[USN-3849-1] Linux kernel vulnerabilities
Several security issues were fixed in the Linux kernel.
It was discovered that a NULL pointer dereference existed in the keyring
subsystem of the Linux kernel. A local attacker could use this to cause a
denial of service (system crash). (CVE-2017-2647)
It was discovered that a race condition existed in the raw MIDI driver for
the Linux kernel, leading to a double free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2018-10902)
It was discovered that an integer overrun vulnerability existed in the
POSIX timers implementation in the Linux kernel. A local attacker could use
this to cause a denial of service. (CVE-2018-12896)
Noam Rathaus discovered that a use-after-free vulnerability existed in the
Infiniband implementation in the Linux kernel. An attacker could use this
to cause a denial of service (system crash). (CVE-2018-14734)
It was discovered that the YUREX USB device driver for the Linux kernel did
not properly restrict user space reads or writes. A physically proximate
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2018-16276)
Tetsuo Handa discovered a logic error in the TTY subsystem of the Linux
kernel. A local attacker with access to pseudo terminal devices could use
this to cause a denial of service. (CVE-2018-18386)
Kanda Motohiro discovered that writing extended attributes to an XFS file
system in the Linux kernel in certain situations could cause an error
condition to occur. A local attacker could use this to cause a denial of
service. (CVE-2018-18690)
It was discovered that an integer overflow vulnerability existed in the
CDROM driver of the Linux kernel. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2018-18710)
| Package | Affected Version |
|---|---|
 pkg:deb/ubuntu/linux-image-extra-3.13.0-164-generic?distro=trusty
|
< 3.13.0-164.214 |
|
pkg:deb/ubuntu/linux-image-3.13.0-164-powerpc64-smp?distro=trusty
|
< 3.13.0-164.214 |
|
pkg:deb/ubuntu/linux-image-3.13.0-164-powerpc64-emb?distro=trusty
|
< 3.13.0-164.214 |
|
pkg:deb/ubuntu/linux-image-3.13.0-164-powerpc-smp?distro=trusty
|
< 3.13.0-164.214 |
|
pkg:deb/ubuntu/linux-image-3.13.0-164-powerpc-e500mc?distro=trusty
|
< 3.13.0-164.214 |
|
pkg:deb/ubuntu/linux-image-3.13.0-164-powerpc-e500?distro=trusty
|
< 3.13.0-164.214 |
|
pkg:deb/ubuntu/linux-image-3.13.0-164-lowlatency?distro=trusty
|
< 3.13.0-164.214 |
|
pkg:deb/ubuntu/linux-image-3.13.0-164-generic?distro=trusty
|
< 3.13.0-164.214 |
|
pkg:deb/ubuntu/linux-image-3.13.0-164-generic-lpae?distro=trusty
|
< 3.13.0-164.214 |
- ID
- USN-3849-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-3849-1
- Published
-
2018-12-20T23:36:03
(5 years ago) - Modified
-
2018-12-20T23:36:03
(5 years ago) - Other Advisories
-
-
ALAS-2018-1133
-
ALAS2-2018-1133
-
DSA-4308-1
-
ELSA-2017-1842
-
ELSA-2017-3566
-
ELSA-2017-3567
-
ELSA-2018-3083
-
ELSA-2018-4242
-
ELSA-2018-4261
-
ELSA-2018-4270
-
ELSA-2018-4288
-
ELSA-2018-4299
-
ELSA-2018-4300
-
ELSA-2018-4301
-
ELSA-2018-4304
-
ELSA-2018-4307
-
ELSA-2019-0415
-
ELSA-2019-2029
-
ELSA-2019-4316
-
ELSA-2020-3548
-
FEDORA-2018-0edb45d9db
-
FEDORA-2018-1621b2204a
-
FEDORA-2018-1c80fea1cd
-
FEDORA-2018-2645eb8dab
-
FEDORA-2018-2ee3411cb8
-
FEDORA-2018-2f6df9abfb
-
FEDORA-2018-3857a8b41a
-
FEDORA-2018-49bda79bd5
-
FEDORA-2018-50075276e8
-
FEDORA-2018-5904d0794d
-
FEDORA-2018-59e4747e0f
-
FEDORA-2018-6e8c330d50
-
FEDORA-2018-79d7c3d2df
-
FEDORA-2018-8422d94975
-
FEDORA-2018-8484550fff
-
FEDORA-2018-87ba0312c2
-
FEDORA-2018-94315e9a6b
-
FEDORA-2018-9f4381d8c4
-
FEDORA-2018-a0914af224
-
FEDORA-2018-b68776e5b0
-
FEDORA-2018-c0a1284064
-
FEDORA-2018-ca0e10fc6e
-
FEDORA-2018-cc812838fb
-
FEDORA-2018-d77cc41f35
-
FEDORA-2018-ddbaca855e
-
FEDORA-2018-e820fccd83
-
FEDORA-2018-f55c305488
-
FEDORA-2018-f8cba144ae
-
FEDORA-2019-164946aa7f
-
FEDORA-2019-16de0047d4
-
FEDORA-2019-196ab64d65
-
FEDORA-2019-1b986880ea
-
FEDORA-2019-1e8a4c6958
-
FEDORA-2019-20a89ca9af
-
FEDORA-2019-337484d88b
-
FEDORA-2019-3da64f3e61
-
FEDORA-2019-4002b91800
-
FEDORA-2019-48b34fc991
-
FEDORA-2019-509c133845
-
FEDORA-2019-65c6d11eba
-
FEDORA-2019-7462acf8ba
-
FEDORA-2019-7bdeed7fc5
-
FEDORA-2019-7d3500d712
-
FEDORA-2019-8169b57f28
-
FEDORA-2019-8219efa9f6
-
FEDORA-2019-87e7046631
-
FEDORA-2019-94dc902948
-
FEDORA-2019-96b31a9602
-
FEDORA-2019-a6cd583a8d
-
FEDORA-2019-aabdaa013d
-
FEDORA-2019-b0f7a7b74b
-
FEDORA-2019-be9add5b77
-
FEDORA-2019-c36afa818c
-
FEDORA-2019-ce2933b003
-
FEDORA-2019-e6bf55e821
-
FEDORA-2019-f812c9fb22
-
RHSA-2017:1842
-
RHSA-2017:2077
-
RHSA-2018:3083
-
RHSA-2018:3096
-
RHSA-2019:0415
-
RHSA-2019:2029
-
RHSA-2019:2043
-
RHSA-2020:3548
-
SSA:2019-030-01
-
SUSE-SU-2017:1360-1
-
SUSE-SU-2017:2342-1
-
SUSE-SU-2017:2389-1
-
SUSE-SU-2017:2525-1
-
SUSE-SU-2017:2920-1
-
SUSE-SU-2018:2328-1
-
SUSE-SU-2018:2344-1
-
SUSE-SU-2018:2344-2
-
SUSE-SU-2018:2362-1
-
SUSE-SU-2018:2374-1
-
SUSE-SU-2018:2384-1
-
SUSE-SU-2018:2538-1
-
SUSE-SU-2018:2539-1
-
SUSE-SU-2018:2596-1
-
SUSE-SU-2018:2775-1
-
SUSE-SU-2018:2776-1
-
SUSE-SU-2018:2787-1
-
SUSE-SU-2018:2858-1
-
SUSE-SU-2018:2860-1
-
SUSE-SU-2018:2862-1
-
SUSE-SU-2018:2864-1
-
SUSE-SU-2018:2879-1
-
SUSE-SU-2018:2907-1
-
SUSE-SU-2018:2908-1
-
SUSE-SU-2018:2908-2
-
SUSE-SU-2018:2940-1
-
SUSE-SU-2018:2960-1
-
SUSE-SU-2018:2961-1
-
SUSE-SU-2018:2962-1
-
SUSE-SU-2018:2963-1
-
SUSE-SU-2018:2980-1
-
SUSE-SU-2018:2981-1
-
SUSE-SU-2018:3003-1
-
SUSE-SU-2018:3004-1
-
SUSE-SU-2018:3029-1
-
SUSE-SU-2018:3083-1
-
SUSE-SU-2018:3084-1
-
SUSE-SU-2018:3088-1
-
SUSE-SU-2018:3589-1
-
SUSE-SU-2018:3593-1
-
SUSE-SU-2018:3618-1
-
SUSE-SU-2018:3659-1
-
SUSE-SU-2018:3688-1
-
SUSE-SU-2018:3689-1
-
SUSE-SU-2018:3746-1
-
SUSE-SU-2018:3772-1
-
SUSE-SU-2018:3773-1
-
SUSE-SU-2018:3787-1
-
SUSE-SU-2018:3865-1
-
SUSE-SU-2018:3869-1
-
SUSE-SU-2018:3880-1
-
SUSE-SU-2018:3934-1
-
SUSE-SU-2018:3961-1
-
SUSE-SU-2018:4069-1
-
SUSE-SU-2018:4072-1
-
SUSE-SU-2019:0095-1
-
SUSE-SU-2019:0224-1
-
SUSE-SU-2019:0439-1
-
SUSE-SU-2019:1289-1
-
SUSE-SU-2019:1422-1
-
SUSE-SU-2019:1437-1
-
SUSE-SU-2019:1489-1
-
SUSE-SU-2021:0452-1
-
USN-3776-1
-
USN-3776-2
-
USN-3797-1
-
USN-3797-2
-
USN-3846-1
-
USN-3847-1
-
USN-3847-2
-
USN-3847-3
-
USN-3848-1
-
USN-3848-2
-
USN-3849-2
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:deb/ubuntu/linux-image-extra-3.13.0-164-generic?distro=trusty | ubuntu |
linux-image-extra-3.13.0-164-generic
|
< 3.13.0-164.214 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-164-powerpc64-smp?distro=trusty | ubuntu |
linux-image-3.13.0-164-powerpc64-smp
|
< 3.13.0-164.214 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-164-powerpc64-emb?distro=trusty | ubuntu |
linux-image-3.13.0-164-powerpc64-emb
|
< 3.13.0-164.214 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-164-powerpc-smp?distro=trusty | ubuntu |
linux-image-3.13.0-164-powerpc-smp
|
< 3.13.0-164.214 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-164-powerpc-e500mc?distro=trusty | ubuntu |
linux-image-3.13.0-164-powerpc-e500mc
|
< 3.13.0-164.214 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-164-powerpc-e500?distro=trusty | ubuntu |
linux-image-3.13.0-164-powerpc-e500
|
< 3.13.0-164.214 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-164-lowlatency?distro=trusty | ubuntu |
linux-image-3.13.0-164-lowlatency
|
< 3.13.0-164.214 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-164-generic?distro=trusty | ubuntu |
linux-image-3.13.0-164-generic
|
< 3.13.0-164.214 | trusty | ||
| Affected | pkg:deb/ubuntu/linux-image-3.13.0-164-generic-lpae?distro=trusty | ubuntu |
linux-image-3.13.0-164-generic-lpae
|
< 3.13.0-164.214 | trusty |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |