USN-3820-2
- Source
- https://ubuntu.com/security/notices/USN-3820-2
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3820-2.json
- JSON Data
- https://api.osv.dev/v1/vulns/USN-3820-2
- Upstream
- Related
- Published
- 2018-11-14T22:06:17.052664Z
- Modified
- 2025-10-13T04:34:45Z
- Summary
- linux-hwe, linux-azure, linux-gcp vulnerabilities
- Details
-
USN-3820-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS.
Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-15471)
It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. (CVE-2017-13168)
It was discovered that an integer overflow existed in the CD-ROM driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2018-16658)
It was discovered that an integer overflow existed in the HID Bluetooth implementation in the Linux kernel that could lead to a buffer overwrite. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-9363)
- References
Affected packages
Ubuntu:16.04:LTS / linux-azure
Package
- Name
- linux-azure
- Purl
- pkg:deb/ubuntu/linux-azure@4.15.0-1031.32~16.04.1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.15.0-1031.32~16.04.1
Affected versions
4.*
4.11.0-1009.9
4.11.0-1011.11
4.11.0-1013.13
4.11.0-1014.14
4.11.0-1015.15
4.11.0-1016.16
4.13.0-1005.7
4.13.0-1006.8
4.13.0-1007.9
4.13.0-1009.12
4.13.0-1011.14
4.13.0-1012.15
4.13.0-1014.17
4.13.0-1016.19
4.13.0-1018.21
4.15.0-1013.13~16.04.2
4.15.0-1014.14~16.04.1
4.15.0-1018.18~16.04.1
4.15.0-1019.19~16.04.1
4.15.0-1021.21~16.04.1
4.15.0-1022.22~16.04.1
4.15.0-1023.24~16.04.1
4.15.0-1025.26~16.04.1
4.15.0-1028.29~16.04.1
4.15.0-1030.31~16.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "linux-azure-cloud-tools-4.15.0-1031",
"binary_version": "4.15.0-1031.32~16.04.1"
},
{
"binary_name": "linux-azure-headers-4.15.0-1031",
"binary_version": "4.15.0-1031.32~16.04.1"
},
{
"binary_name": "linux-azure-tools-4.15.0-1031",
"binary_version": "4.15.0-1031.32~16.04.1"
},
{
"binary_name": "linux-cloud-tools-4.15.0-1031-azure",
"binary_version": "4.15.0-1031.32~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-1031-azure",
"binary_version": "4.15.0-1031.32~16.04.1"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1031-azure",
"binary_version": "4.15.0-1031.32~16.04.1"
},
{
"binary_name": "linux-modules-4.15.0-1031-azure",
"binary_version": "4.15.0-1031.32~16.04.1"
},
{
"binary_name": "linux-modules-extra-4.15.0-1031-azure",
"binary_version": "4.15.0-1031.32~16.04.1"
},
{
"binary_name": "linux-tools-4.15.0-1031-azure",
"binary_version": "4.15.0-1031.32~16.04.1"
}
]
}
Database specific
cves_map
{
"cves": [
{
"id": "CVE-2017-13168",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2018-9363",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2018-15471",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2018-16658",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:16.04:LTS"
}
Ubuntu:16.04:LTS / linux-gcp
Package
- Name
- linux-gcp
- Purl
- pkg:deb/ubuntu/linux-gcp@4.15.0-1024.25~16.04.2?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.15.0-1024.25~16.04.2
Affected versions
4.*
4.10.0-1004.4
4.10.0-1006.6
4.10.0-1007.7
4.10.0-1008.8
4.10.0-1009.9
4.13.0-1002.5
4.13.0-1006.9
4.13.0-1007.10
4.13.0-1008.11
4.13.0-1011.15
4.13.0-1012.16
4.13.0-1013.17
4.13.0-1015.19
4.13.0-1017.21
4.13.0-1019.23
4.15.0-1014.14~16.04.1
4.15.0-1015.15~16.04.1
4.15.0-1017.18~16.04.1
4.15.0-1018.19~16.04.2
4.15.0-1019.20~16.04.1
4.15.0-1021.22~16.04.1
4.15.0-1023.24~16.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "linux-gcp-headers-4.15.0-1024",
"binary_version": "4.15.0-1024.25~16.04.2"
},
{
"binary_name": "linux-gcp-tools-4.15.0-1024",
"binary_version": "4.15.0-1024.25~16.04.2"
},
{
"binary_name": "linux-headers-4.15.0-1024-gcp",
"binary_version": "4.15.0-1024.25~16.04.2"
},
{
"binary_name": "linux-image-unsigned-4.15.0-1024-gcp",
"binary_version": "4.15.0-1024.25~16.04.2"
},
{
"binary_name": "linux-modules-4.15.0-1024-gcp",
"binary_version": "4.15.0-1024.25~16.04.2"
},
{
"binary_name": "linux-modules-extra-4.15.0-1024-gcp",
"binary_version": "4.15.0-1024.25~16.04.2"
},
{
"binary_name": "linux-tools-4.15.0-1024-gcp",
"binary_version": "4.15.0-1024.25~16.04.2"
}
]
}
Database specific
cves_map
{
"cves": [
{
"id": "CVE-2017-13168",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2018-9363",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2018-15471",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2018-16658",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:16.04:LTS"
}
Ubuntu:16.04:LTS / linux-hwe
Package
- Name
- linux-hwe
- Purl
- pkg:deb/ubuntu/linux-hwe@4.15.0-39.42~16.04.1?arch=source&distro=xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed4.15.0-39.42~16.04.1
Affected versions
4.*
4.8.0-36.36~16.04.1
4.8.0-39.42~16.04.1
4.8.0-41.44~16.04.1
4.8.0-42.45~16.04.1
4.8.0-44.47~16.04.1
4.8.0-45.48~16.04.1
4.8.0-46.49~16.04.1
4.8.0-49.52~16.04.1
4.8.0-51.54~16.04.1
4.8.0-52.55~16.04.1
4.8.0-53.56~16.04.1
4.8.0-54.57~16.04.1
4.8.0-56.61~16.04.1
4.8.0-58.63~16.04.1
4.10.0-27.30~16.04.2
4.10.0-28.32~16.04.2
4.10.0-30.34~16.04.1
4.10.0-32.36~16.04.1
4.10.0-33.37~16.04.1
4.10.0-35.39~16.04.1
4.10.0-37.41~16.04.1
4.10.0-38.42~16.04.1
4.10.0-40.44~16.04.1
4.10.0-42.46~16.04.1
4.13.0-26.29~16.04.2
4.13.0-31.34~16.04.1
4.13.0-32.35~16.04.1
4.13.0-36.40~16.04.1
4.13.0-37.42~16.04.1
4.13.0-38.43~16.04.1
4.13.0-39.44~16.04.1
4.13.0-41.46~16.04.1
4.13.0-43.48~16.04.1
4.13.0-45.50~16.04.1
4.15.0-24.26~16.04.1
4.15.0-29.31~16.04.1
4.15.0-30.32~16.04.1
4.15.0-32.35~16.04.1
4.15.0-33.36~16.04.1
4.15.0-34.37~16.04.1
4.15.0-36.39~16.04.1
