USN-3880-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-3880-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-3880-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-3880-1
Related
  • CVE-2018-1066
  • CVE-2018-17972
  • CVE-2018-18281
  • CVE-2018-9568
Published
2019-02-04T23:05:35.360733Z
Modified
2019-02-04T23:05:35.360733Z
Summary
linux vulnerabilities
Details

It was discovered that the CIFS client implementation in the Linux kernel did not properly handle setup negotiation during session recovery, leading to a NULL pointer exception. An attacker could use this to create a malicious CIFS server that caused a denial of service (client system crash). (CVE-2018-1066)

Jann Horn discovered that the procfs file system implementation in the Linux kernel did not properly restrict the ability to inspect the kernel stack of an arbitrary task. A local attacker could use this to expose sensitive information. (CVE-2018-17972)

Jann Horn discovered that the mremap() system call in the Linux kernel did not properly flush the TLB when completing, potentially leaving access to a physical page after it has been released to the page allocator. A local attacker could use this to cause a denial of service (system crash), expose sensitive information, or possibly execute arbitrary code. (CVE-2018-18281)

It was discovered that the socket implementation in the Linux kernel contained a type confusion error that could lead to memory corruption. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2018-9568)

References

Affected packages

Ubuntu:14.04:LTS / linux

Package

Name
linux

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.13.0-165.215

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "linux-image-3.13.0-165-powerpc-e500mc": "3.13.0-165.215",
            "linux-image-generic": "3.13.0.165.175",
            "linux-image-3.13.0-165-powerpc64-emb": "3.13.0-165.215",
            "linux-image-powerpc64-emb": "3.13.0.165.175",
            "linux-image-3.13.0-165-generic-lpae": "3.13.0-165.215",
            "linux-image-powerpc64-smp": "3.13.0.165.175",
            "linux-image-powerpc-e500": "3.13.0.165.175",
            "linux-image-virtual": "3.13.0.165.175",
            "linux-image-3.13.0-165-lowlatency": "3.13.0-165.215",
            "linux-image-powerpc-e500mc": "3.13.0.165.175",
            "linux-image-generic-lpae-lts-trusty": "3.13.0.165.175",
            "linux-image-3.13.0-165-powerpc-e500": "3.13.0-165.215",
            "linux-image-3.13.0-165-powerpc-smp": "3.13.0-165.215",
            "linux-image-lowlatency-pae": "3.13.0.165.175",
            "linux-image-generic-lts-quantal": "3.13.0.165.175",
            "linux-image-generic-pae": "3.13.0.165.175",
            "linux-image-generic-lpae-lts-saucy": "3.13.0.165.175",
            "linux-image-omap": "3.13.0.165.175",
            "linux-image-generic-lts-trusty": "3.13.0.165.175",
            "linux-image-lowlatency": "3.13.0.165.175",
            "linux-image-generic-lts-raring": "3.13.0.165.175",
            "linux-image-powerpc-smp": "3.13.0.165.175",
            "linux-image-highbank": "3.13.0.165.175",
            "linux-image-generic-lts-saucy": "3.13.0.165.175",
            "linux-image-3.13.0-165-powerpc64-smp": "3.13.0-165.215",
            "linux-image-generic-lpae": "3.13.0.165.175",
            "linux-image-3.13.0-165-generic": "3.13.0-165.215"
        }
    ]
}