Tuba Yavuz discovered that a double-free error existed in the USBTV007 driver of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-17975)
It was discovered that a race condition existed in the F2FS implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-18193)
It was discovered that a buffer overflow existed in the Hisilicon HNS Ethernet Device driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-18222)
It was discovered that the netfilter subsystem in the Linux kernel did not validate that rules containing jumps contained user-defined chains. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-1065)
It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-1068)
It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-1130)
It was discovered that the SCTP Protocol implementation in the Linux kernel did not properly validate userspace provided payload lengths in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-5803)
It was discovered that a double free error existed in the block layer subsystem of the Linux kernel when setting up a request queue. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-7480)
It was discovered that a memory leak existed in the SAS driver subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2018-7757)
It was discovered that a race condition existed in the x86 machine check handler in the Linux kernel. A local privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-7995)
Eyal Itkin discovered that the USB displaylink video adapter driver in the Linux kernel did not properly validate mmap offsets sent from userspace. A local attacker could use this to expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2018-8781)
Silvio Cesare discovered a buffer overwrite existed in the NCPFS implementation in the Linux kernel. A remote attacker controlling a malicious NCPFS server could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-8822)
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.4.0-1090.98", "binary_name": "linux-headers-4.4.0-1090-raspi2" }, { "binary_version": "4.4.0-1090.98", "binary_name": "linux-image-4.4.0-1090-raspi2" }, { "binary_version": "4.4.0-1090.98", "binary_name": "linux-raspi2-headers-4.4.0-1090" }, { "binary_version": "4.4.0-1090.98", "binary_name": "linux-raspi2-tools-4.4.0-1090" }, { "binary_version": "4.4.0-1090.98", "binary_name": "linux-tools-4.4.0-1090-raspi2" } ] }
{ "cves_map": { "ecosystem": "Ubuntu:16.04:LTS", "cves": [ { "id": "CVE-2017-17975", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2017-18193", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "low" } ] }, { "id": "CVE-2017-18222", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-1065", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-1068", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-1130", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-5803", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-7480", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-7757", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-7995", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "negligible" } ] }, { "id": "CVE-2018-8781", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-8822", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] } ] } }
{ "availability": "No subscription required", "binaries": [ { "binary_version": "4.4.0-1093.98", "binary_name": "linux-headers-4.4.0-1093-snapdragon" }, { "binary_version": "4.4.0-1093.98", "binary_name": "linux-image-4.4.0-1093-snapdragon" }, { "binary_version": "4.4.0-1093.98", "binary_name": "linux-snapdragon-headers-4.4.0-1093" }, { "binary_version": "4.4.0-1093.98", "binary_name": "linux-snapdragon-tools-4.4.0-1093" }, { "binary_version": "4.4.0-1093.98", "binary_name": "linux-tools-4.4.0-1093-snapdragon" } ] }
{ "cves_map": { "ecosystem": "Ubuntu:16.04:LTS", "cves": [ { "id": "CVE-2017-17975", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2017-18193", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "low" } ] }, { "id": "CVE-2017-18222", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-1065", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-1068", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-1130", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-5803", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-7480", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-7757", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-7995", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H" }, { "type": "Ubuntu", "score": "negligible" } ] }, { "id": "CVE-2018-8781", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] }, { "id": "CVE-2018-8822", "severity": [ { "type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "CVSS_V3", "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H" }, { "type": "Ubuntu", "score": "medium" } ] } ] } }