CVE-2018-8043

Related Files

Kernel Live Patch Security Notice LSN-0037-1

Posted May 7, 2018

Authored by Benjamin M. Romer

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel improperly performed sign extension in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local

systems | linux

advisories | CVE-2017-0861, CVE-2017-15129, CVE-2017-16995, CVE-2017-17448, CVE-2017-17450, CVE-2018-1000199, CVE-2018-5333, CVE-2018-5344, CVE-2018-8043

SHA-256 | 39ead24f1d46a53a4118ca65333192e8b23de00376f175ad713483a533c61a56

Download | Favorite | View

Ubuntu Security Notice USN-3632-1

Posted Apr 24, 2018

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3632-1 - It was discovered that a race condition leading to a use-after-free vulnerability existed in the ALSA PCM subsystem of the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the KVM implementation in the Linux kernel allowed passthrough of the diagnostic I/O port 0x80. An attacker in a guest VM could use this to cause a denial of service in the host OS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local

systems | linux, ubuntu

advisories | CVE-2017-0861, CVE-2017-1000407, CVE-2017-15129, CVE-2017-16994, CVE-2017-17448, CVE-2017-17450, CVE-2017-17741, CVE-2017-17805, CVE-2017-17806, CVE-2017-17807, CVE-2018-1000026, CVE-2018-5332, CVE-2018-5333, CVE-2018-5344, CVE-2018-8043

SHA-256 | f8553fc2b1fbe9a47e2b4b2ce0f11da61f2c04cd45e5a0719d72c05c601fef36

Download | Favorite | View

Ubuntu Security Notice USN-3630-2

Posted Apr 24, 2018

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3630-2 - USN-3630-1 fixed a vulnerability in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. It was discovered that the Broadcom UniMAC MDIO bus controller driver in the Linux kernel did not properly validate device resources. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local

systems | linux, ubuntu

advisories | CVE-2018-8043

SHA-256 | da5edcf5fe7d9960c0fc14a80dbcbbe63c373993eb63a21aa1cb6b5209540b01

Download | Favorite | View

Ubuntu Security Notice USN-3630-1

Posted Apr 24, 2018

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3630-1 - It was discovered that the Broadcom UniMAC MDIO bus controller driver in the Linux kernel did not properly validate device resources. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local

systems | linux, ubuntu

advisories | CVE-2018-8043

SHA-256 | 841517345a366bff6a67067a64330277230469e84daa8bef61a90d192b4f7a97

Download | Favorite | View