=bionic < 4.15.0-22.24
pkg:deb/ubuntu/linux-image-unsigned-4.15.0-22-generic?distro=bionic < 4.15.0-22.24
pkg:deb/ubuntu/linux-image-unsigned-4.15.0-1012-azure?distro=bionic < 4.15.0-1012.12
pkg:deb/ubuntu/linux-image-unsigned-4.15.0-1006-oem?distro=bionic < 4.15.0-1006.9
pkg:deb/ubuntu/linux-image-4.15.0-22-snapdragon?distro=bionic < 4.15.0-22.24
pkg:deb/ubuntu/linux-image-4.15.0-22-lowlatency?distro=bionic < 4.15.0-22.24
pkg:deb/ubuntu/linux-image-4.15.0-22-generic?distro=bionic < 4.15.0-22.24
pkg:deb/ubuntu/linux-image-4.15.0-22-generic-lpae?distro=bionic < 4.15.0-22.24
pkg:deb/ubuntu/linux-image-4.15.0-1010-kvm?distro=bionic < 4.15.0-1010.10
pkg:deb/ubuntu/linux-image-4.15.0-1009-aws?distro=bionic < 4.15.0-1009.9
pkg:deb/ubuntu/linux-image-4.15.0-1008-gcp?distro=bionic < 4.15.0-1008.8
ID
USN-3652-1
Severity
medium
URL
https://ubuntu.com/security/notices/USN-3652-1
Published
2018-05-22T03:30:03
(6 years ago)
Modified
2018-05-22T03:30:03
(6 years ago)
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:deb/ubuntu/linux-image-unsigned-4.15.0-22-lowlatency?distro=bionic ubuntu linux-image-unsigned-4.15.0-22-lowlatency < 4.15.0-22.24 bionic
Affected pkg:deb/ubuntu/linux-image-unsigned-4.15.0-22-generic?distro=bionic ubuntu linux-image-unsigned-4.15.0-22-generic < 4.15.0-22.24 bionic
Affected pkg:deb/ubuntu/linux-image-unsigned-4.15.0-1012-azure?distro=bionic ubuntu linux-image-unsigned-4.15.0-1012-azure < 4.15.0-1012.12 bionic
Affected pkg:deb/ubuntu/linux-image-unsigned-4.15.0-1006-oem?distro=bionic ubuntu linux-image-unsigned-4.15.0-1006-oem < 4.15.0-1006.9 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-22-snapdragon?distro=bionic ubuntu linux-image-4.15.0-22-snapdragon < 4.15.0-22.24 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-22-lowlatency?distro=bionic ubuntu linux-image-4.15.0-22-lowlatency < 4.15.0-22.24 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-22-generic?distro=bionic ubuntu linux-image-4.15.0-22-generic < 4.15.0-22.24 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-22-generic-lpae?distro=bionic ubuntu linux-image-4.15.0-22-generic-lpae < 4.15.0-22.24 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-1010-kvm?distro=bionic ubuntu linux-image-4.15.0-1010-kvm < 4.15.0-1010.10 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-1009-aws?distro=bionic ubuntu linux-image-4.15.0-1009-aws < 4.15.0-1009.9 bionic
Affected pkg:deb/ubuntu/linux-image-4.15.0-1008-gcp?distro=bionic ubuntu linux-image-4.15.0-1008-gcp < 4.15.0-1008.8 bionic
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date