Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2018-07-02 | CVE-2018-13053 | The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used. | Ubuntu_linux, Debian_linux, Linux_kernel | 3.3 | ||
| 2018-06-29 | CVE-2018-13006 | An issue was discovered in MP4Box in GPAC 0.7.1. There is a heap-based buffer over-read in the isomedia/box_dump.c function hdlr_dump. | Ubuntu_linux, Debian_linux, Gpac | 9.8 | ||
| 2018-06-29 | CVE-2018-13005 | An issue was discovered in MP4Box in GPAC 0.7.1. The function urn_Read in isomedia/box_code_base.c has a heap-based buffer over-read. | Ubuntu_linux, Debian_linux, Gpac | 9.8 | ||
| 2018-06-28 | CVE-2018-12931 | ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem. | Ubuntu_linux, Linux_kernel | 7.8 | ||
| 2018-06-28 | CVE-2018-12930 | ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem. | Ubuntu_linux, Linux_kernel | 7.8 | ||
| 2018-06-28 | CVE-2018-12929 | ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem. | Ubuntu_linux, Linux_kernel | 5.5 | ||
| 2018-06-28 | CVE-2018-12928 | In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem. | Ubuntu_linux, Linux_kernel | 5.5 | ||
| 2018-07-19 | CVE-2018-12911 | WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the get_simple_globs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c. | Ubuntu_linux, Webkitgtk\+ | 9.8 | ||
| 2018-06-27 | CVE-2018-12904 | In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL. | Ubuntu_linux, Linux_kernel | 4.9 | ||
| 2018-07-02 | CVE-2018-12896 | An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be larger than INT_MAX, but the accounting is int based. This basically makes the accounting values, which are visible to user space via timer_getoverrun(2) and siginfo::si_overrun, random. For example, a local user can cause a denial of service... | Ubuntu_linux, Debian_linux, Linux_kernel | 5.5 |