usn-3821-2
Vulnerability from osv_ubuntu
Published
2018-11-14 22:36
Modified
2026-06-03 10:45
Summary
linux-lts-xenial, linux-aws vulnerabilities
Details

USN-3821-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS.

Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service (system crash). (CVE-2018-10880)

It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. (CVE-2018-13053)

Wen Xu discovered that the f2fs filesystem implementation in the Linux kernel did not properly validate metadata. An attacker could use this to construct a malicious f2fs image that, when mounted, could cause a denial of service (system crash). (CVE-2018-13096)

Wen Xu and Po-Ning Tseng discovered that the btrfs filesystem implementation in the Linux kernel did not properly handle relocations in some situations. An attacker could use this to construct a malicious btrfs image that, when mounted, could cause a denial of service (system crash). (CVE-2018-14609)

Wen Xu discovered that the HFS+ filesystem implementation in the Linux kernel did not properly handle malformed catalog data in some situations. An attacker could use this to construct a malicious HFS+ image that, when mounted, could cause a denial of service (system crash). (CVE-2018-14617)

Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. (CVE-2018-17972)

It was discovered that the KVM implementation in the Linux kernel on ARM 64bit processors did not properly handle some ioctls. An attacker with the privilege to create KVM-based virtual machines could use this to cause a denial of service (host system crash) or execute arbitrary code in the host. (CVE-2018-18021)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2018-10880",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-13053",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-13096",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-14609",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-14617",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-17972",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-18021",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:14.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "linux-aws-cloud-tools-4.4.0-1034",
            "binary_version": "4.4.0-1034.37"
          },
          {
            "binary_name": "linux-aws-headers-4.4.0-1034",
            "binary_version": "4.4.0-1034.37"
          },
          {
            "binary_name": "linux-aws-tools-4.4.0-1034",
            "binary_version": "4.4.0-1034.37"
          },
          {
            "binary_name": "linux-cloud-tools-4.4.0-1034-aws",
            "binary_version": "4.4.0-1034.37"
          },
          {
            "binary_name": "linux-headers-4.4.0-1034-aws",
            "binary_version": "4.4.0-1034.37"
          },
          {
            "binary_name": "linux-image-4.4.0-1034-aws",
            "binary_version": "4.4.0-1034.37"
          },
          {
            "binary_name": "linux-tools-4.4.0-1034-aws",
            "binary_version": "4.4.0-1034.37"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:14.04:LTS",
        "name": "linux-aws",
        "purl": "pkg:deb/ubuntu/linux-aws@4.4.0-1034.37?arch=source\u0026distro=trusty"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.4.0-1034.37"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.4.0-1002.2",
        "4.4.0-1003.3",
        "4.4.0-1005.5",
        "4.4.0-1006.6",
        "4.4.0-1009.9",
        "4.4.0-1010.10",
        "4.4.0-1011.11",
        "4.4.0-1012.12",
        "4.4.0-1014.14",
        "4.4.0-1016.16",
        "4.4.0-1017.17",
        "4.4.0-1019.19",
        "4.4.0-1022.22",
        "4.4.0-1023.23",
        "4.4.0-1024.25",
        "4.4.0-1025.26",
        "4.4.0-1027.30",
        "4.4.0-1028.31",
        "4.4.0-1029.32",
        "4.4.0-1031.34",
        "4.4.0-1032.35"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2018-10880",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-13053",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-13096",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-14609",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-14617",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-17972",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-18021",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:14.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "block-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "block-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "block-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "block-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "block-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "crypto-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "crypto-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "crypto-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "crypto-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "crypto-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fat-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fat-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fat-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fat-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fat-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fb-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "firewire-core-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "firewire-core-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "firewire-core-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "firewire-core-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "floppy-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "floppy-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "floppy-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "floppy-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fs-core-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fs-core-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fs-core-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fs-core-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fs-core-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "input-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "input-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "input-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "input-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "input-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "ipmi-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "ipmi-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "ipmi-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "ipmi-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "ipmi-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "irda-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "irda-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "irda-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "irda-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "irda-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "kernel-image-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "kernel-image-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "kernel-image-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "kernel-image-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "kernel-image-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-cloud-tools-4.4.0-139-generic",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-cloud-tools-4.4.0-139-lowlatency",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-139",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-139-generic",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-139-generic-lpae",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-139-lowlatency",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-139-powerpc-e500mc",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-139-powerpc-smp",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-139-powerpc64-emb",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.4.0-139-powerpc64-smp",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-image-4.4.0-139-generic",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-image-4.4.0-139-generic-lpae",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-image-4.4.0-139-lowlatency",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-image-4.4.0-139-powerpc-e500mc",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-image-4.4.0-139-powerpc-smp",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-image-4.4.0-139-powerpc64-emb",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-image-4.4.0-139-powerpc64-smp",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-image-extra-4.4.0-139-generic",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-lts-xenial-cloud-tools-4.4.0-139",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-lts-xenial-tools-4.4.0-139",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-lts-xenial-udebs-generic",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-lts-xenial-udebs-generic-lpae",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-lts-xenial-udebs-powerpc-e500mc",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-lts-xenial-udebs-powerpc-smp",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-lts-xenial-udebs-powerpc64-smp",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.4.0-139-generic",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.4.0-139-generic-lpae",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.4.0-139-lowlatency",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.4.0-139-powerpc-e500mc",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.4.0-139-powerpc-smp",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.4.0-139-powerpc64-emb",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.4.0-139-powerpc64-smp",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "md-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "md-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "md-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "md-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "md-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "message-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "message-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "message-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "message-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "mouse-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "mouse-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "mouse-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "mouse-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "mouse-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "multipath-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "multipath-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "multipath-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "multipath-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "multipath-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nfs-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nfs-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nfs-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nfs-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nfs-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-pcmcia-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-shared-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-shared-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-shared-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-shared-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-shared-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-usb-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-usb-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-usb-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-usb-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "nic-usb-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "parport-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "parport-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "parport-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "parport-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "parport-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "pata-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "pata-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "pata-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "pata-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "pcmcia-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "pcmcia-storage-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "plip-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "plip-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "plip-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "plip-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "plip-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "ppp-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "ppp-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "ppp-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "ppp-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "ppp-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "sata-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "sata-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "sata-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "sata-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "sata-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "scsi-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "scsi-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "scsi-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "scsi-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "scsi-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "serial-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "speakup-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "speakup-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "speakup-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "speakup-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "speakup-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "storage-core-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "storage-core-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "storage-core-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "storage-core-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "storage-core-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "usb-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "usb-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "usb-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "usb-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "usb-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "virtio-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "virtio-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "virtio-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "virtio-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "vlan-modules-4.4.0-139-generic-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "vlan-modules-4.4.0-139-generic-lpae-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "vlan-modules-4.4.0-139-powerpc-e500mc-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "vlan-modules-4.4.0-139-powerpc-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          },
          {
            "binary_name": "vlan-modules-4.4.0-139-powerpc64-smp-di",
            "binary_version": "4.4.0-139.165~14.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:14.04:LTS",
        "name": "linux-lts-xenial",
        "purl": "pkg:deb/ubuntu/linux-lts-xenial@4.4.0-139.165~14.04.1?arch=source\u0026distro=trusty"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.4.0-139.165~14.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.4.0-13.29~14.04.1",
        "4.4.0-14.30~14.04.2",
        "4.4.0-15.31~14.04.1",
        "4.4.0-18.34~14.04.1",
        "4.4.0-21.37~14.04.1",
        "4.4.0-22.39~14.04.1",
        "4.4.0-22.40~14.04.1",
        "4.4.0-24.43~14.04.1",
        "4.4.0-28.47~14.04.1",
        "4.4.0-31.50~14.04.1",
        "4.4.0-34.53~14.04.1",
        "4.4.0-36.55~14.04.1",
        "4.4.0-38.57~14.04.1",
        "4.4.0-42.62~14.04.1",
        "4.4.0-45.66~14.04.1",
        "4.4.0-47.68~14.04.1",
        "4.4.0-51.72~14.04.1",
        "4.4.0-53.74~14.04.1",
        "4.4.0-57.78~14.04.1",
        "4.4.0-59.80~14.04.1",
        "4.4.0-62.83~14.04.1",
        "4.4.0-63.84~14.04.2",
        "4.4.0-64.85~14.04.1",
        "4.4.0-66.87~14.04.1",
        "4.4.0-67.88~14.04.1",
        "4.4.0-70.91~14.04.1",
        "4.4.0-71.92~14.04.1",
        "4.4.0-72.93~14.04.1",
        "4.4.0-75.96~14.04.1",
        "4.4.0-78.99~14.04.2",
        "4.4.0-79.100~14.04.1",
        "4.4.0-81.104~14.04.1",
        "4.4.0-83.106~14.04.1",
        "4.4.0-87.110~14.04.1",
        "4.4.0-89.112~14.04.1",
        "4.4.0-91.114~14.04.1",
        "4.4.0-92.115~14.04.1",
        "4.4.0-93.116~14.04.1",
        "4.4.0-96.119~14.04.1",
        "4.4.0-97.120~14.04.1",
        "4.4.0-98.121~14.04.1",
        "4.4.0-101.124~14.04.1",
        "4.4.0-103.126~14.04.1",
        "4.4.0-104.127~14.04.1",
        "4.4.0-108.131~14.04.1",
        "4.4.0-109.132~14.04.1",
        "4.4.0-111.134~14.04.1",
        "4.4.0-112.135~14.04.1",
        "4.4.0-116.140~14.04.1",
        "4.4.0-119.143~14.04.1",
        "4.4.0-121.145~14.04.1",
        "4.4.0-124.148~14.04.1",
        "4.4.0-127.153~14.04.1",
        "4.4.0-128.154~14.04.1",
        "4.4.0-130.156~14.04.1",
        "4.4.0-131.157~14.04.1",
        "4.4.0-133.159~14.04.1",
        "4.4.0-134.160~14.04.1",
        "4.4.0-135.161~14.04.1",
        "4.4.0-137.163~14.04.1",
        "4.4.0-138.164~14.04.1"
      ]
    }
  ],
  "aliases": [],
  "details": "USN-3821-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 LTS.\n\nWen Xu discovered that the ext4 filesystem implementation in the Linux\nkernel did not properly ensure that xattr information remained in inode\nbodies. An attacker could use this to construct a malicious ext4 image\nthat, when mounted, could cause a denial of service (system crash).\n(CVE-2018-10880)\n\nIt was discovered that the alarmtimer implementation in the Linux kernel\ncontained an integer overflow vulnerability. A local attacker could use\nthis to cause a denial of service. (CVE-2018-13053)\n\nWen Xu discovered that the f2fs filesystem implementation in the Linux\nkernel did not properly validate metadata. An attacker could use this to\nconstruct a malicious f2fs image that, when mounted, could cause a denial\nof service (system crash). (CVE-2018-13096)\n\nWen Xu and Po-Ning Tseng discovered that the btrfs filesystem\nimplementation in the Linux kernel did not properly handle relocations in\nsome situations. An attacker could use this to construct a malicious btrfs\nimage that, when mounted, could cause a denial of service (system crash).\n(CVE-2018-14609)\n\nWen Xu discovered that the HFS+ filesystem implementation in the Linux\nkernel did not properly handle malformed catalog data in some situations.\nAn attacker could use this to construct a malicious HFS+ image that, when\nmounted, could cause a denial of service (system crash). (CVE-2018-14617)\n\nJann Horn discovered that the procfs file system implementation in the\nLinux kernel did not properly restrict the ability to inspect the kernel\nstack of an arbitrary task. A local attacker could use this to expose\nsensitive information. (CVE-2018-17972)\n\nIt was discovered that the KVM implementation in the Linux kernel on ARM\n64bit processors did not properly handle some ioctls. An attacker with the\nprivilege to create KVM-based virtual machines could use this to cause a\ndenial of service (host system crash) or execute arbitrary code in the\nhost. (CVE-2018-18021)\n",
  "id": "USN-3821-2",
  "modified": "2026-06-03T10:45:17Z",
  "published": "2018-11-14T22:36:19Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-3821-2"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-10880"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-13053"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-13096"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-14609"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-14617"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-17972"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-18021"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "linux-lts-xenial, linux-aws vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2018-10880",
    "UBUNTU-CVE-2018-13053",
    "UBUNTU-CVE-2018-13096",
    "UBUNTU-CVE-2018-14609",
    "UBUNTU-CVE-2018-14617",
    "UBUNTU-CVE-2018-17972",
    "UBUNTU-CVE-2018-18021"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…