USN-3656-1

Source
https://ubuntu.com/security/notices/USN-3656-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3656-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-3656-1
Related
Published
2018-05-22T22:42:32.307253Z
Modified
2018-05-22T22:42:32.307253Z
Summary
linux-raspi2, linux-snapdragon vulnerabilities
Details

Tuba Yavuz discovered that a double-free error existed in the USBTV007 driver of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-17975)

It was discovered that a race condition existed in the F2FS implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2017-18193)

It was discovered that a buffer overflow existed in the Hisilicon HNS Ethernet Device driver in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-18222)

It was discovered that the netfilter subsystem in the Linux kernel did not validate that rules containing jumps contained user-defined chains. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-1065)

It was discovered that the netfilter subsystem of the Linux kernel did not properly validate ebtables offsets. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-1068)

It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-1130)

It was discovered that the SCTP Protocol implementation in the Linux kernel did not properly validate userspace provided payload lengths in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-5803)

It was discovered that a double free error existed in the block layer subsystem of the Linux kernel when setting up a request queue. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-7480)

It was discovered that a memory leak existed in the SAS driver subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2018-7757)

It was discovered that a race condition existed in the x86 machine check handler in the Linux kernel. A local privileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-7995)

Eyal Itkin discovered that the USB displaylink video adapter driver in the Linux kernel did not properly validate mmap offsets sent from userspace. A local attacker could use this to expose sensitive information (kernel memory) or possibly execute arbitrary code. (CVE-2018-8781)

Silvio Cesare discovered a buffer overwrite existed in the NCPFS implementation in the Linux kernel. A remote attacker controlling a malicious NCPFS server could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-8822)

References

Affected packages

Ubuntu:16.04:LTS / linux-raspi2

Package

Name
linux-raspi2
Purl
pkg:deb/ubuntu/linux-raspi2?arch=src?distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1090.98

Affected versions

4.*

4.2.0-1013.19
4.2.0-1014.21
4.3.0-1006.6
4.4.0-1003.4
4.4.0-1004.5
4.4.0-1009.10
4.4.0-1010.12
4.4.0-1010.13
4.4.0-1012.16
4.4.0-1016.22
4.4.0-1017.23
4.4.0-1019.25
4.4.0-1021.27
4.4.0-1023.29
4.4.0-1027.33
4.4.0-1029.36
4.4.0-1034.41
4.4.0-1038.45
4.4.0-1040.47
4.4.0-1042.49
4.4.0-1044.51
4.4.0-1046.53
4.4.0-1048.55
4.4.0-1050.57
4.4.0-1051.58
4.4.0-1052.59
4.4.0-1054.61
4.4.0-1055.62
4.4.0-1057.64
4.4.0-1059.67
4.4.0-1061.69
4.4.0-1065.73
4.4.0-1067.75
4.4.0-1069.77
4.4.0-1070.78
4.4.0-1071.79
4.4.0-1074.82
4.4.0-1075.83
4.4.0-1076.84
4.4.0-1077.85
4.4.0-1079.87
4.4.0-1080.88
4.4.0-1082.90
4.4.0-1085.93
4.4.0-1086.94
4.4.0-1087.95
4.4.0-1089.97

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "4.4.0-1090.98",
            "binary_name": "linux-headers-4.4.0-1090-raspi2"
        },
        {
            "binary_version": "4.4.0-1090.98",
            "binary_name": "linux-image-4.4.0-1090-raspi2"
        },
        {
            "binary_version": "4.4.0-1090.98",
            "binary_name": "linux-image-4.4.0-1090-raspi2-dbgsym"
        },
        {
            "binary_version": "4.4.0-1090.98",
            "binary_name": "linux-raspi2-headers-4.4.0-1090"
        },
        {
            "binary_version": "4.4.0-1090.98",
            "binary_name": "linux-raspi2-tools-4.4.0-1090"
        },
        {
            "binary_version": "4.4.0-1090.98",
            "binary_name": "linux-raspi2-tools-4.4.0-1090-dbgsym"
        },
        {
            "binary_version": "4.4.0-1090.98",
            "binary_name": "linux-tools-4.4.0-1090-raspi2"
        }
    ]
}

Ubuntu:16.04:LTS / linux-snapdragon

Package

Name
linux-snapdragon
Purl
pkg:deb/ubuntu/linux-snapdragon?arch=src?distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.4.0-1093.98

Affected versions

4.*

4.4.0-1012.12
4.4.0-1013.14
4.4.0-1013.15
4.4.0-1015.18
4.4.0-1019.22
4.4.0-1020.23
4.4.0-1022.25
4.4.0-1024.27
4.4.0-1026.29
4.4.0-1030.33
4.4.0-1032.36
4.4.0-1035.39
4.4.0-1039.43
4.4.0-1042.46
4.4.0-1044.48
4.4.0-1046.50
4.4.0-1047.51
4.4.0-1048.52
4.4.0-1050.54
4.4.0-1051.55
4.4.0-1053.57
4.4.0-1054.58
4.4.0-1055.59
4.4.0-1057.61
4.4.0-1058.62
4.4.0-1059.63
4.4.0-1061.66
4.4.0-1063.68
4.4.0-1067.72
4.4.0-1069.74
4.4.0-1071.76
4.4.0-1072.77
4.4.0-1073.78
4.4.0-1076.81
4.4.0-1077.82
4.4.0-1078.83
4.4.0-1079.84
4.4.0-1081.86
4.4.0-1082.87
4.4.0-1084.89
4.4.0-1087.92
4.4.0-1088.93
4.4.0-1090.95
4.4.0-1092.97

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "4.4.0-1093.98",
            "binary_name": "linux-headers-4.4.0-1093-snapdragon"
        },
        {
            "binary_version": "4.4.0-1093.98",
            "binary_name": "linux-image-4.4.0-1093-snapdragon"
        },
        {
            "binary_version": "4.4.0-1093.98",
            "binary_name": "linux-image-4.4.0-1093-snapdragon-dbgsym"
        },
        {
            "binary_version": "4.4.0-1093.98",
            "binary_name": "linux-snapdragon-headers-4.4.0-1093"
        },
        {
            "binary_version": "4.4.0-1093.98",
            "binary_name": "linux-snapdragon-tools-4.4.0-1093"
        },
        {
            "binary_version": "4.4.0-1093.98",
            "binary_name": "linux-snapdragon-tools-4.4.0-1093-dbgsym"
        },
        {
            "binary_version": "4.4.0-1093.98",
            "binary_name": "linux-tools-4.4.0-1093-snapdragon"
        }
    ]
}