CVE Summary
The following CVE are available for all releases offered through Unbreakable Linux Network (ULN).
Synopsis
CVE-2018-8897 A statement in the System Programming Guide of the Intel 64 and IA-32Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for #DB exceptions that are deferred by MOV SS or POP SS, as demonstrated by (for example) privilege escalation in Windows, macOS, some Xen configurations, or FreeBSD, or a Linux kernel crash. The MOV to SS and POP SS instructions inhibit interrupts (including NMIs), data breakpoints, and single step trap exceptions until the instruction boundary following the next instruction (SDM Vol. 3A; section 6.8.3). (The inhibited data breakpoints are those on memory accessed by the MOV to SS or POP to SS instruction itself.) Note that debug exceptions are not inhibited by the interrupt enable (EFLAGS.IF) system flag (SDM Vol. 3A; section 2.3). If the instruction following the MOV to SS or POP to SS instruction is an instruction like SYSCALL, SYSENTER, INT 3, etc. that transfers control to the operating system at CPL < 3, the debug exception is delivered after the transfer to CPL < 3 is complete. OS kernels may not expect this order of events and may therefore experience unexpected behavior when it occurs. 2018-07-30
CVE-2018-8781 The udl_fb_mmap function in drivers/gpu/drm/udl/udl_fb.c at the Linuxkernel version 3.4 and up to and including 4.15 has an integer-overflow vulnerability allowing local users with access to the udldrmfb driver to obtain full read and write permissions on kernel physical pages, resulting in a code execution in kernel space. 2018-07-30
CVE-2018-8088 org.slf4j.ext.EventData in the slf4j-ext module in QOS.CH SLF4J before1.8.0-beta2 allows remote attackers to bypass intended access restrictions via crafted data. 2018-07-30
CVE-2018-7858Quick Emulator (aka QEMU), when built with the Cirrus CLGD 54xx VGAEmulator support, allows local guest OS privileged users to cause a denial of service (out-of-bounds access and QEMU process crash) by leveraging incorrect region calculation when updating VGA display.2018-07-10
CVE-2018-7750 transport.py in the SSH server implementation of Paramiko before1.17.6, 1.18.x before 1.18.5, 2.0.x before 2.0.8, 2.1.x before 2.1.5, 2.2.x before 2.2.3, 2.3.x before 2.3.2, and 2.4.x before 2.4.1 does not properly check whether authentication is completed before processing other requests, as demonstrated by channel-open. A customized SSH client can simply skip the authentication step. 2018-07-30
CVE-2018-7541An issue was discovered in Xen through 4.10.x allowing guest OS usersto cause a denial of service (hypervisor crash) or gain privileges by triggering a grant-table transition from v2 to v1.2018-03-01
CVE-2018-7540An issue was discovered in Xen through 4.10.x allowing x86 PV guest OSusers to cause a denial of service (host OS CPU hang) via non-preemptable L3/L4 pagetable freeing.2018-03-01
CVE-2018-7225 An issue was discovered in LibVNCServer through 0.9.11.rfbProcessClientNormalMessage() in rfbserver.c does not sanitize msg.cct.length, leading to access to uninitialized and potentially sensitive data or possibly unspecified other impact (e.g., an integer overflow) via specially crafted VNC packets. 2018-07-30
CVE-2018-6927The futex_requeue function in kernel/futex.c in the Linux kernel before4.14.15 might allow attackers to cause a denial of service (integer overflow) or possibly have unspecified other impact by triggering a negative wake or requeue value.2018-08-08
CVE-2018-6871LibreOffice before 5.4.5 and 6.x before 6.0.1 allows remote attackersto read arbitrary files via =WEBSERVICE calls in a document, which use the COM.MICROSOFT.WEBSERVICE function.2018-03-13
CVE-2018-6126 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-07-03
CVE-2018-5950Cross-site scripting (XSS) vulnerability in the web UI in Mailmanbefore 2.1.26 allows remote attackers to inject arbitrary web script or HTML via a user-options URL.2018-03-13
CVE-2018-5803In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121,4.1.51, and 3.2.102, an error in the _sctp_make_chunk() function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.2018-07-10
CVE-2018-5750The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linuxkernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.2018-08-08
CVE-2018-5748 qemu/qemu_monitor.c in libvirt allows attackers to cause a denial ofservice (memory consumption) via a large QEMU reply. 2018-07-30
CVE-2018-5733 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-03-12
CVE-2018-5732 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-03-12
CVE-2018-5683 The vga_draw_text function in Qemu allows local OS guest privilegedusers to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation. 2018-07-30
CVE-2018-5390Linux kernel versions 4.9+ can be forced to make very expensive callsto tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.2018-08-06
CVE-2018-5379 The Quagga BGP daemon (bgpd) prior to version 1.2.3 can double-freememory when processing certain forms of UPDATE message, containing cluster-list and/or unknown attributes. A successful attack could cause a denial of service or potentially allow an attacker to execute arbitrary code. 2018-07-30
CVE-2018-5345A stack-based buffer overflow within GNOME gcab through 0.7.4 can beexploited by malicious attackers to cause a crash or, potentially, execute arbitrary code via a crafted .cab file.2018-02-26
CVE-2018-5333In the Linux kernel through 4.14.13, the rds_cmsg_atomic function innet/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.2018-08-08
CVE-2018-5332 In the Linux kernel through 4.14.13, the rds_message_alloc_sgs()function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c). 2018-07-30
CVE-2018-5188** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.2018-07-24
CVE-2018-5185 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-05-24
CVE-2018-5184 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-05-24
CVE-2018-5183 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-05-24
CVE-2018-5178 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-05-24
CVE-2018-5170 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-05-24
CVE-2018-5168 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-05-24
CVE-2018-5162 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-05-24
CVE-2018-5161 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-05-24
CVE-2018-5159 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-05-24
CVE-2018-5158 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-05-14
CVE-2018-5157 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-05-14
CVE-2018-5156 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-07-03
CVE-2018-5155 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-05-24
CVE-2018-5154 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-05-24
CVE-2018-5150 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-05-24
CVE-2018-5148 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-04-16
CVE-2018-5146 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-04-16
CVE-2018-5145 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-04-09
CVE-2018-5144 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-04-09
CVE-2018-5131 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-03-15
CVE-2018-5130 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-03-15
CVE-2018-5129 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-04-09
CVE-2018-5127 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-04-09
CVE-2018-5125 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-04-09
CVE-2018-5117 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-01-23
CVE-2018-5104 ** RESERVED **This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided. 2018-01-23
1 - 50Next

Copyright (c) 2015, 2017, Oracle Corporation. All Rights Reserved.