UBUNTU-CVE-2018-3979

See a problem?
Please try reporting it to the source first.

Source

https://ubuntu.com/security/CVE-2018-3979

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-3979.json

JSON Data

https://api.osv.dev/v1/vulns/UBUNTU-CVE-2018-3979

Upstream

CVE-2018-3979

Published

2019-04-01T21:30:00Z

Modified

2026-05-20T16:03:40.368416115Z

Severity

7.4 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:N/A:H CVSS Calculator
6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H CVSS Calculator
Ubuntu - low

Summary

[none]

Details

A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS (linux 4.15.0-29-generic x8664), Nouveau Display Driver NV117 (vermagic: 4.15.0-29-generic SMP modunload).

References

Affected packages

Ubuntu:16.04:LTS

xserver-xorg-video-nouveau

Package

Name: xserver-xorg-video-nouveau
Purl: pkg:deb/ubuntu/xserver-xorg-video-nouveau?arch=source&distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*

1:1.0.11-1ubuntu3

1:1.0.12-1

1:1.0.12-1build1

1:1.0.12-1build2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "xserver-xorg-video-nouveau",
            "binary_version": "1:1.0.12-1build2"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-3979.json"

xserver-xorg-video-nouveau-hwe-16.04

Package

Name: xserver-xorg-video-nouveau-hwe-16.04
Purl: pkg:deb/ubuntu/xserver-xorg-video-nouveau-hwe-16.04?arch=source&distro=xenial

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*

1:1.0.12-2~16.04.1

1:1.0.14-0ubuntu1~16.04.1

1:1.0.15-2~16.04.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "xserver-xorg-video-nouveau-hwe-16.04",
            "binary_version": "1:1.0.15-2~16.04.1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-3979.json"

Ubuntu:18.04:LTS

xserver-xorg-video-nouveau

Package

Name: xserver-xorg-video-nouveau
Purl: pkg:deb/ubuntu/xserver-xorg-video-nouveau?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*

1:1.0.15-2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "xserver-xorg-video-nouveau",
            "binary_version": "1:1.0.15-2"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-3979.json"

xserver-xorg-video-nouveau-hwe-18.04

Package

Name: xserver-xorg-video-nouveau-hwe-18.04
Purl: pkg:deb/ubuntu/xserver-xorg-video-nouveau-hwe-18.04?arch=source&distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*

1:1.0.15-3~18.04.1

1:1.0.16-1~18.04.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "xserver-xorg-video-nouveau-hwe-18.04",
            "binary_version": "1:1.0.16-1~18.04.1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-3979.json"

Ubuntu:20.04:LTS

xserver-xorg-video-nouveau

Package

Name: xserver-xorg-video-nouveau
Purl: pkg:deb/ubuntu/xserver-xorg-video-nouveau?arch=source&distro=focal

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*

1:1.0.16-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "xserver-xorg-video-nouveau",
            "binary_version": "1:1.0.16-1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-3979.json"

Ubuntu:22.04:LTS

xserver-xorg-video-nouveau

Package

Name: xserver-xorg-video-nouveau
Purl: pkg:deb/ubuntu/xserver-xorg-video-nouveau?arch=source&distro=jammy

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*

1:1.0.17-1build1

1:1.0.17-2build1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "xserver-xorg-video-nouveau",
            "binary_version": "1:1.0.17-2build1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-3979.json"

Ubuntu:24.04:LTS

xserver-xorg-video-nouveau

Package

Name: xserver-xorg-video-nouveau
Purl: pkg:deb/ubuntu/xserver-xorg-video-nouveau?arch=source&distro=noble

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*

1:1.0.17-2build1

1:1.0.17-2ubuntu0.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "xserver-xorg-video-nouveau",
            "binary_version": "1:1.0.17-2ubuntu0.1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-3979.json"

Ubuntu:25.10

xserver-xorg-video-nouveau

Package

Name: xserver-xorg-video-nouveau
Purl: pkg:deb/ubuntu/xserver-xorg-video-nouveau?arch=source&distro=questing

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*

1:1.0.18-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "xserver-xorg-video-nouveau",
            "binary_version": "1:1.0.18-1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-3979.json"

Ubuntu:26.04:LTS

xserver-xorg-video-nouveau

Package

Name: xserver-xorg-video-nouveau
Purl: pkg:deb/ubuntu/xserver-xorg-video-nouveau?arch=source&distro=resolute

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

1:1.*

1:1.0.18-1

1:1.0.18-1build1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "xserver-xorg-video-nouveau",
            "binary_version": "1:1.0.18-1build1"
        }
    ]
}

Database specific

source

"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2018/UBUNTU-CVE-2018-3979.json"