UBUNTU-CVE-2018-12633
- Source
- https://ubuntu.com/security/CVE-2018-12633
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-12633.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/UBUNTU-CVE-2018-12633
- Upstream
- Published
- 2018-06-22T00:29:00Z
- Modified
- 2025-10-31T04:50:52Z
- Severity
-
- 6.3 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
An issue was discovered in the Linux kernel through 4.17.2. vbgmiscdeviceioctl() in drivers/virt/vboxguest/vboxguestlinux.c reads the same user data twice with copyfromuser. The header part of the user data is double-fetched, and a malicious user thread can tamper with the critical variables (hdr.sizein and hdr.sizeout) in the header between the two fetches because of a race condition, leading to severe kernel errors, such as buffer over-accesses. This bug can cause a local denial of service and information leakage.
- References
-
- https://ubuntu.com/security/CVE-2018-12633
- http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bd23a7269834dc7c1f93e83535d16ebc44b75eba
- https://bugzilla.kernel.org/show_bug.cgi?id=200131
- https://github.com/torvalds/linux/commit/bd23a7269834dc7c1f93e83535d16ebc44b75eba
- https://www.cve.org/CVERecord?id=CVE-2018-12633
Affected packages
Ubuntu:16.04:LTS
virtualbox
Package
- Name
- virtualbox
- Purl
- pkg:deb/ubuntu/virtualbox@5.1.38-dfsg-0ubuntu1.16.04.3?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.0.4-dfsg-2
5.0.8-dfsg-1
5.0.10-dfsg-1
5.0.10-dfsg-2
5.0.10-dfsg-3
5.0.10-dfsg-4
5.0.10-dfsg-5
5.0.10-dfsg-6
5.0.10-dfsg-7
5.0.12-dfsg-1
5.0.12-dfsg-2
5.0.14-dfsg-1
5.0.14-dfsg-2
5.0.14-dfsg-2build1
5.0.16-dfsg-2
5.0.16-dfsg-3
5.0.18-dfsg-1
5.0.18-dfsg-1ubuntu1
5.0.18-dfsg-2
5.0.18-dfsg-2build1
5.0.18-dfsg-2ubuntu1
5.0.24-dfsg-0ubuntu1.16.04.1
5.0.32-dfsg-0ubuntu1.16.04.2
5.0.36-dfsg-0ubuntu1.16.04.2
5.0.40-dfsg-0ubuntu1.16.04.1
5.0.40-dfsg-0ubuntu1.16.04.2
5.1.34-dfsg-0ubuntu1.16.04.2
5.1.38-dfsg-0ubuntu1.16.04.1
5.1.38-dfsg-0ubuntu1.16.04.2
5.1.38-dfsg-0ubuntu1.16.04.3
Ecosystem specific
{
"binaries": [
{
"binary_name": "virtualbox",
"binary_version": "5.1.38-dfsg-0ubuntu1.16.04.3"
},
{
"binary_name": "virtualbox-dkms",
"binary_version": "5.1.38-dfsg-0ubuntu1.16.04.3"
},
{
"binary_name": "virtualbox-guest-dkms",
"binary_version": "5.1.38-dfsg-0ubuntu1.16.04.3"
},
{
"binary_name": "virtualbox-guest-source",
"binary_version": "5.1.38-dfsg-0ubuntu1.16.04.3"
},
{
"binary_name": "virtualbox-guest-utils",
"binary_version": "5.1.38-dfsg-0ubuntu1.16.04.3"
},
{
"binary_name": "virtualbox-guest-x11",
"binary_version": "5.1.38-dfsg-0ubuntu1.16.04.3"
},
{
"binary_name": "virtualbox-qt",
"binary_version": "5.1.38-dfsg-0ubuntu1.16.04.3"
},
{
"binary_name": "virtualbox-source",
"binary_version": "5.1.38-dfsg-0ubuntu1.16.04.3"
}
]
}Ubuntu:18.04:LTS
virtualbox
Package
- Name
- virtualbox
- Purl
- pkg:deb/ubuntu/virtualbox@5.2.42-dfsg-0~ubuntu1.18.04.1?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
5.*
5.1.30-dfsg-1
5.2.0-dfsg-1build2
5.2.0-dfsg-2
5.2.0-dfsg-4
5.2.0-dfsg-5
5.2.2-dfsg-2
5.2.2-dfsg-3~build1
5.2.2-dfsg-3
5.2.4-dfsg-1
5.2.4-dfsg-2
5.2.6-dfsg-1
5.2.6-dfsg-2
5.2.6-dfsg-3
5.2.6-dfsg-3build1
5.2.6-dfsg-5
5.2.8-dfsg-2
5.2.8-dfsg-3
5.2.8-dfsg-5
5.2.8-dfsg-6
5.2.8-dfsg-7
5.2.10-dfsg-1
5.2.10-dfsg-2
5.2.10-dfsg-5
5.2.10-dfsg-6
5.2.10-dfsg-6ubuntu18.04.1
5.2.18-dfsg-2~ubuntu18.04.1
5.2.18-dfsg-2~ubuntu18.04.3
5.2.18-dfsg-2~ubuntu18.04.5
5.2.32-dfsg-0~ubuntu18.04.1
5.2.34-dfsg-0~ubuntu18.04.1
5.2.42-dfsg-0~ubuntu1.18.04.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "virtualbox",
"binary_version": "5.2.42-dfsg-0~ubuntu1.18.04.1"
},
{
"binary_name": "virtualbox-dkms",
"binary_version": "5.2.42-dfsg-0~ubuntu1.18.04.1"
},
{
"binary_name": "virtualbox-guest-dkms",
"binary_version": "5.2.42-dfsg-0~ubuntu1.18.04.1"
},
{
"binary_name": "virtualbox-guest-source",
"binary_version": "5.2.42-dfsg-0~ubuntu1.18.04.1"
},
{
"binary_name": "virtualbox-guest-utils",
"binary_version": "5.2.42-dfsg-0~ubuntu1.18.04.1"
},
{
"binary_name": "virtualbox-guest-x11",
"binary_version": "5.2.42-dfsg-0~ubuntu1.18.04.1"
},
{
"binary_name": "virtualbox-qt",
"binary_version": "5.2.42-dfsg-0~ubuntu1.18.04.1"
},
{
"binary_name": "virtualbox-source",
"binary_version": "5.2.42-dfsg-0~ubuntu1.18.04.1"
}
]
}Ubuntu:20.04:LTS
virtualbox
Package
- Name
- virtualbox
- Purl
- pkg:deb/ubuntu/virtualbox@6.1.50-dfsg-1~ubuntu1.20.04.1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6.*
6.0.14-dfsg-1
6.0.14-dfsg-2~build1
6.0.14-dfsg-2
6.1.0-dfsg-3build1
6.1.0-dfsg-3build2
6.1.2-dfsg-1
6.1.2-dfsg-1build1
6.1.4-dfsg-1
6.1.4-dfsg-2~build1
6.1.4-dfsg-2
6.1.4-dfsg-4
6.1.6-dfsg-1
6.1.10-dfsg-1~ubuntu1.20.04.1
6.1.16-dfsg-6~ubuntu1.20.04.1
6.1.16-dfsg-6~ubuntu1.20.04.2
6.1.22-dfsg-2~ubuntu1.20.04.1
6.1.26-dfsg-3~ubuntu1.20.04.1
6.1.26-dfsg-3~ubuntu1.20.04.2
6.1.32-dfsg-1~ubuntu1.20.04.1
6.1.34-dfsg-3~ubuntu1.20.04.1
6.1.38-dfsg-3~ubuntu1.20.04.1
6.1.48-dfsg-1~ubuntu1.20.04.1
6.1.50-dfsg-1~ubuntu1.20.04.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "virtualbox",
"binary_version": "6.1.50-dfsg-1~ubuntu1.20.04.1"
},
{
"binary_name": "virtualbox-dkms",
"binary_version": "6.1.50-dfsg-1~ubuntu1.20.04.1"
},
{
"binary_name": "virtualbox-guest-dkms",
"binary_version": "6.1.50-dfsg-1~ubuntu1.20.04.1"
},
{
"binary_name": "virtualbox-guest-source",
"binary_version": "6.1.50-dfsg-1~ubuntu1.20.04.1"
},
{
"binary_name": "virtualbox-guest-utils",
"binary_version": "6.1.50-dfsg-1~ubuntu1.20.04.1"
},
{
"binary_name": "virtualbox-guest-x11",
"binary_version": "6.1.50-dfsg-1~ubuntu1.20.04.1"
},
{
"binary_name": "virtualbox-qt",
"binary_version": "6.1.50-dfsg-1~ubuntu1.20.04.1"
},
{
"binary_name": "virtualbox-source",
"binary_version": "6.1.50-dfsg-1~ubuntu1.20.04.1"
}
]
}Ubuntu:22.04:LTS
linux-intel-iot-realtime
Package
- Name
- linux-intel-iot-realtime
- Purl
- pkg:deb/ubuntu/linux-intel-iot-realtime@5.15.0-1073.75?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-headers-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-cloud-tools-5.15.0-1073",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-cloud-tools-common",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-headers-5.15.0-1073",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-tools-5.15.0-1073",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-tools-common",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-intel-iot-realtime-tools-host",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-modules-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-modules-extra-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
},
{
"binary_name": "linux-tools-5.15.0-1073-intel-iot-realtime",
"binary_version": "5.15.0-1073.75"
}
]
}linux-realtime
Package
- Name
- linux-realtime
- Purl
- pkg:deb/ubuntu/linux-realtime@5.15.0-1032.35?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "linux-buildinfo-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-cloud-tools-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-headers-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-image-unsigned-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-modules-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-modules-extra-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-cloud-tools-5.15.0-1032",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-cloud-tools-common",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-headers-5.15.0-1032",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-tools-5.15.0-1032",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-tools-common",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-realtime-tools-host",
"binary_version": "5.15.0-1032.35"
},
{
"binary_name": "linux-tools-5.15.0-1032-realtime",
"binary_version": "5.15.0-1032.35"
}
]
}virtualbox
Package
- Name
- virtualbox
- Purl
- pkg:deb/ubuntu/virtualbox@6.1.50-dfsg-1~ubuntu1.22.04.3?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
6.*
6.1.26-dfsg-4
6.1.28-dfsg-1
6.1.30-dfsg-1
6.1.32-dfsg-1
6.1.32-dfsg-1build1
6.1.34-dfsg-3~ubuntu1.22.04.1
6.1.38-dfsg-3~ubuntu1.22.04.1
6.1.48-dfsg-1~ubuntu1.22.04.1
6.1.50-dfsg-1~ubuntu1.22.04.1
6.1.50-dfsg-1~ubuntu1.22.04.3
Ecosystem specific
{
"binaries": [
{
"binary_name": "virtualbox",
"binary_version": "6.1.50-dfsg-1~ubuntu1.22.04.3"
},
{
"binary_name": "virtualbox-dkms",
"binary_version": "6.1.50-dfsg-1~ubuntu1.22.04.3"
},
{
"binary_name": "virtualbox-guest-utils",
"binary_version": "6.1.50-dfsg-1~ubuntu1.22.04.3"
},
{
"binary_name": "virtualbox-guest-x11",
"binary_version": "6.1.50-dfsg-1~ubuntu1.22.04.3"
},
{
"binary_name": "virtualbox-qt",
"binary_version": "6.1.50-dfsg-1~ubuntu1.22.04.3"
},
{
"binary_name": "virtualbox-source",
"binary_version": "6.1.50-dfsg-1~ubuntu1.22.04.3"
}
]
}Ubuntu:24.04:LTS
linux-raspi-realtime
Package
- Name
- linux-raspi-realtime
- Purl
- pkg:deb/ubuntu/linux-raspi-realtime@6.8.0-2019.20?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "linux-buildinfo-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-headers-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-image-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-modules-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-raspi-realtime-headers-6.8.0-2019",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-raspi-realtime-tools-6.8.0-2019",
"binary_version": "6.8.0-2019.20"
},
{
"binary_name": "linux-tools-6.8.0-2019-raspi-realtime",
"binary_version": "6.8.0-2019.20"
}
]
}virtualbox
Package
- Name
- virtualbox
- Purl
- pkg:deb/ubuntu/virtualbox@7.0.16-dfsg-2ubuntu1.1?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
7.*
7.0.10-dfsg-3
7.0.12-dfsg-1
7.0.12-dfsg-1build1
7.0.14-dfsg-1
7.0.14-dfsg-2
7.0.14-dfsg-4
7.0.14-dfsg-4build4
7.0.14-dfsg-4build5
7.0.16-dfsg-1
7.0.16-dfsg-2
7.0.16-dfsg-2ubuntu1
7.0.16-dfsg-2ubuntu1.1
Ecosystem specific
{
"binaries": [
{
"binary_name": "virtualbox",
"binary_version": "7.0.16-dfsg-2ubuntu1.1"
},
{
"binary_name": "virtualbox-dkms",
"binary_version": "7.0.16-dfsg-2ubuntu1.1"
},
{
"binary_name": "virtualbox-guest-utils",
"binary_version": "7.0.16-dfsg-2ubuntu1.1"
},
{
"binary_name": "virtualbox-guest-x11",
"binary_version": "7.0.16-dfsg-2ubuntu1.1"
},
{
"binary_name": "virtualbox-qt",
"binary_version": "7.0.16-dfsg-2ubuntu1.1"
},
{
"binary_name": "virtualbox-source",
"binary_version": "7.0.16-dfsg-2ubuntu1.1"
}
]
}Ubuntu:25.04
virtualbox
Package
- Name
- virtualbox
- Purl
- pkg:deb/ubuntu/virtualbox@7.0.20-dfsg-1.2?arch=source&distro=plucky
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "virtualbox",
"binary_version": "7.0.20-dfsg-1.2"
},
{
"binary_name": "virtualbox-dkms",
"binary_version": "7.0.20-dfsg-1.2"
},
{
"binary_name": "virtualbox-guest-utils",
"binary_version": "7.0.20-dfsg-1.2"
},
{
"binary_name": "virtualbox-guest-utils-hwe",
"binary_version": "7.0.20-dfsg-1.2"
},
{
"binary_name": "virtualbox-guest-x11",
"binary_version": "7.0.20-dfsg-1.2"
},
{
"binary_name": "virtualbox-guest-x11-hwe",
"binary_version": "7.0.20-dfsg-1.2"
},
{
"binary_name": "virtualbox-qt",
"binary_version": "7.0.20-dfsg-1.2"
},
{
"binary_name": "virtualbox-source",
"binary_version": "7.0.20-dfsg-1.2"
}
]
}Ubuntu:25.10
virtualbox
Package
- Name
- virtualbox
- Purl
- pkg:deb/ubuntu/virtualbox@7.2.2-dfsg-2?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
7.*
7.0.20-dfsg-1.2
7.0.26-dfsg-1
7.1.8-dfsg-2
7.1.8-dfsg-3
7.1.8-dfsg-3build1
7.1.10-dfsg-1
7.1.12-dfsg-1
7.1.12-dfsg-2
7.2.0-dfsg-2
7.2.0-dfsg-3
7.2.2-dfsg-2
Ecosystem specific
{
"binaries": [
{
"binary_name": "virtualbox",
"binary_version": "7.2.2-dfsg-2"
},
{
"binary_name": "virtualbox-dkms",
"binary_version": "7.2.2-dfsg-2"
},
{
"binary_name": "virtualbox-guest-utils",
"binary_version": "7.2.2-dfsg-2"
},
{
"binary_name": "virtualbox-guest-utils-hwe",
"binary_version": "7.2.2-dfsg-2"
},
{
"binary_name": "virtualbox-guest-x11",
"binary_version": "7.2.2-dfsg-2"
},
{
"binary_name": "virtualbox-guest-x11-hwe",
"binary_version": "7.2.2-dfsg-2"
},
{
"binary_name": "virtualbox-qt",
"binary_version": "7.2.2-dfsg-2"
},
{
"binary_name": "virtualbox-source",
"binary_version": "7.2.2-dfsg-2"
}
]
}