4.15.0-38.41~16.04.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "block-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "block-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "crypto-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "crypto-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "dasd-extra-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "dasd-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "fat-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "fat-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "fb-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "firewire-core-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "floppy-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "fs-core-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "fs-core-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "fs-secondary-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "fs-secondary-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "input-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "input-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "ipmi-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "ipmi-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "irda-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "irda-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "kernel-image-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "kernel-image-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-cloud-tools-4.15.0-39-generic",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-cloud-tools-4.15.0-39-lowlatency",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-39",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-39-generic",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-39-generic-lpae",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-headers-4.15.0-39-lowlatency",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-hwe-cloud-tools-4.15.0-39",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-hwe-tools-4.15.0-39",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-hwe-udebs-generic",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-hwe-udebs-generic-lpae",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-image-4.15.0-39-generic",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-image-4.15.0-39-generic-lpae",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-image-4.15.0-39-lowlatency",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-image-unsigned-4.15.0-39-generic",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-image-unsigned-4.15.0-39-lowlatency",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-modules-4.15.0-39-generic",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-modules-4.15.0-39-generic-lpae",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-modules-4.15.0-39-lowlatency",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-modules-extra-4.15.0-39-generic",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-source-4.15.0",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-tools-4.15.0-39-generic",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-tools-4.15.0-39-generic-lpae",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "linux-tools-4.15.0-39-lowlatency",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "md-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "md-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "message-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "mouse-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "mouse-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "multipath-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "multipath-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "nfs-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "nfs-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "nic-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "nic-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "nic-pcmcia-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "nic-shared-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "nic-shared-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "nic-usb-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "nic-usb-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "parport-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "parport-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "pata-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "pcmcia-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "pcmcia-storage-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "plip-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "plip-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "ppp-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "ppp-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "sata-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "sata-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "scsi-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "scsi-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "serial-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "storage-core-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "storage-core-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "usb-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "usb-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "virtio-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "vlan-modules-4.15.0-39-generic-di",
"binary_version": "4.15.0-39.42~16.04.1"
},
{
"binary_name": "vlan-modules-4.15.0-39-generic-lpae-di",
"binary_version": "4.15.0-39.42~16.04.1"
}
]
}
Database specific
cves_map
{
"cves": [
{
"id": "CVE-2017-13168",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2018-9363",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
},
{
"id": "CVE-2018-15471",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
},
{
"type": "Ubuntu",
"score": "high"
}
]
},
{
"id": "CVE-2018-16658",
"severity": [
{
"type": "CVSS_V3",
"score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H"
},
{
"type": "Ubuntu",
"score": "medium"
}
]
}
],
"ecosystem": "Ubuntu:16.04:LTS"
}