Linux kernel version 4.13 suffers from a compat_get_timex() kernel pointer leak vulnerability.
249b9d5963af9eed4e83c4bf83f077f0231c2bb50f92fe0c295e6a720b15648aUbuntu Security Notice 3718-2 - USN-3695-2 fixed vulnerabilities in the Linux Hardware Enablement Kernel kernel for Ubuntu 16.04 LTS. Unfortunately, the fix for CVE-2018-1108 introduced a regression where insufficient early entropy prevented services from starting, leading in some situations to a failure to boot, This update addresses the issue. Various other issues were also addressed.
7352a11c02a1bd3ca1dde166137417760b084a8e80b91bc68a912cda66fc39c8Ubuntu Security Notice 3718-1 - USN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. Unfortunately, the fix for CVE-2018-1108 introduced a regression where insufficient early entropy prevented services from starting, leading in some situations to a failure to boot, This update addresses the issue. Various other issues were also addressed.
8b5aff682a7fe0dc91801054a3fa777ee05cd873429b047eb282b97fc691e598Ubuntu Security Notice 3697-2 - It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Jann Horn discovered that the 32 bit adjtimex syscall implementation for 64 bit Linux kernels did not properly initialize memory returned to user space in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
c9a9b6f9415eee0a015beb8e44d16a31b4242d4134fa1daff8f7c2ac1adc0f9dUbuntu Security Notice 3697-1 - It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Jann Horn discovered that the 32 bit adjtimex syscall implementation for 64 bit Linux kernels did not properly initialize memory returned to user space in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
55c8f38eb3a5a5b9ca0719a8cf82aed6fd3c1159902999681470b031b1f5489bUbuntu Security Notice 3695-1 - Wen Xu discovered that the ext4 file system implementation in the Linux kernel did not properly initialize the crc32c checksum driver. A local attacker could use this to cause a denial of service. It was discovered that the cdrom driver in the Linux kernel contained an incorrect bounds check. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
8027dac45fca8f547843ef43e09760d5bbb95bb1ee7469c2947cce1a51b7622fUbuntu Security Notice 3695-2 - USN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Wen Xu discovered that the ext4 file system implementation in the Linux kernel did not properly initialize the crc32c checksum driver. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
702548617b260a8caa37ca81a615acaf101fb1759be6eb65f217617fd0740351
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed