[USN-3822-1] Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel.
Jim Mattson discovered that the KVM implementation in the Linux kernel
mismanages the #BP and #OF exceptions. A local attacker in a guest virtual
machine could use this to cause a denial of service (guest OS crash).
(CVE-2016-9588)
It was discovered that the generic SCSI driver in the Linux kernel did not
properly enforce permissions on kernel memory access. A local attacker
could use this to expose sensitive information or possibly elevate
privileges. (CVE-2017-13168)
Andrey Konovalov discovered that the CDC USB Ethernet driver did not
properly validate device descriptors. A physically proximate attacker could
use this to cause a denial of service (system crash). (CVE-2017-16649)
It was discovered that an integer overflow existed in the CD-ROM driver of
the Linux kernel. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2018-16658)
It was discovered that an integer overflow existed in the HID Bluetooth
implementation in the Linux kernel that could lead to a buffer overwrite.
An attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2018-9363)
| Package | Affected Version |
|---|---|
 pkg:deb/ubuntu/linux-image-extra-3.13.0-162-generic?distro=trusty
|
< 3.13.0-162.212 |
|
pkg:deb/ubuntu/linux-image-3.13.0-162-powerpc64-smp?distro=trusty
|
< 3.13.0-162.212 |
|
pkg:deb/ubuntu/linux-image-3.13.0-162-powerpc64-emb?distro=trusty
|
< 3.13.0-162.212 |
|
pkg:deb/ubuntu/linux-image-3.13.0-162-powerpc-smp?distro=trusty
|
< 3.13.0-162.212 |
|
pkg:deb/ubuntu/linux-image-3.13.0-162-powerpc-e500mc?distro=trusty
|
< 3.13.0-162.212 |
|
pkg:deb/ubuntu/linux-image-3.13.0-162-powerpc-e500?distro=trusty
|
< 3.13.0-162.212 |
|
pkg:deb/ubuntu/linux-image-3.13.0-162-lowlatency?distro=trusty
|
< 3.13.0-162.212 |
|
pkg:deb/ubuntu/linux-image-3.13.0-162-generic?distro=trusty
|
< 3.13.0-162.212 |
|
pkg:deb/ubuntu/linux-image-3.13.0-162-generic-lpae?distro=trusty
|
< 3.13.0-162.212 |
- ID
- USN-3822-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-3822-1
- Published
-
2018-11-14T23:01:52
(5 years ago) - Modified
-
2018-11-14T23:01:52
(5 years ago) - Other Advisories
-
-
ALAS-2017-937
-
ALAS-2018-1086
-
ALAS-2019-1280
-
ALAS2-2018-1086
-
ALAS2-2019-1280
-
ALAS2-2019-1281
-
ASA-201702-17
-
ASA-201702-18
-
DSA-3804-1
-
DSA-4308-1
-
ELSA-2017-1842
-
ELSA-2017-3533
-
ELSA-2017-3534
-
ELSA-2018-4227
-
ELSA-2018-4242
-
ELSA-2018-4245
-
ELSA-2018-4246
-
ELSA-2018-4250
-
ELSA-2018-4265
-
ELSA-2018-4270
-
ELSA-2018-4300
-
ELSA-2019-2029
-
ELSA-2019-4315
-
ELSA-2019-4316
-
FEDORA-2016-2b1f91e9bd
-
FEDORA-2016-dd895763ac
-
FEDORA-2017-905bb449bc
-
FEDORA-2017-92a0ae09aa
-
FEDORA-2017-f9f3d80442
-
FEDORA-2018-1c80fea1cd
-
FEDORA-2018-1e033dc308
-
FEDORA-2018-2a0f8b2c9d
-
FEDORA-2018-2ee3411cb8
-
FEDORA-2018-2f6df9abfb
-
FEDORA-2018-49bda79bd5
-
FEDORA-2018-4ca01704a2
-
FEDORA-2018-59e4747e0f
-
FEDORA-2018-6367a17aa3
-
FEDORA-2018-79d7c3d2df
-
FEDORA-2018-8484550fff
-
FEDORA-2018-884a105c04
-
FEDORA-2018-93c2e74446
-
FEDORA-2018-94315e9a6b
-
FEDORA-2018-9d0e4e40b5
-
FEDORA-2018-b57db4753c
-
FEDORA-2018-b68776e5b0
-
FEDORA-2018-b997780dca
-
FEDORA-2018-c0a1284064
-
FEDORA-2018-c449dc1c9c
-
FEDORA-2018-d77cc41f35
-
FEDORA-2018-e71875c4aa
-
FEDORA-2018-e8f793bbfc
-
RHSA-2017:1842
-
RHSA-2017:2077
-
RHSA-2019:2029
-
RHSA-2019:2043
-
SUSE-SU-2017:1247-1
-
SUSE-SU-2017:1360-1
-
SUSE-SU-2017:3210-1
-
SUSE-SU-2017:3249-1
-
SUSE-SU-2017:3265-1
-
SUSE-SU-2018:0040-1
-
SUSE-SU-2018:0180-1
-
SUSE-SU-2018:2538-1
-
SUSE-SU-2018:2539-1
-
SUSE-SU-2018:2596-1
-
SUSE-SU-2018:2775-1
-
SUSE-SU-2018:2776-1
-
SUSE-SU-2018:2858-1
-
SUSE-SU-2018:2862-1
-
SUSE-SU-2018:2879-1
-
SUSE-SU-2018:2907-1
-
SUSE-SU-2018:2908-1
-
SUSE-SU-2018:2908-2
-
SUSE-SU-2018:2980-1
-
SUSE-SU-2018:2981-1
-
SUSE-SU-2018:3083-1
-
SUSE-SU-2018:3084-1
-
SUSE-SU-2018:3088-1
-
SUSE-SU-2018:3961-1
-
USN-3208-1
-
USN-3208-2
-
USN-3209-1
-
USN-3617-1
-
USN-3617-2
-
USN-3617-3
-
USN-3619-1
-
USN-3619-2
-
USN-3753-1
-
USN-3753-2
-
USN-3797-1
-
USN-3797-2
-
USN-3820-1
-
USN-3820-2
-
USN-3820-3
-
USN-3822-2
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/linux-image-extra-3.13.0-162-generic?distro=trusty | ubuntu |
linux-image-extra-3.13.0-162-generic
|
< 3.13.0-162.212 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-162-powerpc64-smp?distro=trusty | ubuntu |
linux-image-3.13.0-162-powerpc64-smp
|
< 3.13.0-162.212 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-162-powerpc64-emb?distro=trusty | ubuntu |
linux-image-3.13.0-162-powerpc64-emb
|
< 3.13.0-162.212 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-162-powerpc-smp?distro=trusty | ubuntu |
linux-image-3.13.0-162-powerpc-smp
|
< 3.13.0-162.212 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-162-powerpc-e500mc?distro=trusty | ubuntu |
linux-image-3.13.0-162-powerpc-e500mc
|
< 3.13.0-162.212 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-162-powerpc-e500?distro=trusty | ubuntu |
linux-image-3.13.0-162-powerpc-e500
|
< 3.13.0-162.212 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-162-lowlatency?distro=trusty | ubuntu |
linux-image-3.13.0-162-lowlatency
|
< 3.13.0-162.212 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-162-generic?distro=trusty | ubuntu |
linux-image-3.13.0-162-generic
|
< 3.13.0-162.212 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-162-generic-lpae?distro=trusty | ubuntu |
linux-image-3.13.0-162-generic-lpae
|
< 3.13.0-162.212 | trusty |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |