[USN-3696-1] Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel.
It was discovered that an integer overflow existed in the perf subsystem of
the Linux kernel. A local attacker could use this to cause a denial of
service (system crash). (CVE-2017-18255)
Wei Fang discovered an integer overflow in the F2FS filesystem
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service. (CVE-2017-18257)
It was discovered that an information leak existed in the generic SCSI
driver in the Linux kernel. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-1000204)
It was discovered that the wait4() system call in the Linux kernel did not
properly validate its arguments in some situations. A local attacker could
possibly use this to cause a denial of service. (CVE-2018-10087)
It was discovered that the kill() system call implementation in the Linux
kernel did not properly validate its arguments in some situations. A local
attacker could possibly use this to cause a denial of service.
(CVE-2018-10124)
Julian Stecklina and Thomas Prescher discovered that FPU register states
(such as MMX, SSE, and AVX registers) which are lazily restored are
potentially vulnerable to a side channel attack. A local attacker could use
this to expose sensitive information. (CVE-2018-3665)
Jakub Jirasek discovered that multiple use-after-free errors existed in the
USB/IP implementation in the Linux kernel. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2018-5814)
It was discovered that an information leak vulnerability existed in the
floppy driver in the Linux kernel. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2018-7755)
Seunghun Han discovered an information leak in the ACPI handling code in
the Linux kernel when handling early termination of ACPI table loading. A
local attacker could use this to expose sensitive informal (kernel address
locations). (CVE-2017-13695)
It was discovered that a memory leak existed in the Serial Attached SCSI
(SAS) implementation in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (memory exhaustion).
(CVE-2018-10021)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-image-extra-4.4.0-130-generic?distro=xenial | < 4.4.0-130.156 |
pkg:deb/ubuntu/linux-image-4.4.0-130-powerpc64-smp?distro=xenial | < 4.4.0-130.156 |
pkg:deb/ubuntu/linux-image-4.4.0-130-powerpc64-emb?distro=xenial | < 4.4.0-130.156 |
pkg:deb/ubuntu/linux-image-4.4.0-130-powerpc-smp?distro=xenial | < 4.4.0-130.156 |
pkg:deb/ubuntu/linux-image-4.4.0-130-powerpc-e500mc?distro=xenial | < 4.4.0-130.156 |
pkg:deb/ubuntu/linux-image-4.4.0-130-lowlatency?distro=xenial | < 4.4.0-130.156 |
pkg:deb/ubuntu/linux-image-4.4.0-130-generic?distro=xenial | < 4.4.0-130.156 |
pkg:deb/ubuntu/linux-image-4.4.0-130-generic-lpae?distro=xenial | < 4.4.0-130.156 |
pkg:deb/ubuntu/linux-image-4.4.0-1095-snapdragon?distro=xenial | < 4.4.0-1095.100 |
pkg:deb/ubuntu/linux-image-4.4.0-1092-raspi2?distro=xenial | < 4.4.0-1092.100 |
pkg:deb/ubuntu/linux-image-4.4.0-1062-aws?distro=xenial | < 4.4.0-1062.71 |
pkg:deb/ubuntu/linux-image-4.4.0-1029-kvm?distro=xenial | < 4.4.0-1029.34 |
- ID
- USN-3696-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-3696-1
- Published
-
2018-07-02T19:42:17
(6 years ago) - Modified
-
2018-07-02T19:42:17
(6 years ago) - Other Advisories
-
- ALAS-2019-1279
- ALAS2-2019-1279
- ALPINE:CVE-2018-3665
- DSA-4188-1
- DSA-4232-1
- DSA-4308-1
- ELSA-2018-1852
- ELSA-2018-2164
- ELSA-2018-4134
- ELSA-2018-4144
- ELSA-2018-4145
- ELSA-2018-4161
- ELSA-2018-4164
- ELSA-2018-4172
- ELSA-2018-4227
- ELSA-2018-4242
- ELSA-2018-4245
- ELSA-2018-4246
- ELSA-2018-4250
- ELSA-2018-4288
- ELSA-2018-4299
- ELSA-2018-4300
- ELSA-2018-4301
- ELSA-2018-4304
- ELSA-2019-2029
- ELSA-2019-4315
- ELSA-2019-4316
- ELSA-2019-4509
- FEDORA-2017-6764d16965
- FEDORA-2017-a3a8638a60
- FEDORA-2018-1a467757ce
- FEDORA-2018-1c80fea1cd
- FEDORA-2018-1e033dc308
- FEDORA-2018-2a0f8b2c9d
- FEDORA-2018-2ee3411cb8
- FEDORA-2018-2f6df9abfb
- FEDORA-2018-49bda79bd5
- FEDORA-2018-4ca01704a2
- FEDORA-2018-6367a17aa3
- FEDORA-2018-683dfde81a
- FEDORA-2018-73dd8de892
- FEDORA-2018-79d7c3d2df
- FEDORA-2018-7c2e0a998d
- FEDORA-2018-8484550fff
- FEDORA-2018-884a105c04
- FEDORA-2018-8d90571cdf
- FEDORA-2018-915602df63
- FEDORA-2018-93c2e74446
- FEDORA-2018-94315e9a6b
- FEDORA-2018-9d0e4e40b5
- FEDORA-2018-a7862a75f5
- FEDORA-2018-b57db4753c
- FEDORA-2018-b68776e5b0
- FEDORA-2018-b997780dca
- FEDORA-2018-c0a1284064
- FEDORA-2018-c449dc1c9c
- FEDORA-2018-d3cb6f113c
- FEDORA-2018-d77cc41f35
- FEDORA-2018-e71875c4aa
- FEDORA-2018-e8f793bbfc
- FEDORA-2018-f20a0cead5
- FEDORA-2018-fe24359b69
- FEDORA-2019-bce6498890
- FREEBSD:4E07D94F-75A5-11E8-85D1-A4BADB2F4699
- RHSA-2018:1852
- RHSA-2018:1944
- RHSA-2018:2164
- RHSA-2019:2029
- RHSA-2019:2043
- SSA:2019-030-01
- SUSE-SU-2018:1048-1
- SUSE-SU-2018:1080-1
- SUSE-SU-2018:1171-1
- SUSE-SU-2018:1172-1
- SUSE-SU-2018:1173-1
- SUSE-SU-2018:1173-2
- SUSE-SU-2018:1217-1
- SUSE-SU-2018:1220-1
- SUSE-SU-2018:1221-1
- SUSE-SU-2018:1309-1
- SUSE-SU-2018:1366-1
- SUSE-SU-2018:1761-1
- SUSE-SU-2018:1762-1
- SUSE-SU-2018:1772-1
- SUSE-SU-2018:1816-1
- SUSE-SU-2018:1821-1
- SUSE-SU-2018:1846-1
- SUSE-SU-2018:1849-1
- SUSE-SU-2018:1855-1
- SUSE-SU-2018:1855-2
- SUSE-SU-2018:1940-1
- SUSE-SU-2018:1942-1
- SUSE-SU-2018:1943-1
- SUSE-SU-2018:1944-1
- SUSE-SU-2018:1945-1
- SUSE-SU-2018:1946-1
- SUSE-SU-2018:1947-1
- SUSE-SU-2018:1948-1
- SUSE-SU-2018:1949-1
- SUSE-SU-2018:1981-1
- SUSE-SU-2018:2037-1
- SUSE-SU-2018:2048-1
- SUSE-SU-2018:2056-1
- SUSE-SU-2018:2059-1
- SUSE-SU-2018:2069-1
- SUSE-SU-2018:2081-1
- SUSE-SU-2018:2081-2
- SUSE-SU-2018:2086-1
- SUSE-SU-2018:2087-1
- SUSE-SU-2018:2088-1
- SUSE-SU-2018:2090-1
- SUSE-SU-2018:2091-1
- SUSE-SU-2018:2092-1
- SUSE-SU-2018:2093-1
- SUSE-SU-2018:2094-1
- SUSE-SU-2018:2095-1
- SUSE-SU-2018:2096-1
- SUSE-SU-2018:2097-1
- SUSE-SU-2018:2098-1
- SUSE-SU-2018:2099-1
- SUSE-SU-2018:2100-1
- SUSE-SU-2018:2101-1
- SUSE-SU-2018:2102-1
- SUSE-SU-2018:2103-1
