7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
8.4 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.3%
USN-3820-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu
16.04 LTS.
Felix Wilhelm discovered that the Xen netback driver in the Linux kernel
did not properly perform input validation in some situations. An attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2018-15471)
It was discovered that the generic SCSI driver in the Linux kernel did not
properly enforce permissions on kernel memory access. A local attacker
could use this to expose sensitive information or possibly elevate
privileges. (CVE-2017-13168)
It was discovered that an integer overflow existed in the CD-ROM driver of
the Linux kernel. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2018-16658)
It was discovered that an integer overflow existed in the HID Bluetooth
implementation in the Linux kernel that could lead to a buffer overwrite.
An attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2018-9363)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 16.04 | noarch | linux-image-4.15.0-39-generic | < 4.15.0-39.42~16.04.1 | UNKNOWN |
Ubuntu | 16.04 | noarch | block-modules-4.15.0-39-generic-di | < 4.15.0-39.42~16.04.1 | UNKNOWN |
Ubuntu | 16.04 | noarch | crypto-modules-4.15.0-39-generic-di | < 4.15.0-39.42~16.04.1 | UNKNOWN |
Ubuntu | 16.04 | noarch | fat-modules-4.15.0-39-generic-di | < 4.15.0-39.42~16.04.1 | UNKNOWN |
Ubuntu | 16.04 | noarch | fb-modules-4.15.0-39-generic-di | < 4.15.0-39.42~16.04.1 | UNKNOWN |
Ubuntu | 16.04 | noarch | firewire-core-modules-4.15.0-39-generic-di | < 4.15.0-39.42~16.04.1 | UNKNOWN |
Ubuntu | 16.04 | noarch | floppy-modules-4.15.0-39-generic-di | < 4.15.0-39.42~16.04.1 | UNKNOWN |
Ubuntu | 16.04 | noarch | fs-core-modules-4.15.0-39-generic-di | < 4.15.0-39.42~16.04.1 | UNKNOWN |
Ubuntu | 16.04 | noarch | fs-secondary-modules-4.15.0-39-generic-di | < 4.15.0-39.42~16.04.1 | UNKNOWN |
Ubuntu | 16.04 | noarch | input-modules-4.15.0-39-generic-di | < 4.15.0-39.42~16.04.1 | UNKNOWN |
7.2 High
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
8.4 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
55.3%