[USN-3656-1] Linux kernel (Raspberry Pi 2, Snapdragon) vulnerabilities
Several security issues were fixed in the Linux kernel.
Tuba Yavuz discovered that a double-free error existed in the USBTV007
driver of the Linux kernel. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2017-17975)
It was discovered that a race condition existed in the F2FS implementation
in the Linux kernel. A local attacker could use this to cause a denial of
service (system crash). (CVE-2017-18193)
It was discovered that a buffer overflow existed in the Hisilicon HNS
Ethernet Device driver in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2017-18222)
It was discovered that the netfilter subsystem in the Linux kernel did not
validate that rules containing jumps contained user-defined chains. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2018-1065)
It was discovered that the netfilter subsystem of the Linux kernel did not
properly validate ebtables offsets. A local attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2018-1068)
It was discovered that a null pointer dereference vulnerability existed in
the DCCP protocol implementation in the Linux kernel. A local attacker
could use this to cause a denial of service (system crash). (CVE-2018-1130)
It was discovered that the SCTP Protocol implementation in the Linux kernel
did not properly validate userspace provided payload lengths in some
situations. A local attacker could use this to cause a denial of service
(system crash). (CVE-2018-5803)
It was discovered that a double free error existed in the block layer
subsystem of the Linux kernel when setting up a request queue. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2018-7480)
It was discovered that a memory leak existed in the SAS driver subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service (memory exhaustion). (CVE-2018-7757)
It was discovered that a race condition existed in the x86 machine check
handler in the Linux kernel. A local privileged attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2018-7995)
Eyal Itkin discovered that the USB displaylink video adapter driver in the
Linux kernel did not properly validate mmap offsets sent from userspace. A
local attacker could use this to expose sensitive information (kernel
memory) or possibly execute arbitrary code. (CVE-2018-8781)
Silvio Cesare discovered a buffer overwrite existed in the NCPFS
implementation in the Linux kernel. A remote attacker controlling a
malicious NCPFS server could use this to cause a denial of service (system
crash) or possibly execute arbitrary code. (CVE-2018-8822)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-image-4.4.0-1093-snapdragon?distro=xenial | < 4.4.0-1093.98 |
pkg:deb/ubuntu/linux-image-4.4.0-1090-raspi2?distro=xenial | < 4.4.0-1090.98 |
- ID
- USN-3656-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-3656-1
- Published
-
2018-05-22T22:42:32
(6 years ago) - Modified
-
2018-05-22T22:42:32
(6 years ago) - Other Advisories
-
- ALAS-2018-1023
- ALAS-2018-971
- ALAS-2018-993
- ALAS2-2018-1023
- ALAS2-2018-971
- ALAS2-2018-994
- ALPINE:CVE-2018-7757
- DSA-4187-1
- DSA-4188-1
- ELSA-2018-1318
- ELSA-2018-1854
- ELSA-2018-3083
- ELSA-2018-4071
- ELSA-2018-4109
- ELSA-2018-4110
- ELSA-2018-4161
- ELSA-2018-4164
- ELSA-2018-4172
- ELSA-2018-4265
- ELSA-2018-4268
- ELSA-2018-4269
- ELSA-2019-4315
- ELSA-2019-4316
- FEDORA-2018-1c80fea1cd
- FEDORA-2018-1e033dc308
- FEDORA-2018-296bf0c332
- FEDORA-2018-2a0f8b2c9d
- FEDORA-2018-2bce10900e
- FEDORA-2018-2ee3411cb8
- FEDORA-2018-2f6df9abfb
- FEDORA-2018-49bda79bd5
- FEDORA-2018-4ca01704a2
- FEDORA-2018-6367a17aa3
- FEDORA-2018-79d7c3d2df
- FEDORA-2018-8484550fff
- FEDORA-2018-884a105c04
- FEDORA-2018-93c2e74446
- FEDORA-2018-94315e9a6b
- FEDORA-2018-959aac67a3
- FEDORA-2018-9d0e4e40b5
- FEDORA-2018-b57db4753c
- FEDORA-2018-b68776e5b0
- FEDORA-2018-b997780dca
- FEDORA-2018-bf60ec1389
- FEDORA-2018-c0a1284064
- FEDORA-2018-c449dc1c9c
- FEDORA-2018-cf76003e1f
- FEDORA-2018-d77cc41f35
- FEDORA-2018-e71875c4aa
- FEDORA-2018-e8f793bbfc
- RHSA-2018:1318
- RHSA-2018:1355
- RHSA-2018:1854
- RHSA-2018:3083
- RHSA-2018:3096
- SUSE-SU-2018:0785-1
- SUSE-SU-2018:0786-1
- SUSE-SU-2018:0834-1
- SUSE-SU-2018:0848-1
- SUSE-SU-2018:0986-1
- SUSE-SU-2018:0988-1
- SUSE-SU-2018:0989-1
- SUSE-SU-2018:0990-1
- SUSE-SU-2018:0992-1
- SUSE-SU-2018:0993-1
- SUSE-SU-2018:0994-1
- SUSE-SU-2018:0995-1
- SUSE-SU-2018:0996-1
- SUSE-SU-2018:0997-1
- SUSE-SU-2018:0998-1
- SUSE-SU-2018:0999-1
- SUSE-SU-2018:1000-1
- SUSE-SU-2018:1001-1
- SUSE-SU-2018:1002-1
- SUSE-SU-2018:1003-1
- SUSE-SU-2018:1004-1
- SUSE-SU-2018:1005-1
- SUSE-SU-2018:1006-1
- SUSE-SU-2018:1007-1
- SUSE-SU-2018:1008-1
- SUSE-SU-2018:1009-1
- SUSE-SU-2018:1010-1
- SUSE-SU-2018:1011-1
- SUSE-SU-2018:1012-1
- SUSE-SU-2018:1013-1
- SUSE-SU-2018:1014-1
- SUSE-SU-2018:1015-1
- SUSE-SU-2018:1016-1
- SUSE-SU-2018:1018-1
- SUSE-SU-2018:1019-1
- SUSE-SU-2018:1020-1
- SUSE-SU-2018:1021-1
- SUSE-SU-2018:1022-1
- SUSE-SU-2018:1023-1
- SUSE-SU-2018:1024-1
- SUSE-SU-2018:1025-1
- SUSE-SU-2018:1026-1
- SUSE-SU-2018:1027-1
- SUSE-SU-2018:1028-1
- SUSE-SU-2018:1029-1
- SUSE-SU-2018:1030-1
- SUSE-SU-2018:1031-1
- SUSE-SU-2018:1032-1
- SUSE-SU-2018:1033-1
- SUSE-SU-2018:1034-1
- SUSE-SU-2018:1048-1
- SUSE-SU-2018:1080-1
- SUSE-SU-2018:1172-1
- SUSE-SU-2018:1173-1
- SUSE-SU-2018:1173-2
- SUSE-SU-2018:1217-1
- SUSE-SU-2018:1220-1
- SUSE-SU-2018:1221-1
- SUSE-SU-2018:1309-1
- SUSE-SU-2018:1366-1
- SUSE-SU-2018:1505-1
- SUSE-SU-2018:1506-1
- SUSE-SU-2018:1509-1
- SUSE-SU-2018:1510-1
- SUSE-SU-2018:1511-1
- SUSE-SU-2018:1512-1
- SUSE-SU-2018:1513-1
- SUSE-SU-2018:1514-1
- SUSE-SU-2018:1516-1
- SUSE-SU-2018:1517-1
- SUSE-SU-2018:1518-1
- SUSE-SU-2018:1519-1
- SUSE-SU-2018:1520-1
- SUSE-SU-2018:1521-1
- SUSE-SU-2018:1522-1
- SUSE-SU-2018:1523-1
- SUSE-SU-2018:1524-1
- SUSE-SU-2018:1526-1
- SUSE-SU-2018:1528-1
- SUSE-SU-2018:1529-1
- SUSE-SU-2018:1530-1
- SUSE-SU-2018:1531-1
- SUSE-SU-2018:1532-1
- SUSE-SU-2018:1533-1
- SUSE-SU-2018:1534-1
- SUSE-SU-2018:1535-1
- SUSE-SU-2018:1536-1
- SUSE-SU-2018:1537-1
- SUSE-SU-2018:1538-1
- SUSE-SU-2018:1539-1
- SUSE-SU-2018:1540-1
- SUSE-SU-2018:1541-1
- SUSE-SU-2018:1543-1
- SUSE-SU-2018:1545-1
- SUSE-SU-2018:1546-1
- SUSE-SU-2018:1548-1
- SUSE-SU-2018:1549-1
- SUSE-SU-2018:1636-1
- SUSE-SU-2018:1637-1
- SUSE-SU-2018:1639-1
- SUSE-SU-2018:1640-1
- SUSE-SU-2018:1641-1
- SUSE-SU-2018:1642-1
- SUSE-SU-2018:1643-1
- SUSE-SU-2018:1644-1
- SUSE-SU-2018:1645-1
- SUSE-SU-2018:1648-1
- SUSE-SU-2018:1761-1
- SUSE-SU-2018:1762-1
- SUSE-SU-2018:1816-1
- SUSE-SU-2018:1855-1
- SUSE-SU-2018:1855-2
- SUSE-SU-2018:2092-1
- SUSE-SU-2018:2332-1
- SUSE-SU-2018:2366-1
- SUSE-SU-2018:2637-1
- SUSE-SU-2018:3003-1
- SUSE-SU-2018:3004-1
- SUSE-SU-2018:3084-1
- SUSE-SU-2018:3659-1
- SUSE-SU-2019:0095-1
- USN-3653-1
- USN-3653-2
- USN-3654-1
- USN-3654-2
- USN-3655-1
- USN-3655-2
- USN-3657-1
- USN-3674-1
- USN-3674-2
- USN-3677-1
- USN-3677-2
- USN-3697-1
- USN-3697-2
- USN-3698-1
- USN-3698-2
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-4.4.0-1093-snapdragon?distro=xenial | ubuntu | linux-image-4.4.0-1093-snapdragon | < 4.4.0-1093.98 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-1090-raspi2?distro=xenial | ubuntu | linux-image-4.4.0-1090-raspi2 | < 4.4.0-1090.98 | xenial |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |