[USN-4118-1] Linux kernel (AWS) vulnerabilities
Several security issues were fixed in the Linux kernel.
It was discovered that the alarmtimer implementation in the Linux kernel
contained an integer overflow vulnerability. A local attacker could use
this to cause a denial of service. (CVE-2018-13053)
Wen Xu discovered that the XFS filesystem implementation in the Linux
kernel did not properly track inode validations. An attacker could use this
to construct a malicious XFS image that, when mounted, could cause a denial
of service (system crash). (CVE-2018-13093)
Wen Xu discovered that the f2fs file system implementation in the Linux
kernel did not properly validate metadata. An attacker could use this to
construct a malicious f2fs image that, when mounted, could cause a denial
of service (system crash). (CVE-2018-13096, CVE-2018-13097, CVE-2018-13098,
CVE-2018-13099, CVE-2018-13100, CVE-2018-14614, CVE-2018-14615,
CVE-2018-14616)
Wen Xu and Po-Ning Tseng discovered that btrfs file system implementation
in the Linux kernel did not properly validate metadata. An attacker could
use this to construct a malicious btrfs image that, when mounted, could
cause a denial of service (system crash). (CVE-2018-14609, CVE-2018-14610,
CVE-2018-14611, CVE-2018-14612, CVE-2018-14613)
Wen Xu discovered that the HFS+ filesystem implementation in the Linux
kernel did not properly handle malformed catalog data in some situations.
An attacker could use this to construct a malicious HFS+ image that, when
mounted, could cause a denial of service (system crash). (CVE-2018-14617)
Vasily Averin and Pavel Tikhomirov discovered that the cleancache subsystem
of the Linux kernel did not properly initialize new files in some
situations. A local attacker could use this to expose sensitive
information. (CVE-2018-16862)
Hui Peng and Mathias Payer discovered that the Option USB High Speed driver
in the Linux kernel did not properly validate metadata received from the
device. A physically proximate attacker could use this to cause a denial of
service (system crash). (CVE-2018-19985)
Hui Peng and Mathias Payer discovered that the USB subsystem in the Linux
kernel did not properly handle size checks when handling an extra USB
descriptor. A physically proximate attacker could use this to cause a
denial of service (system crash). (CVE-2018-20169)
Zhipeng Xie discovered that an infinite loop could be triggered in the CFS
Linux kernel process scheduler. A local attacker could possibly use this to
cause a denial of service. (CVE-2018-20784)
It was discovered that a use-after-free error existed in the block layer
subsystem of the Linux kernel when certain failure conditions occurred. A
local attacker could possibly use this to cause a denial of service (system
crash) or possibly execute arbitrary code. (CVE-2018-20856)
Eli Biham and Lior Neumann discovered that the Bluetooth implementation in
the Linux kernel did not properly validate elliptic curve parameters during
Diffie-Hellman key exchange in some situations. An attacker could use this
to expose sensitive information. (CVE-2018-5383)
It was discovered that the Intel Wi-Fi device driver in the Linux kernel did
not properly validate certain Tunneled Direct Link Setup (TDLS). A
physically proximate attacker could use this to cause a denial of service
(Wi-Fi disconnect). (CVE-2019-0136)
It was discovered that a heap buffer overflow existed in the Marvell
Wireless LAN device driver for the Linux kernel. An attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2019-10126)
It was discovered that the Bluetooth UART implementation in the Linux
kernel did not properly check for missing tty operations. A local attacker
could use this to cause a denial of service. (CVE-2019-10207)
Amit Klein and Benny Pinkas discovered that the Linux kernel did not
sufficiently randomize IP ID values generated for connectionless networking
protocols. A remote attacker could use this to track particular Linux
devices. (CVE-2019-10638)
Amit Klein and Benny Pinkas discovered that the location of kernel
addresses could be exposed by the implementation of connection-less network
protocols in the Linux kernel. A remote attacker could possibly use this to
assist in the exploitation of another vulnerability in the Linux kernel.
(CVE-2019-10639)
Adam Zabrocki discovered that the Intel i915 kernel mode graphics driver in
the Linux kernel did not properly restrict mmap() ranges in some
situations. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2019-11085)
It was discovered that an integer overflow existed in the Linux kernel when
reference counting pages, leading to potential use-after-free issues. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2019-11487)
Jann Horn discovered that a race condition existed in the Linux kernel when
performing core dumps. A local attacker could use this to cause a denial of
service (system crash) or expose sensitive information. (CVE-2019-11599)
It was discovered that a null pointer dereference vulnerability existed in
the LSI Logic MegaRAID driver in the Linux kernel. A local attacker could
use this to cause a denial of service (system crash). (CVE-2019-11810)
It was discovered that a race condition leading to a use-after-free existed
in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux
kernel. The RDS protocol is disabled via blocklist by default in Ubuntu.
If enabled, a local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2019-11815)
It was discovered that the ext4 file system implementation in the Linux
kernel did not properly zero out memory in some situations. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2019-11833)
It was discovered that the Bluetooth Human Interface Device Protocol (HIDP)
implementation in the Linux kernel did not properly verify strings were
NULL terminated in certain situations. A local attacker could use this to
expose sensitive information (kernel memory). (CVE-2019-11884)
It was discovered that a NULL pointer dereference vulnerabilty existed in
the Near-field communication (NFC) implementation in the Linux kernel. An
attacker could use this to cause a denial of service (system crash).
(CVE-2019-12818)
It was discovered that the MDIO bus devices subsystem in the Linux kernel
improperly dropped a device reference in an error condition, leading to a
use-after-free. An attacker could use this to cause a denial of service
(system crash). (CVE-2019-12819)
It was discovered that a NULL pointer dereference vulnerability existed in
the Near-field communication (NFC) implementation in the Linux kernel. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2019-12984)
Jann Horn discovered a use-after-free vulnerability in the Linux kernel
when accessing LDT entries in some situations. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2019-13233)
Jann Horn discovered that the ptrace implementation in the Linux kernel did
not properly record credentials in some situations. A local attacker could
use this to cause a denial of service (system crash) or possibly gain
administrative privileges. (CVE-2019-13272)
It was discovered that the GTCO tablet input driver in the Linux kernel did
not properly bounds check the initial HID report sent by the device. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2019-13631)
It was discovered that the floppy driver in the Linux kernel did not
properly validate meta data, leading to a buffer overread. A local attacker
could use this to cause a denial of service (system crash).
(CVE-2019-14283)
It was discovered that the floppy driver in the Linux kernel did not
properly validate ioctl() calls, leading to a division-by-zero. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2019-14284)
Tuba Yavuz discovered that a race condition existed in the DesignWare USB3
DRD Controller device driver in the Linux kernel. A physically proximate
attacker could use this to cause a denial of service. (CVE-2019-14763)
It was discovered that an out-of-bounds read existed in the QLogic QEDI
iSCSI Initiator Driver in the Linux kernel. A local attacker could possibly
use this to expose sensitive information (kernel memory). (CVE-2019-15090)
It was discovered that the Raremono AM/FM/SW radio device driver in the
Linux kernel did not properly allocate memory, leading to a use-after-free.
A physically proximate attacker could use this to cause a denial of service
or possibly execute arbitrary code. (CVE-2019-15211)
It was discovered at a double-free error existed in the USB Rio 500 device
driver for the Linux kernel. A physically proximate attacker could use this
to cause a denial of service. (CVE-2019-15212)
It was discovered that a race condition existed in the Advanced Linux Sound
Architecture (ALSA) subsystem of the Linux kernel, leading to a potential
use-after-free. A physically proximate attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2019-15214)
It was discovered that a race condition existed in the CPiA2 video4linux
device driver for the Linux kernel, leading to a use-after-free. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2019-15215)
It was discovered that a race condition existed in the Softmac USB Prism54
device driver in the Linux kernel. A physically proximate attacker could
use this to cause a denial of service (system crash). (CVE-2019-15220)
It was discovered that a use-after-free vulnerability existed in the
AppleTalk implementation in the Linux kernel if an error occurs during
initialization. A local attacker could use this to cause a denial of
service (system crash). (CVE-2019-15292)
It was discovered that the Empia EM28xx DVB USB device driver
implementation in the Linux kernel contained a use-after-free vulnerability
when disconnecting the device. An attacker could use this to cause a denial
of service (system crash). (CVE-2019-2024)
It was discovered that the USB video device class implementation in the
Linux kernel did not properly validate control bits, resulting in an out of
bounds buffer read. A local attacker could use this to possibly expose
sensitive information (kernel memory). (CVE-2019-2101)
It was discovered that the Marvell Wireless LAN device driver in the Linux
kernel did not properly validate the BSS descriptor. A local attacker could
possibly use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2019-3846)
Jason Wang discovered that an infinite loop vulnerability existed in the
virtio net driver in the Linux kernel. A local attacker in a guest VM could
possibly use this to cause a denial of service in the host system.
(CVE-2019-3900)
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper B. Rasmussen discovered
that the Bluetooth protocol BR/EDR specification did not properly require
sufficiently strong encryption key lengths. A physically proximate attacker
could use this to expose sensitive information. (CVE-2019-9506)
It was discovered that the Appletalk IP encapsulation driver in the Linux
kernel did not properly prevent kernel addresses from being copied to user
space. A local attacker with the CAP_NET_ADMIN capability could use this to
expose sensitive information. (CVE-2018-20511)
It was discovered that a race condition existed in the USB YUREX device
driver in the Linux kernel. A physically proximate attacker could use this
to cause a denial of service (system crash). (CVE-2019-15216)
It was discovered that the Siano USB MDTV receiver device driver in the
Linux kernel made improper assumptions about the device characteristics. A
physically proximate attacker could use this cause a denial of service
(system crash). (CVE-2019-15218)
It was discovered that the Line 6 POD USB device driver in the Linux kernel
did not properly validate data size information from the device. A
physically proximate attacker could use this to cause a denial of service
(system crash). (CVE-2019-15221)
Muyu Yu discovered that the CAN implementation in the Linux kernel in some
situations did not properly restrict the field size when processing
outgoing frames. A local attacker with CAP_NET_ADMIN privileges could use
this to execute arbitrary code. (CVE-2019-3701)
Vladis Dronov discovered that the debug interface for the Linux kernel's
HID subsystem did not properly validate passed parameters in some
situations. A local privileged attacker could use this to cause a denial of
service (infinite loop). (CVE-2019-3819)
Package | Affected Version |
---|---|
pkg:deb/ubuntu/linux-image-aws?distro=bionic | < 4.15.0.1047.46 |
pkg:deb/ubuntu/linux-image-aws-hwe?distro=xenial | < 4.15.0.1047.47 |
pkg:deb/ubuntu/linux-image-4.15.0-1047-aws?distro=xenial | < 4.15.0-1047.49~16.04.1 |
pkg:deb/ubuntu/linux-image-4.15.0-1047-aws?distro=bionic | < 4.15.0-1047.49 |
- ID
- USN-4118-1
- Severity
- medium
- URL
- https://ubuntu.com/security/notices/USN-4118-1
- Published
-
2019-09-02T21:34:33
(5 years ago) - Modified
-
2019-09-02T21:34:33
(5 years ago) - Other Advisories
-
- ALAS-2018-1048
- ALAS-2018-1086
- ALAS-2018-1133
- ALAS-2019-1145
- ALAS-2019-1212
- ALAS-2019-1214
- ALAS-2019-1232
- ALAS2-2018-1050
- ALAS2-2018-1051
- ALAS2-2018-1133
- ALAS2-2019-1145
- ALAS2-2019-1212
- ALAS2-2019-1214
- ALAS2-2019-1232
- ALSA-2024:3138
- CISA-2021:1210
- CISCO-SA-20190813-BLUETOOTH
- DSA-4308-1
- DSA-4465-1
- DSA-4484-1
- DSA-4495-1
- DSA-4497-1
- ELSA-2018-4270
- ELSA-2019-1873
- ELSA-2019-1959
- ELSA-2019-2029
- ELSA-2019-2411
- ELSA-2019-2703
- ELSA-2019-2736
- ELSA-2019-3055
- ELSA-2019-3517
- ELSA-2019-3836
- ELSA-2019-4532
- ELSA-2019-4533
- ELSA-2019-4541
- ELSA-2019-4570
- ELSA-2019-4575
- ELSA-2019-4576
- ELSA-2019-4577
- ELSA-2019-4596
- ELSA-2019-4600
- ELSA-2019-4612
- ELSA-2019-4642
- ELSA-2019-4643
- ELSA-2019-4644
- ELSA-2019-4646
- ELSA-2019-4670
- ELSA-2019-4672
- ELSA-2019-4675
- ELSA-2019-4685
- ELSA-2019-4729
- ELSA-2019-4739
- ELSA-2019-4741
- ELSA-2019-4746
- ELSA-2019-4808
- ELSA-2019-4810
- ELSA-2019-4812
- ELSA-2019-4820
- ELSA-2019-4836
- ELSA-2019-4850
- ELSA-2019-4854
- ELSA-2019-4855
- ELSA-2019-4871
- ELSA-2020-0834
- ELSA-2020-1016
- ELSA-2020-1769
- ELSA-2020-4182
- ELSA-2020-5708
- ELSA-2020-5715
- ELSA-2020-5750
- ELSA-2020-5753
- ELSA-2020-5754
- ELSA-2020-5755
- ELSA-2020-5837
- ELSA-2020-5845
- ELSA-2020-5866
- ELSA-2021-9459
- ELSA-2021-9534
- ELSA-2024-3138
- FEDORA-2018-0edb45d9db
- FEDORA-2018-1621b2204a
- FEDORA-2018-1c80fea1cd
- FEDORA-2018-2645eb8dab
- FEDORA-2018-2ee3411cb8
- FEDORA-2018-2f6df9abfb
- FEDORA-2018-3857a8b41a
- FEDORA-2018-49bda79bd5
- FEDORA-2018-50075276e8
- FEDORA-2018-5904d0794d
- FEDORA-2018-59e4747e0f
- FEDORA-2018-6e8c330d50
- FEDORA-2018-79d7c3d2df
- FEDORA-2018-8422d94975
- FEDORA-2018-8484550fff
- FEDORA-2018-87ba0312c2
- FEDORA-2018-94315e9a6b
- FEDORA-2018-9f4381d8c4
- FEDORA-2018-a0914af224
- FEDORA-2018-b68776e5b0
- FEDORA-2018-c0a1284064
- FEDORA-2018-ca0e10fc6e
- FEDORA-2018-cc812838fb
- FEDORA-2018-d77cc41f35
- FEDORA-2018-ddbaca855e
- FEDORA-2018-e820fccd83
- FEDORA-2018-f8cba144ae
- FEDORA-2019-021c968423
- FEDORA-2019-057d691fd4
- FEDORA-2019-124a241044
- FEDORA-2019-15e141c6a7
- FEDORA-2019-164946aa7f
- FEDORA-2019-1689d3fe07
- FEDORA-2019-16de0047d4
- FEDORA-2019-196ab64d65
- FEDORA-2019-1b986880ea
- FEDORA-2019-1e8a4c6958
- FEDORA-2019-20a89ca9af
- FEDORA-2019-337484d88b
- FEDORA-2019-3da64f3e61
- FEDORA-2019-3dbfaeac73
- FEDORA-2019-4002b91800
- FEDORA-2019-41e28660ae
- FEDORA-2019-48b34fc991
- FEDORA-2019-4c91a2f76e
- FEDORA-2019-509c133845
- FEDORA-2019-5b76e711b3
- FEDORA-2019-640f8d8dd1
- FEDORA-2019-65c6d11eba
- FEDORA-2019-6817686c4d
- FEDORA-2019-69c132b061
- FEDORA-2019-6bda4c81f4
- FEDORA-2019-6c3d89b3d0
- FEDORA-2019-7462acf8ba
- FEDORA-2019-7a3fc17778
- FEDORA-2019-7aecfe1c4b
- FEDORA-2019-7bdeed7fc5
- FEDORA-2019-7d3500d712
- FEDORA-2019-7ec378191e
- FEDORA-2019-8169b57f28
- FEDORA-2019-8219efa9f6
- FEDORA-2019-83858fc57b
- FEDORA-2019-87d807d7cb
- FEDORA-2019-87e7046631
- FEDORA-2019-8846a1a5a2
- FEDORA-2019-914542e05c
- FEDORA-2019-94dc902948
- FEDORA-2019-96b31a9602
- FEDORA-2019-97380355ae
- FEDORA-2019-9d3fe6fd5b
- FEDORA-2019-a570a92d5a
- FEDORA-2019-a6cd583a8d
- FEDORA-2019-a95015e60f
- FEDORA-2019-aabdaa013d
- FEDORA-2019-b0f7a7b74b
- FEDORA-2019-b318b2c6f3
- FEDORA-2019-be9add5b77
- FEDORA-2019-c03eda3cc6
- FEDORA-2019-c36afa818c
- FEDORA-2019-ce2933b003
- FEDORA-2019-e3010166bd
- FEDORA-2019-e37c348348
- FEDORA-2019-e6bf55e821
- FEDORA-2019-f40bd7826f
- FEDORA-2019-f812c9fb22
- FEDORA-2020-2a5cdd665c
- FEDORA-2020-c2d89d14d0
- FEDORA-2020-fe00e12580
- MS:CVE-2019-9506
- openSUSE-SU-2019:0065-1
- openSUSE-SU-2019:1193-1
- openSUSE-SU-2019:1404-1
- openSUSE-SU-2019:1479-1
- openSUSE-SU-2019:1571-1
- openSUSE-SU-2019:1579-1
- openSUSE-SU-2019:1716-1
- openSUSE-SU-2019:1757-1
- openSUSE-SU-2019:1923-1
- openSUSE-SU-2019:1924-1
- openSUSE-SU-2019:2173-1
- openSUSE-SU-2019:2181-1
- openSUSE-SU-2019:2307-1
- openSUSE-SU-2019:2308-1
- openSUSE-SU-2020:0543-1
- openSUSE-SU-2021:3876-1
- RHSA-2019:1873
- RHSA-2019:1891
- RHSA-2019:1959
- RHSA-2019:1971
- RHSA-2019:2029
- RHSA-2019:2043
- RHSA-2019:2169
- RHSA-2019:2405
- RHSA-2019:2411
- RHSA-2019:2703
- RHSA-2019:2736
- RHSA-2019:2741
- RHSA-2019:3055
- RHSA-2019:3076
- RHSA-2019:3089
- RHSA-2019:3309
- RHSA-2019:3517
- RHSA-2019:3836
- RHSA-2020:0834
- RHSA-2020:0839
- RHSA-2020:1016
- RHSA-2020:1070
- RHSA-2020:1567
- RHSA-2020:1769
- RHSA-2020:3220
- RHSA-2020:4182
- RHSA-2024:2950
- RHSA-2024:3138
- RLSA-2024:3138
- SSA:2019-030-01
- SSA:2019-169-01
- SSA:2019-202-01
- SSA:2019-226-01
- SSA:2019-311-01
- SSA:2020-086-01
- SUSE-SU-2018:2051-1
- SUSE-SU-2018:2092-1
- SUSE-SU-2018:2150-1
- SUSE-SU-2018:2222-1
- SUSE-SU-2018:2332-1
- SUSE-SU-2018:2344-1
- SUSE-SU-2018:2344-2
- SUSE-SU-2018:2362-1
- SUSE-SU-2018:2366-1
- SUSE-SU-2018:2384-1
- SUSE-SU-2018:2637-1
- SUSE-SU-2018:2775-1
- SUSE-SU-2018:2776-1
- SUSE-SU-2018:2858-1
- SUSE-SU-2018:2862-1
- SUSE-SU-2018:2879-1
- SUSE-SU-2018:2908-1
- SUSE-SU-2018:2908-2
- SUSE-SU-2018:2980-1
- SUSE-SU-2018:2981-1
- SUSE-SU-2018:3003-1
- SUSE-SU-2018:3004-1
- SUSE-SU-2018:3083-1
- SUSE-SU-2018:3084-1
- SUSE-SU-2018:3088-1
- SUSE-SU-2018:3618-1
- SUSE-SU-2018:3659-1
- SUSE-SU-2018:3961-1
- SUSE-SU-2019:0095-1
- SUSE-SU-2019:0148-1
- SUSE-SU-2019:0150-1
- SUSE-SU-2019:0196-1
- SUSE-SU-2019:0222-1
- SUSE-SU-2019:0224-1
- SUSE-SU-2019:0320-1
- SUSE-SU-2019:0422-1
- SUSE-SU-2019:0427-1
- SUSE-SU-2019:0427-2
- SUSE-SU-2019:0439-1
- SUSE-SU-2019:0466-1
- SUSE-SU-2019:0541-1
- SUSE-SU-2019:0765-1
- SUSE-SU-2019:0767-1
- SUSE-SU-2019:0784-1
- SUSE-SU-2019:0785-1
- SUSE-SU-2019:0801-1
- SUSE-SU-2019:0828-1
- SUSE-SU-2019:0901-1
- SUSE-SU-2019:1289-1
- SUSE-SU-2019:1527-1
- SUSE-SU-2019:1529-1
- SUSE-SU-2019:1530-1
- SUSE-SU-2019:1532-1
- SUSE-SU-2019:1533-1
- SUSE-SU-2019:1534-1
- SUSE-SU-2019:1535-1
- SUSE-SU-2019:1536-1
- SUSE-SU-2019:1550-1
- SUSE-SU-2019:1581-1
- SUSE-SU-2019:1588-1
- SUSE-SU-2019:1668-1
- SUSE-SU-2019:1671-1
- SUSE-SU-2019:1674-1
- SUSE-SU-2019:1692-1
- SUSE-SU-2019:1765-1
- SUSE-SU-2019:1767-1
- SUSE-SU-2019:1768-1
- SUSE-SU-2019:1823-1
- SUSE-SU-2019:1823-2
- SUSE-SU-2019:1829-1
- SUSE-SU-2019:1851-1
- SUSE-SU-2019:1852-1
- SUSE-SU-2019:1854-1
- SUSE-SU-2019:1855-1
- SUSE-SU-2019:1870-1
- SUSE-SU-2019:1882-1
- SUSE-SU-2019:1948-1
- SUSE-SU-2019:2068-1
- SUSE-SU-2019:2069-1
- SUSE-SU-2019:2070-1
- SUSE-SU-2019:2071-1
- SUSE-SU-2019:2072-1
- SUSE-SU-2019:2073-1
- SUSE-SU-2019:2232-1
- SUSE-SU-2019:2262-1
- SUSE-SU-2019:2263-1
- SUSE-SU-2019:2299-1
- SUSE-SU-2019:2412-1
- SUSE-SU-2019:2414-1
- SUSE-SU-2019:2424-1
- SUSE-SU-2019:2430-1
- SUSE-SU-2019:2450-1
- SUSE-SU-2019:2648-1
- SUSE-SU-2019:2651-1
- SUSE-SU-2019:2658-1
- SUSE-SU-2019:2706-1
- SUSE-SU-2019:2710-1
- SUSE-SU-2019:2738-1
- SUSE-SU-2019:2756-1
- SUSE-SU-2019:2821-1
- SUSE-SU-2019:2879-1
- SUSE-SU-2019:2949-1
- SUSE-SU-2019:2950-1
- SUSE-SU-2019:2984-1
- SUSE-SU-2019:3200-1
- SUSE-SU-2019:3223-1
- SUSE-SU-2019:3224-1
- SUSE-SU-2019:3225-1
- SUSE-SU-2019:3228-1
- SUSE-SU-2019:3230-1
- SUSE-SU-2019:3232-1
- SUSE-SU-2019:3246-1
- SUSE-SU-2019:3247-1
- SUSE-SU-2019:3248-1
- SUSE-SU-2019:3249-1
- SUSE-SU-2019:3252-1
- SUSE-SU-2019:3258-1
- SUSE-SU-2019:3260-1
- SUSE-SU-2019:3261-1
- SUSE-SU-2019:3263-1
- SUSE-SU-2019:3295-1
- SUSE-SU-2020:0093-1
- SUSE-SU-2020:1084-1
- SUSE-SU-2020:1085-1
- SUSE-SU-2020:1087-1
- SUSE-SU-2020:1118-1
- SUSE-SU-2020:1119-1
- SUSE-SU-2020:1123-1
- SUSE-SU-2020:1141-1
- SUSE-SU-2020:1142-1
- SUSE-SU-2020:1146-1
- SUSE-SU-2020:1255-1
- SUSE-SU-2020:1275-1
- SUSE-SU-2020:1663-1
- SUSE-SU-2021:3192-1
- SUSE-SU-2021:3206-1
- SUSE-SU-2021:3217-1
- SUSE-SU-2021:3876-1
- SUSE-SU-2021:3969-1
- SUSE-SU-2021:3972-1
- SUSE-SU-2022:0325-1
- SUSE-SU-2022:0327-1
- SUSE-SU-2022:0328-1
- SUSE-SU-2022:0329-1
- SUSE-SU-2022:0362-1
- SUSE-SU-2022:0477-1
- SUSE-SU-2022:2077-1
- SUSE-SU-2022:2082-1
- SUSE-SU-2022:3263-1
- SUSE-SU-2022:3294-1
- SUSE-SU-2023:0416-1
- SUSE-SU-2023:2805-1
- SUSE-SU-2023:3324-1
- USN-3821-1
- USN-3821-2
- USN-3879-1
- USN-3879-2
- USN-3910-1
- USN-3910-2
- USN-3932-1
- USN-3932-2
- USN-4005-1
- USN-4008-1
- USN-4008-3
- USN-4068-1
- USN-4068-2
- USN-4069-1
- USN-4069-2
- USN-4076-1
- USN-4093-1
- USN-4094-1
- USN-4095-1
- USN-4095-2
- USN-4114-1
- USN-4115-1
- USN-4116-1
- USN-4117-1
- USN-4145-1
- USN-4147-1
- USN-4211-1
- USN-4211-2
- USN-4286-1
- USN-4286-2
- USN-4351-1
- USN-4708-1
- USN-4709-1
- VU:304725
- VU:918987
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:deb/ubuntu/linux-image-aws?distro=bionic | ubuntu | linux-image-aws | < 4.15.0.1047.46 | bionic | ||
Affected | pkg:deb/ubuntu/linux-image-aws-hwe?distro=xenial | ubuntu | linux-image-aws-hwe | < 4.15.0.1047.47 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1047-aws?distro=xenial | ubuntu | linux-image-4.15.0-1047-aws | < 4.15.0-1047.49~16.04.1 | xenial | ||
Affected | pkg:deb/ubuntu/linux-image-4.15.0-1047-aws?distro=bionic | ubuntu | linux-image-4.15.0-1047-aws | < 4.15.0-1047.49 | bionic |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |