Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-06-29 | CVE-2018-13005 | An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read. | Ubuntu_linux, Debian_linux, Gpac | 9.8 | ||
| 2018-06-28 | CVE-2018-12931 | ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem. | Ubuntu_linux, Linux_kernel | 7.8 | ||
| 2018-06-28 | CVE-2018-12930 | ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem. | Ubuntu_linux, Linux_kernel | 7.8 | ||
| 2018-06-28 | CVE-2018-12929 | ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem. | Ubuntu_linux, Linux_kernel | 5.5 | ||
| 2018-06-28 | CVE-2018-12928 | In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem. | Ubuntu_linux, Linux_kernel | 5.5 | ||
| 2018-07-19 | CVE-2018-12911 | WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c. | Ubuntu_linux, Webkitgtk\+ | 9.8 | ||
| 2018-06-27 | CVE-2018-12904 | In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL. | Ubuntu_linux, Linux_kernel | 4.9 | ||
| 2018-07-02 | CVE-2018-12896 | An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service... | Ubuntu_linux, Debian_linux, Linux_kernel | 5.5 | ||
| 2018-06-26 | CVE-2018-12882 | exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PHP exif_read_data function. | Ubuntu_linux, Storage_automation_store, Php | 9.8 | ||
| 2018-06-20 | CVE-2018-12600 | In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file. | Ubuntu_linux, Debian_linux, Imagemagick | 8.8 |