Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cloudfoundryCloud FoundryCFOUNDRY:14B68CF9239F5B684A501D8AEBCF6EA3
HistoryOct 09, 2018 - 12:00 a.m.

USN-3762-2: Linux kernel (HWE) vulnerabilities | Cloud Foundry

2018-10-0900:00:00
Cloud Foundry
www.cloudfoundry.org
519

0.0004 Low

EPSS

Percentile

5.1%

JSON

Severity

Low

Vendor

Canonical Ubuntu

Versions Affected

  • Canonical Ubuntu 16.04

Description

USN-3762-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS.

It was discovered that the VirtIO subsystem in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to possibly expose sensitive information (kernel memory). (CVE-2018-1118)

Seunghun Han discovered an information leak in the ACPI handling code in the Linux kernel when handling early termination of ACPI table loading. A local attacker could use this to expose sensitive informal (kernel address locations). (CVE-2017-13695)

CVEs contained in this USN include: CVE-2017-13695, CVE-2018-1118

Affected Cloud Foundry Products and Versions

Severity is low unless otherwise noted.

  • Cloud Foundry BOSH xenial-stemcells are vulnerable, including:
    • 97.x versions prior to 97.19
    • All other stemcells not listed.

Mitigation

Users of affected products are strongly encouraged to follow one of the mitigations below:

  • The Cloud Foundry project recommends upgrading the following BOSH xenial-stemcells:
    • Upgrade 97.x versions to 97.19
    • All other stemcells should be upgraded to the latest version available on bosh.io.

References

Related

ubuntu 4
nessus 42
openvas 30
cvelist 2
redhatcve 2
debiancve 2
cve 2
ubuntucve 2
nvd 2
prion 2
osv 2
veracode 1
fedora 7
mageia 4
oraclelinux 7
photon 3
cloudfoundry 1
suse 2
debian 1
redhat 3
centos 1
ibm 1
ubuntu
ubuntu
Linux kernel vulnerabilities
2018-09-11 00:00:00
Linux kernel (HWE) vulnerabilities
2018-09-11 00:00:00
Linux kernel (Xenial HWE) vulnerabilities
2018-07-02 00:00:00
nessus
nessus
Ubuntu 16.04 LTS : Linux kernel (HWE) vulnerabilities (USN-3762-2)
2018-09-12 00:00:00
Ubuntu 18.04 LTS : Linux kernel vulnerabilities (USN-3762-1)
2018-09-12 00:00:00
Fedora 27 : acpica-tools (2018-7c2e0a998d)
2018-04-02 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-3762-2)
2018-09-11 00:00:00
Ubuntu: Security Advisory (USN-3762-1)
2018-09-11 00:00:00
Fedora Update for acpica-tools FEDORA-2018-7c2e0a998d
2018-04-03 00:00:00
cvelist
cvelist
CVE-2017-13695
2017-08-25 07:00:00
CVE-2018-1118
2018-05-10 22:00:00
redhatcve
redhatcve
CVE-2017-13695
2017-08-25 13:18:45
CVE-2018-1118
2020-01-13 21:32:44
debiancve
debiancve
CVE-2017-13695
2017-08-25 08:29:00
CVE-2018-1118
2018-05-10 22:29:00
cve
cve
CVE-2017-13695
2017-08-25 08:29:00
CVE-2018-1118
2018-05-10 22:29:00
ubuntucve
ubuntucve
CVE-2017-13695
2017-08-25 00:00:00
CVE-2018-1118
2018-05-10 00:00:00
nvd
nvd
CVE-2017-13695
2017-08-25 08:29:00
CVE-2018-1118
2018-05-10 22:29:00
prion
prion
Design/Logic Flaw
2017-08-25 08:29:00
Code injection
2018-05-10 22:29:00
osv
osv
CVE-2018-1118
2018-05-10 22:29:00
linux-4.9 - security update
2018-07-14 00:00:00
veracode
veracode
Information Disclosure
2019-05-16 03:18:36
fedora
fedora
[SECURITY] Fedora 28 Update: acpica-tools-20180209-1.fc28
2018-03-30 13:35:36
[SECURITY] Fedora 27 Update: acpica-tools-20180209-1.fc27
2018-04-01 03:30:50
[SECURITY] Fedora 26 Update: kernel-4.12.11-300.fc26
2017-09-12 00:26:54
mageia
mageia
Updated acpica-tools packages fix security vulnerabilities
2018-04-03 21:48:20
Updated kernel packages fixes security vulnerabilities
2018-07-25 11:24:17
Updated kernel-linus packages fix security vulnerabilities
2018-08-15 18:45:26
oraclelinux
oraclelinux
Unbreakable Enterprise kernel security update
2018-09-26 00:00:00
Unbreakable Enterprise kernel security update
2018-10-10 00:00:00
Unbreakable Enterprise kernel security update
2018-10-10 00:00:00
photon
photon
Critical Photon OS Security Update - PHSA-2018-0068
2018-07-09 00:00:00
Important Photon OS Security Update - PHSA-2018-0062
2018-06-21 00:00:00
Important Photon OS Security Update - PHSA-2018-0150
2018-06-21 00:00:00
cloudfoundry
cloudfoundry
USN-3696-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry
2018-07-10 00:00:00
suse
suse
Security update for the Linux Kernel (important)
2018-07-28 15:17:43
Security update for the Linux Kernel (important)
2022-06-17 00:00:00
debian
debian
[SECURITY] [DLA 1423-1] linux-4.9 new package
2018-07-18 15:37:11
redhat
redhat
(RHSA-2018:3083) Important: kernel security, bug fix, and enhancement update
2018-10-30 04:16:59
(RHSA-2018:3096) Important: kernel-rt security, bug fix, and enhancement update
2018-10-30 04:18:28
(RHSA-2018:2948) Important: kernel-alt security, bug fix, and enhancement update
2018-10-30 08:15:20
centos
centos
bpftool, kernel, perf, python security update
2018-11-15 18:40:28
ibm
ibm
Security Bulletin: IBM API Connect has addressed multiple vulnerabilities in Developer Portal's dependencies - Cumulative list from June 28, 2018 to December 13, 2018
2019-01-28 17:05:01

0.0004 Low

EPSS

Percentile

5.1%

JSON
Related for CFOUNDRY:14B68CF9239F5B684A501D8AEBCF6EA3
ubuntu4nessus42openvas30cvelist2redhatcve2debiancve2cve2ubuntucve2nvd2prion2osv2veracode1fedora7mageia4oraclelinux7photon3cloudfoundry1suse2debian1redhat3centos1ibm1