[USN-3847-1] Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel.
It was discovered that a race condition existed in the raw MIDI driver for
the Linux kernel, leading to a double free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2018-10902)
It was discovered that an integer overrun vulnerability existed in the
POSIX timers implementation in the Linux kernel. A local attacker could use
this to cause a denial of service. (CVE-2018-12896)
Noam Rathaus discovered that a use-after-free vulnerability existed in the
Infiniband implementation in the Linux kernel. An attacker could use this
to cause a denial of service (system crash). (CVE-2018-14734)
It was discovered that the YUREX USB device driver for the Linux kernel did
not properly restrict user space reads or writes. A physically proximate
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2018-16276)
It was discovered that the BPF verifier in the Linux kernel did not
correctly compute numeric bounds in some situations. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2018-18445)
Kanda Motohiro discovered that writing extended attributes to an XFS file
system in the Linux kernel in certain situations could cause an error
condition to occur. A local attacker could use this to cause a denial of
service. (CVE-2018-18690)
It was discovered that an integer overflow vulnerability existed in the
CDROM driver of the Linux kernel. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-18710)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-image-unsigned-4.15.0-43-lowlatency?distro=bionic | < 4.15.0-43.46 |
pkg:deb/ubuntu/linux-image-unsigned-4.15.0-43-generic?distro=bionic | < 4.15.0-43.46 |
pkg:deb/ubuntu/linux-image-unsigned-4.15.0-1036-azure?distro=bionic | < 4.15.0-1036.38 |
pkg:deb/ubuntu/linux-image-unsigned-4.15.0-1030-oem?distro=bionic | < 4.15.0-1030.35 |
pkg:deb/ubuntu/linux-image-unsigned-4.15.0-1026-gcp?distro=bionic | < 4.15.0-1026.27 |
pkg:deb/ubuntu/linux-image-4.15.0-43-snapdragon?distro=bionic | < 4.15.0-43.46 |
pkg:deb/ubuntu/linux-image-4.15.0-43-lowlatency?distro=bionic | < 4.15.0-43.46 |
pkg:deb/ubuntu/linux-image-4.15.0-43-generic?distro=bionic | < 4.15.0-43.46 |
pkg:deb/ubuntu/linux-image-4.15.0-43-generic-lpae?distro=bionic | < 4.15.0-43.46 |
pkg:deb/ubuntu/linux-image-4.15.0-1031-aws?distro=bionic | < 4.15.0-1031.33 |
pkg:deb/ubuntu/linux-image-4.15.0-1030-raspi2?distro=bionic | < 4.15.0-1030.32 |
pkg:deb/ubuntu/linux-image-4.15.0-1028-kvm?distro=bionic | < 4.15.0-1028.28 |
- ID
- USN-3847-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-3847-1
- Published
-
2018-12-20T22:39:41
(5 years ago) - Modified
-
2018-12-20T22:39:41
(5 years ago) - Other Advisories
-
- ALAS-2018-1133
- ALAS2-2018-1133
- ASA-201811-1
- ASA-201811-2
- DSA-4308-1
- ELSA-2018-3083
- ELSA-2018-4242
- ELSA-2018-4261
- ELSA-2018-4270
- ELSA-2018-4288
- ELSA-2018-4299
- ELSA-2018-4300
- ELSA-2018-4301
- ELSA-2018-4304
- ELSA-2019-0415
- ELSA-2019-0512
- ELSA-2019-2029
- ELSA-2019-4316
- FEDORA-2018-0edb45d9db
- FEDORA-2018-1621b2204a
- FEDORA-2018-1c80fea1cd
- FEDORA-2018-2645eb8dab
- FEDORA-2018-2ee3411cb8
- FEDORA-2018-2f6df9abfb
- FEDORA-2018-3857a8b41a
- FEDORA-2018-49bda79bd5
- FEDORA-2018-50075276e8
- FEDORA-2018-5904d0794d
- FEDORA-2018-59e4747e0f
- FEDORA-2018-6e8c330d50
- FEDORA-2018-79d7c3d2df
- FEDORA-2018-8422d94975
- FEDORA-2018-8484550fff
- FEDORA-2018-87ba0312c2
- FEDORA-2018-94315e9a6b
- FEDORA-2018-9f4381d8c4
- FEDORA-2018-a0914af224
- FEDORA-2018-b68776e5b0
- FEDORA-2018-c0a1284064
- FEDORA-2018-ca0e10fc6e
- FEDORA-2018-cc812838fb
- FEDORA-2018-d77cc41f35
- FEDORA-2018-ddbaca855e
- FEDORA-2018-e820fccd83
- FEDORA-2018-f55c305488
- FEDORA-2018-f8cba144ae
- FEDORA-2019-164946aa7f
- FEDORA-2019-16de0047d4
- FEDORA-2019-196ab64d65
- FEDORA-2019-1b986880ea
- FEDORA-2019-1e8a4c6958
- FEDORA-2019-20a89ca9af
- FEDORA-2019-337484d88b
- FEDORA-2019-3da64f3e61
- FEDORA-2019-4002b91800
- FEDORA-2019-48b34fc991
- FEDORA-2019-509c133845
- FEDORA-2019-65c6d11eba
- FEDORA-2019-7462acf8ba
- FEDORA-2019-7bdeed7fc5
- FEDORA-2019-7d3500d712
- FEDORA-2019-8169b57f28
- FEDORA-2019-8219efa9f6
- FEDORA-2019-87e7046631
- FEDORA-2019-94dc902948
- FEDORA-2019-96b31a9602
- FEDORA-2019-a6cd583a8d
- FEDORA-2019-aabdaa013d
- FEDORA-2019-b0f7a7b74b
- FEDORA-2019-be9add5b77
- FEDORA-2019-c36afa818c
- FEDORA-2019-ce2933b003
- FEDORA-2019-e6bf55e821
- FEDORA-2019-f812c9fb22
- RHSA-2018:3083
- RHSA-2018:3096
- RHSA-2019:0415
- RHSA-2019:0512
- RHSA-2019:0514
- RHSA-2019:2029
- RHSA-2019:2043
- SSA:2019-030-01
- SUSE-SU-2018:2328-1
- SUSE-SU-2018:2344-1
- SUSE-SU-2018:2344-2
- SUSE-SU-2018:2362-1
- SUSE-SU-2018:2374-1
- SUSE-SU-2018:2384-1
- SUSE-SU-2018:2538-1
- SUSE-SU-2018:2539-1
- SUSE-SU-2018:2596-1
- SUSE-SU-2018:2775-1
- SUSE-SU-2018:2776-1
- SUSE-SU-2018:2787-1
- SUSE-SU-2018:2858-1
- SUSE-SU-2018:2860-1
- SUSE-SU-2018:2862-1
- SUSE-SU-2018:2864-1
- SUSE-SU-2018:2879-1
- SUSE-SU-2018:2907-1
- SUSE-SU-2018:2908-1
- SUSE-SU-2018:2908-2
- SUSE-SU-2018:2940-1
- SUSE-SU-2018:2960-1
- SUSE-SU-2018:2961-1
- SUSE-SU-2018:2962-1
- SUSE-SU-2018:2963-1
- SUSE-SU-2018:2980-1
- SUSE-SU-2018:2981-1
- SUSE-SU-2018:3003-1
- SUSE-SU-2018:3004-1
- SUSE-SU-2018:3029-1
- SUSE-SU-2018:3083-1
- SUSE-SU-2018:3084-1
- SUSE-SU-2018:3088-1
- SUSE-SU-2018:3589-1
- SUSE-SU-2018:3593-1
- SUSE-SU-2018:3618-1
- SUSE-SU-2018:3659-1
- SUSE-SU-2018:3688-1
- SUSE-SU-2018:3689-1
- SUSE-SU-2018:3746-1
- SUSE-SU-2018:3773-1
- SUSE-SU-2018:3869-1
- SUSE-SU-2018:3934-1
- SUSE-SU-2018:3961-1
- SUSE-SU-2018:4069-1
- SUSE-SU-2018:4072-1
- SUSE-SU-2019:0095-1
- SUSE-SU-2019:0224-1
- SUSE-SU-2019:0439-1
- SUSE-SU-2019:1289-1
- SUSE-SU-2019:1422-1
- SUSE-SU-2019:1437-1
- SUSE-SU-2019:1489-1
- SUSE-SU-2021:0452-1
- USN-3776-1
- USN-3776-2
- USN-3797-1
- USN-3797-2
- USN-3832-1
- USN-3835-1
- USN-3846-1
- USN-3847-2
- USN-3847-3
- USN-3848-1
- USN-3848-2
- USN-3849-1
- USN-3849-2
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-unsigned-4.15.0-43-lowlatency?distro=bionic | ubuntu | linux-image-unsigned-4.15.0-43-lowlatency | < 4.15.0-43.46 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-unsigned-4.15.0-43-generic?distro=bionic | ubuntu | linux-image-unsigned-4.15.0-43-generic | < 4.15.0-43.46 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-unsigned-4.15.0-1036-azure?distro=bionic | ubuntu | linux-image-unsigned-4.15.0-1036-azure | < 4.15.0-1036.38 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-unsigned-4.15.0-1030-oem?distro=bionic | ubuntu | linux-image-unsigned-4.15.0-1030-oem | < 4.15.0-1030.35 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-unsigned-4.15.0-1026-gcp?distro=bionic | ubuntu | linux-image-unsigned-4.15.0-1026-gcp | < 4.15.0-1026.27 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-43-snapdragon?distro=bionic | ubuntu | linux-image-4.15.0-43-snapdragon | < 4.15.0-43.46 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-43-lowlatency?distro=bionic | ubuntu | linux-image-4.15.0-43-lowlatency | < 4.15.0-43.46 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-43-generic?distro=bionic | ubuntu | linux-image-4.15.0-43-generic | < 4.15.0-43.46 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-43-generic-lpae?distro=bionic | ubuntu | linux-image-4.15.0-43-generic-lpae | < 4.15.0-43.46 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1031-aws?distro=bionic | ubuntu | linux-image-4.15.0-1031-aws | < 4.15.0-1031.33 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1030-raspi2?distro=bionic | ubuntu | linux-image-4.15.0-1030-raspi2 | < 4.15.0-1030.32 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1028-kvm?distro=bionic | ubuntu | linux-image-4.15.0-1028-kvm | < 4.15.0-1028.28 | bionic |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |