usn-3981-2
Vulnerability from osv_ubuntu
Published
2019-05-15 04:05
Modified
2026-06-01 07:03
Summary
linux-hwe, linux-azure, linux-gcp, linux-oracle vulnerabilities
Details

USN-3981-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS.

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered that memory previously stored in microarchitectural fill buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12130)

Brandon Falk, Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that memory previously stored in microarchitectural load ports of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12127)

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Marina Minkin, Daniel Moghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel Gruss, Berk Sunar, Frank Piessens, and Yuval Yarom discovered that memory previously stored in microarchitectural store buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2018-12126)

Vasily Averin and Evgenii Shatokhin discovered that a use-after-free vulnerability existed in the NFS41+ subsystem when multiple network namespaces are in use. A local attacker in a container could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-16884)

Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Volodrmyr Pikhur, Moritz Lipp, Michael Schwarz, Daniel Gruss, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and Cristiano Giuffrida discovered that uncacheable memory previously stored in microarchitectural buffers of an Intel CPU core may be exposed to a malicious process that is executing on the same CPU core. A local attacker could use this to expose sensitive information. (CVE-2019-11091)

Matteo Croce, Natale Vinto, and Andrea Spagnolo discovered that the cgroups subsystem of the Linux kernel did not properly account for SCTP socket buffers. A local attacker could use this to cause a denial of service (system crash). (CVE-2019-3874)

Alex Williamson discovered that the vfio subsystem of the Linux kernel did not properly limit DMA mappings. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-3882)

Hugues Anguelkov discovered that the Broadcom Wifi driver in the Linux kernel contained a heap buffer overflow. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-9500)

Hugues Anguelkov discovered that the Broadcom Wifi driver in the Linux kernel did not properly prevent remote firmware events from being processed for USB Wifi devices. A physically proximate attacker could use this to send firmware events to the device. (CVE-2019-9503)


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2018-12126",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-12127",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-12130",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-16884",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-3874",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-3882",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-9500",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-9503",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-11091",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:14.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "linux-azure-cloud-tools-4.15.0-1045",
            "binary_version": "4.15.0-1045.49~14.04.1"
          },
          {
            "binary_name": "linux-azure-headers-4.15.0-1045",
            "binary_version": "4.15.0-1045.49~14.04.1"
          },
          {
            "binary_name": "linux-azure-tools-4.15.0-1045",
            "binary_version": "4.15.0-1045.49~14.04.1"
          },
          {
            "binary_name": "linux-buildinfo-4.15.0-1045-azure",
            "binary_version": "4.15.0-1045.49~14.04.1"
          },
          {
            "binary_name": "linux-cloud-tools-4.15.0-1045-azure",
            "binary_version": "4.15.0-1045.49~14.04.1"
          },
          {
            "binary_name": "linux-headers-4.15.0-1045-azure",
            "binary_version": "4.15.0-1045.49~14.04.1"
          },
          {
            "binary_name": "linux-image-unsigned-4.15.0-1045-azure",
            "binary_version": "4.15.0-1045.49~14.04.1"
          },
          {
            "binary_name": "linux-modules-4.15.0-1045-azure",
            "binary_version": "4.15.0-1045.49~14.04.1"
          },
          {
            "binary_name": "linux-modules-extra-4.15.0-1045-azure",
            "binary_version": "4.15.0-1045.49~14.04.1"
          },
          {
            "binary_name": "linux-tools-4.15.0-1045-azure",
            "binary_version": "4.15.0-1045.49~14.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:14.04:LTS",
        "name": "linux-azure",
        "purl": "pkg:deb/ubuntu/linux-azure@4.15.0-1045.49~14.04.1?arch=source\u0026distro=trusty"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.15.0-1045.49~14.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.15.0-1023.24~14.04.1",
        "4.15.0-1030.31~14.04.1",
        "4.15.0-1031.32~14.04.1",
        "4.15.0-1032.33~14.04.2",
        "4.15.0-1035.36~14.04.2",
        "4.15.0-1036.38~14.04.2",
        "4.15.0-1037.39~14.04.2",
        "4.15.0-1039.41~14.04.2",
        "4.15.0-1040.44~14.04.1",
        "4.15.0-1041.45~14.04.1",
        "4.15.0-1042.46~14.04.1"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2018-12126",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-12127",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-12130",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-16884",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-3874",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-3882",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-9500",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-9503",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-11091",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "linux-azure-cloud-tools-4.15.0-1045",
            "binary_version": "4.15.0-1045.49"
          },
          {
            "binary_name": "linux-azure-headers-4.15.0-1045",
            "binary_version": "4.15.0-1045.49"
          },
          {
            "binary_name": "linux-azure-tools-4.15.0-1045",
            "binary_version": "4.15.0-1045.49"
          },
          {
            "binary_name": "linux-buildinfo-4.15.0-1045-azure",
            "binary_version": "4.15.0-1045.49"
          },
          {
            "binary_name": "linux-cloud-tools-4.15.0-1045-azure",
            "binary_version": "4.15.0-1045.49"
          },
          {
            "binary_name": "linux-headers-4.15.0-1045-azure",
            "binary_version": "4.15.0-1045.49"
          },
          {
            "binary_name": "linux-image-unsigned-4.15.0-1045-azure",
            "binary_version": "4.15.0-1045.49"
          },
          {
            "binary_name": "linux-modules-4.15.0-1045-azure",
            "binary_version": "4.15.0-1045.49"
          },
          {
            "binary_name": "linux-modules-extra-4.15.0-1045-azure",
            "binary_version": "4.15.0-1045.49"
          },
          {
            "binary_name": "linux-tools-4.15.0-1045-azure",
            "binary_version": "4.15.0-1045.49"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:16.04:LTS",
        "name": "linux-azure",
        "purl": "pkg:deb/ubuntu/linux-azure@4.15.0-1045.49?arch=source\u0026distro=xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.15.0-1045.49"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.11.0-1009.9",
        "4.11.0-1011.11",
        "4.11.0-1013.13",
        "4.11.0-1014.14",
        "4.11.0-1015.15",
        "4.11.0-1016.16",
        "4.13.0-1005.7",
        "4.13.0-1006.8",
        "4.13.0-1007.9",
        "4.13.0-1009.12",
        "4.13.0-1011.14",
        "4.13.0-1012.15",
        "4.13.0-1014.17",
        "4.13.0-1016.19",
        "4.13.0-1018.21",
        "4.15.0-1013.13~16.04.2",
        "4.15.0-1014.14~16.04.1",
        "4.15.0-1018.18~16.04.1",
        "4.15.0-1019.19~16.04.1",
        "4.15.0-1021.21~16.04.1",
        "4.15.0-1022.22~16.04.1",
        "4.15.0-1023.24~16.04.1",
        "4.15.0-1025.26~16.04.1",
        "4.15.0-1028.29~16.04.1",
        "4.15.0-1030.31~16.04.1",
        "4.15.0-1031.32~16.04.1",
        "4.15.0-1032.33~16.04.1",
        "4.15.0-1035.36~16.04.1",
        "4.15.0-1036.38~16.04.1",
        "4.15.0-1037.39~16.04.1",
        "4.15.0-1039.43",
        "4.15.0-1040.44",
        "4.15.0-1041.45",
        "4.15.0-1042.46"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2018-12126",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-12127",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-12130",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-16884",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-3874",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-3882",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-9500",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-9503",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-11091",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "linux-buildinfo-4.15.0-1032-gcp",
            "binary_version": "4.15.0-1032.34~16.04.1"
          },
          {
            "binary_name": "linux-gcp-headers-4.15.0-1032",
            "binary_version": "4.15.0-1032.34~16.04.1"
          },
          {
            "binary_name": "linux-gcp-tools-4.15.0-1032",
            "binary_version": "4.15.0-1032.34~16.04.1"
          },
          {
            "binary_name": "linux-headers-4.15.0-1032-gcp",
            "binary_version": "4.15.0-1032.34~16.04.1"
          },
          {
            "binary_name": "linux-image-unsigned-4.15.0-1032-gcp",
            "binary_version": "4.15.0-1032.34~16.04.1"
          },
          {
            "binary_name": "linux-modules-4.15.0-1032-gcp",
            "binary_version": "4.15.0-1032.34~16.04.1"
          },
          {
            "binary_name": "linux-modules-extra-4.15.0-1032-gcp",
            "binary_version": "4.15.0-1032.34~16.04.1"
          },
          {
            "binary_name": "linux-tools-4.15.0-1032-gcp",
            "binary_version": "4.15.0-1032.34~16.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:16.04:LTS",
        "name": "linux-gcp",
        "purl": "pkg:deb/ubuntu/linux-gcp@4.15.0-1032.34~16.04.1?arch=source\u0026distro=xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.15.0-1032.34~16.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.10.0-1004.4",
        "4.10.0-1006.6",
        "4.10.0-1007.7",
        "4.10.0-1008.8",
        "4.10.0-1009.9",
        "4.13.0-1002.5",
        "4.13.0-1006.9",
        "4.13.0-1007.10",
        "4.13.0-1008.11",
        "4.13.0-1011.15",
        "4.13.0-1012.16",
        "4.13.0-1013.17",
        "4.13.0-1015.19",
        "4.13.0-1017.21",
        "4.13.0-1019.23",
        "4.15.0-1014.14~16.04.1",
        "4.15.0-1015.15~16.04.1",
        "4.15.0-1017.18~16.04.1",
        "4.15.0-1018.19~16.04.2",
        "4.15.0-1019.20~16.04.1",
        "4.15.0-1021.22~16.04.1",
        "4.15.0-1023.24~16.04.1",
        "4.15.0-1024.25~16.04.2",
        "4.15.0-1025.26~16.04.1",
        "4.15.0-1026.27~16.04.1",
        "4.15.0-1027.28~16.04.1",
        "4.15.0-1028.29~16.04.1",
        "4.15.0-1029.31~16.04.1",
        "4.15.0-1030.32~16.04.1"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2018-12126",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-12127",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-12130",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-16884",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-3874",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-3882",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-9500",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-9503",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-11091",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "block-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "block-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "crypto-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "crypto-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "dasd-extra-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "dasd-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "fat-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "fat-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "fb-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "firewire-core-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "floppy-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "fs-core-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "fs-core-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "fs-secondary-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "input-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "input-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "ipmi-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "ipmi-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "irda-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "irda-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "kernel-image-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "kernel-image-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-buildinfo-4.15.0-50-generic",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-buildinfo-4.15.0-50-generic-lpae",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-buildinfo-4.15.0-50-lowlatency",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-cloud-tools-4.15.0-50-generic",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-cloud-tools-4.15.0-50-lowlatency",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-headers-4.15.0-50",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-headers-4.15.0-50-generic",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-headers-4.15.0-50-generic-lpae",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-headers-4.15.0-50-lowlatency",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-hwe-cloud-tools-4.15.0-50",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-hwe-tools-4.15.0-50",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-hwe-udebs-generic",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-hwe-udebs-generic-lpae",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-image-4.15.0-50-generic",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-image-4.15.0-50-generic-lpae",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-image-4.15.0-50-lowlatency",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-image-unsigned-4.15.0-50-generic",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-image-unsigned-4.15.0-50-lowlatency",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-modules-4.15.0-50-generic",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-modules-4.15.0-50-generic-lpae",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-modules-4.15.0-50-lowlatency",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-modules-extra-4.15.0-50-generic",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-source-4.15.0",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-tools-4.15.0-50-generic",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-tools-4.15.0-50-generic-lpae",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "linux-tools-4.15.0-50-lowlatency",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "md-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "md-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "message-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "mouse-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "mouse-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "multipath-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "multipath-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "nfs-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "nfs-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "nic-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "nic-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "nic-pcmcia-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "nic-shared-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "nic-shared-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "nic-usb-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "nic-usb-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "parport-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "parport-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "pata-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "pcmcia-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "pcmcia-storage-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "plip-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "plip-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "ppp-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "ppp-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "sata-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "sata-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "scsi-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "scsi-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "serial-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "storage-core-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "storage-core-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "usb-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "usb-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "virtio-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "vlan-modules-4.15.0-50-generic-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          },
          {
            "binary_name": "vlan-modules-4.15.0-50-generic-lpae-di",
            "binary_version": "4.15.0-50.54~16.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:16.04:LTS",
        "name": "linux-hwe",
        "purl": "pkg:deb/ubuntu/linux-hwe@4.15.0-50.54~16.04.1?arch=source\u0026distro=xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.15.0-50.54~16.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.8.0-36.36~16.04.1",
        "4.8.0-39.42~16.04.1",
        "4.8.0-41.44~16.04.1",
        "4.8.0-42.45~16.04.1",
        "4.8.0-44.47~16.04.1",
        "4.8.0-45.48~16.04.1",
        "4.8.0-46.49~16.04.1",
        "4.8.0-49.52~16.04.1",
        "4.8.0-51.54~16.04.1",
        "4.8.0-52.55~16.04.1",
        "4.8.0-53.56~16.04.1",
        "4.8.0-54.57~16.04.1",
        "4.8.0-56.61~16.04.1",
        "4.8.0-58.63~16.04.1",
        "4.10.0-27.30~16.04.2",
        "4.10.0-28.32~16.04.2",
        "4.10.0-30.34~16.04.1",
        "4.10.0-32.36~16.04.1",
        "4.10.0-33.37~16.04.1",
        "4.10.0-35.39~16.04.1",
        "4.10.0-37.41~16.04.1",
        "4.10.0-38.42~16.04.1",
        "4.10.0-40.44~16.04.1",
        "4.10.0-42.46~16.04.1",
        "4.13.0-26.29~16.04.2",
        "4.13.0-31.34~16.04.1",
        "4.13.0-32.35~16.04.1",
        "4.13.0-36.40~16.04.1",
        "4.13.0-37.42~16.04.1",
        "4.13.0-38.43~16.04.1",
        "4.13.0-39.44~16.04.1",
        "4.13.0-41.46~16.04.1",
        "4.13.0-43.48~16.04.1",
        "4.13.0-45.50~16.04.1",
        "4.15.0-24.26~16.04.1",
        "4.15.0-29.31~16.04.1",
        "4.15.0-30.32~16.04.1",
        "4.15.0-32.35~16.04.1",
        "4.15.0-33.36~16.04.1",
        "4.15.0-34.37~16.04.1",
        "4.15.0-36.39~16.04.1",
        "4.15.0-38.41~16.04.1",
        "4.15.0-39.42~16.04.1",
        "4.15.0-42.45~16.04.1",
        "4.15.0-43.46~16.04.1",
        "4.15.0-45.48~16.04.1",
        "4.15.0-46.49~16.04.1",
        "4.15.0-47.50~16.04.1",
        "4.15.0-48.51~16.04.1"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2018-12126",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-12127",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-12130",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "high",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2018-16884",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:C/C:N/I:L/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-3874",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-3882",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-9500",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-9503",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:A/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2019-11091",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "linux-buildinfo-4.15.0-1013-oracle",
            "binary_version": "4.15.0-1013.15~16.04.1"
          },
          {
            "binary_name": "linux-headers-4.15.0-1013-oracle",
            "binary_version": "4.15.0-1013.15~16.04.1"
          },
          {
            "binary_name": "linux-image-unsigned-4.15.0-1013-oracle",
            "binary_version": "4.15.0-1013.15~16.04.1"
          },
          {
            "binary_name": "linux-modules-4.15.0-1013-oracle",
            "binary_version": "4.15.0-1013.15~16.04.1"
          },
          {
            "binary_name": "linux-modules-extra-4.15.0-1013-oracle",
            "binary_version": "4.15.0-1013.15~16.04.1"
          },
          {
            "binary_name": "linux-oracle-headers-4.15.0-1013",
            "binary_version": "4.15.0-1013.15~16.04.1"
          },
          {
            "binary_name": "linux-oracle-tools-4.15.0-1013",
            "binary_version": "4.15.0-1013.15~16.04.1"
          },
          {
            "binary_name": "linux-tools-4.15.0-1013-oracle",
            "binary_version": "4.15.0-1013.15~16.04.1"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:16.04:LTS",
        "name": "linux-oracle",
        "purl": "pkg:deb/ubuntu/linux-oracle@4.15.0-1013.15~16.04.1?arch=source\u0026distro=xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "4.15.0-1013.15~16.04.1"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "4.15.0-1007.9~16.04.1",
        "4.15.0-1008.10~16.04.1",
        "4.15.0-1009.11~16.04.1",
        "4.15.0-1010.12~16.04.1",
        "4.15.0-1011.13~16.04.1"
      ]
    }
  ],
  "aliases": [],
  "details": "USN-3981-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu\n16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS.\n\nKe Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan\nHorea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa\nMilburn, Sebastian \u00d6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos,\nCristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss\ndiscovered that memory previously stored in microarchitectural fill buffers\nof an Intel CPU core may be exposed to a malicious process that is\nexecuting on the same CPU core. A local attacker could use this to expose\nsensitive information. (CVE-2018-12130)\n\nBrandon Falk, Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Stephan\nvan Schaik, Alyssa Milburn, Sebastian \u00d6sterlund, Pietro Frigo, Kaveh\nRazavi, Herbert Bos, and Cristiano Giuffrida discovered that memory\npreviously stored in microarchitectural load ports of an Intel CPU core may\nbe exposed to a malicious process that is executing on the same CPU core. A\nlocal attacker could use this to expose sensitive information.\n(CVE-2018-12127)\n\nKe Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Marina Minkin, Daniel\nMoghimi, Moritz Lipp, Michael Schwarz, Jo Van Bulck, Daniel Genkin, Daniel\nGruss, Berk Sunar, Frank Piessens, and Yuval Yarom discovered that memory\npreviously stored in microarchitectural store buffers of an Intel CPU core\nmay be exposed to a malicious process that is executing on the same CPU\ncore. A local attacker could use this to expose sensitive information.\n(CVE-2018-12126)\n\nVasily Averin and Evgenii Shatokhin discovered that a use-after-free\nvulnerability existed in the NFS41+ subsystem when multiple network\nnamespaces are in use. A local attacker in a container could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2018-16884)\n\nKe Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Volodrmyr Pikhur,\nMoritz Lipp, Michael Schwarz, Daniel Gruss, Stephan van Schaik, Alyssa\nMilburn, Sebastian \u00d6sterlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, and\nCristiano Giuffrida discovered that uncacheable memory previously stored in\nmicroarchitectural buffers of an Intel CPU core may be exposed to a\nmalicious process that is executing on the same CPU core. A local attacker\ncould use this to expose sensitive information. (CVE-2019-11091)\n\nMatteo Croce, Natale Vinto, and Andrea Spagnolo discovered that the cgroups\nsubsystem of the Linux kernel did not properly account for SCTP socket\nbuffers. A local attacker could use this to cause a denial of service\n(system crash). (CVE-2019-3874)\n\nAlex Williamson discovered that the vfio subsystem of the Linux kernel did\nnot properly limit DMA mappings. A local attacker could use this to cause a\ndenial of service (memory exhaustion). (CVE-2019-3882)\n\nHugues Anguelkov discovered that the Broadcom Wifi driver in the Linux\nkernel contained a heap buffer overflow. A physically proximate attacker\ncould use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-9500)\n\nHugues Anguelkov discovered that the Broadcom Wifi driver in the Linux\nkernel did not properly prevent remote firmware events from being processed\nfor USB Wifi devices. A physically proximate attacker could use this to\nsend firmware events to the device. (CVE-2019-9503)\n",
  "id": "USN-3981-2",
  "modified": "2026-06-01T07:03:49Z",
  "published": "2019-05-15T04:05:22Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-3981-2"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-12126"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-12127"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-12130"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2018-16884"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2019-3874"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2019-3882"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2019-9500"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2019-9503"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2019-11091"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "linux-hwe, linux-azure, linux-gcp, linux-oracle vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2018-12126",
    "UBUNTU-CVE-2018-12127",
    "UBUNTU-CVE-2018-12130",
    "UBUNTU-CVE-2018-16884",
    "UBUNTU-CVE-2019-3874",
    "UBUNTU-CVE-2019-3882",
    "UBUNTU-CVE-2019-9500",
    "UBUNTU-CVE-2019-9503",
    "UBUNTU-CVE-2019-11091"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…