USN-3697-2

Source
https://ubuntu.com/security/notices/USN-3697-2
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3697-2.json
JSON Data
https://api.osv.dev/v1/vulns/USN-3697-2
Related
Published
2018-07-02T20:05:04.497080Z
Modified
2018-07-02T20:05:04.497080Z
Summary
linux-oem vulnerabilities
Details

It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-1130)

Jann Horn discovered that the 32 bit adjtimex() syscall implementation for 64 bit Linux kernels did not properly initialize memory returned to user space in some situations. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-11508)

Wang Qize discovered that an information disclosure vulnerability existed in the SMBus driver for ACPI Embedded Controllers in the Linux kernel. A local attacker could use this to expose sensitive information (kernel pointer addresses). (CVE-2018-5750)

It was discovered that the SCTP Protocol implementation in the Linux kernel did not properly validate userspace provided payload lengths in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-5803)

It was discovered that an integer overflow error existed in the futex implementation in the Linux kernel. A local attacker could use this to cause a denial of service (system crash). (CVE-2018-6927)

It was discovered that an information leak vulnerability existed in the floppy driver in the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-7755)

It was discovered that a memory leak existed in the SAS driver subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2018-7757)

References

Affected packages

Ubuntu:16.04:LTS / linux-oem

Package

Name
linux-oem
Purl
pkg:deb/ubuntu/linux-oem?arch=src?distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
4.13.0-1031.35

Affected versions

4.*

4.13.0-1008.9
4.13.0-1010.11
4.13.0-1012.13
4.13.0-1015.16
4.13.0-1017.18
4.13.0-1019.20
4.13.0-1020.21
4.13.0-1021.23
4.13.0-1022.24
4.13.0-1024.27
4.13.0-1026.29
4.13.0-1028.31
4.13.0-1030.33

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "block-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "crypto-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "fat-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "fb-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "firewire-core-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "floppy-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "fs-core-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "fs-secondary-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "input-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "ipmi-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "irda-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "kernel-image-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "linux-headers-4.13.0-1031-oem"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "linux-image-4.13.0-1031-oem"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "linux-image-4.13.0-1031-oem-dbgsym"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "linux-oem-headers-4.13.0-1031"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "linux-oem-tools-4.13.0-1031"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "linux-oem-tools-4.13.0-1031-dbgsym"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "linux-tools-4.13.0-1031-oem"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "linux-udebs-oem"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "md-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "message-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "mouse-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "multipath-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "nfs-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "nic-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "nic-pcmcia-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "nic-shared-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "nic-usb-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "parport-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "pata-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "pcmcia-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "pcmcia-storage-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "plip-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "ppp-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "sata-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "scsi-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "serial-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "storage-core-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "usb-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "virtio-modules-4.13.0-1031-oem-di"
        },
        {
            "binary_version": "4.13.0-1031.35",
            "binary_name": "vlan-modules-4.13.0-1031-oem-di"
        }
    ]
}