- SUSE-SU-2018:2104-1
- SUSE-SU-2018:2105-1
- SUSE-SU-2018:2106-1
- SUSE-SU-2018:2107-1
- SUSE-SU-2018:2108-1
- SUSE-SU-2018:2109-1
- SUSE-SU-2018:2110-1
- SUSE-SU-2018:2111-1
- SUSE-SU-2018:2112-1
- SUSE-SU-2018:2113-1
- SUSE-SU-2018:2114-1
- SUSE-SU-2018:2115-1
- SUSE-SU-2018:2248-1
- SUSE-SU-2018:2250-1
- SUSE-SU-2018:2254-1
- SUSE-SU-2018:2255-1
- SUSE-SU-2018:2262-1
- SUSE-SU-2018:2263-1
- SUSE-SU-2018:2264-1
- SUSE-SU-2018:2266-1
- SUSE-SU-2018:2267-1
- SUSE-SU-2018:2268-1
- SUSE-SU-2018:2269-1
- SUSE-SU-2018:2270-1
- SUSE-SU-2018:2271-1
- SUSE-SU-2018:2332-1
- SUSE-SU-2018:2344-1
- SUSE-SU-2018:2344-2
- SUSE-SU-2018:2366-1
- SUSE-SU-2018:2528-1
- SUSE-SU-2018:2637-1
- SUSE-SU-2019:1245-1
- SUSE-SU-2020:1255-1
- SUSE-SU-2020:1275-1
- SUSE-SU-2022:1651-1
- SUSE-SU-2022:1668-1
- SUSE-SU-2022:1686-1
- SUSE-SU-2022:2077-1
- SUSE-SU-2022:2082-1
- SUSE-SU-2022:2103-1
- SUSE-SU-2022:2111-1
- SUSE-SU-2023:0416-1
- USN-3678-1
- USN-3678-2
- USN-3678-3
- USN-3678-4
- USN-3695-1
- USN-3695-2
- USN-3696-2
- USN-3697-1
- USN-3697-2
- USN-3698-1
- USN-3698-2
- USN-3752-1
- USN-3752-2
- USN-3752-3
- USN-3754-1
- USN-3762-1
- USN-3762-2
- XSA-267
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-extra-4.4.0-130-generic?distro=xenial | ubuntu | linux-image-extra-4.4.0-130-generic | < 4.4.0-130.156 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-130-powerpc64-smp?distro=xenial | ubuntu | linux-image-4.4.0-130-powerpc64-smp | < 4.4.0-130.156 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-130-powerpc64-emb?distro=xenial | ubuntu | linux-image-4.4.0-130-powerpc64-emb | < 4.4.0-130.156 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-130-powerpc-smp?distro=xenial | ubuntu | linux-image-4.4.0-130-powerpc-smp | < 4.4.0-130.156 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-130-powerpc-e500mc?distro=xenial | ubuntu | linux-image-4.4.0-130-powerpc-e500mc | < 4.4.0-130.156 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-130-lowlatency?distro=xenial | ubuntu | linux-image-4.4.0-130-lowlatency | < 4.4.0-130.156 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-130-generic?distro=xenial | ubuntu | linux-image-4.4.0-130-generic | < 4.4.0-130.156 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-130-generic-lpae?distro=xenial | ubuntu | linux-image-4.4.0-130-generic-lpae | < 4.4.0-130.156 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-1095-snapdragon?distro=xenial | ubuntu | linux-image-4.4.0-1095-snapdragon | < 4.4.0-1095.100 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-1092-raspi2?distro=xenial | ubuntu | linux-image-4.4.0-1092-raspi2 | < 4.4.0-1092.100 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-1062-aws?distro=xenial | ubuntu | linux-image-4.4.0-1062-aws | < 4.4.0-1062.71 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.4.0-1029-kvm?distro=xenial | ubuntu | linux-image-4.4.0-1029-kvm | < 4.4.0-1029.34 | xenial |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |