4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.5%
USN-3910-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04
LTS. This update provides the corresponding updates for the Linux
Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu
14.04 LTS.
It was discovered that the f2fs filesystem implementation in the Linux
kernel did not handle the noflush_merge mount option correctly. An attacker
could use this to cause a denial of service (system crash).
(CVE-2017-18241)
It was discovered that the procfs filesystem did not properly handle
processes mapping some memory elements onto files. A local attacker could
use this to block utilities that examine the procfs filesystem to report
operating system state, such as ps(1). (CVE-2018-1120)
Hui Peng and Mathias Payer discovered that the Option USB High Speed driver
in the Linux kernel did not properly validate metadata received from the
device. A physically proximate attacker could use this to cause a denial of
service (system crash). (CVE-2018-19985)
It was discovered that multiple integer overflows existed in the hugetlbfs
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2018-7740)
Jann Horn discovered a race condition in the fork() system call in the
Linux kernel. A local attacker could use this to gain access to services
that cache authorizations. (CVE-2019-6133)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 14.04 | noarch | linux-image-4.4.0-1039-aws | < 4.4.0-1039.42 | UNKNOWN |
Ubuntu | 14.04 | noarch | linux-aws-cloud-tools-4.4.0-1039 | < 4.4.0-1039.42 | UNKNOWN |
Ubuntu | 14.04 | noarch | linux-aws-headers-4.4.0-1039 | < 4.4.0-1039.42 | UNKNOWN |
Ubuntu | 14.04 | noarch | linux-aws-tools-4.4.0-1039 | < 4.4.0-1039.42 | UNKNOWN |
Ubuntu | 14.04 | noarch | linux-buildinfo-4.4.0-1039-aws | < 4.4.0-1039.42 | UNKNOWN |
Ubuntu | 14.04 | noarch | linux-cloud-tools-4.4.0-1039-aws | < 4.4.0-1039.42 | UNKNOWN |
Ubuntu | 14.04 | noarch | linux-headers-4.4.0-1039-aws | < 4.4.0-1039.42 | UNKNOWN |
Ubuntu | 14.04 | noarch | linux-image-4.4.0-1039-aws-dbgsym | < 4.4.0-1039.42 | UNKNOWN |
Ubuntu | 14.04 | noarch | linux-modules-4.4.0-1039-aws | < 4.4.0-1039.42 | UNKNOWN |
Ubuntu | 14.04 | noarch | linux-tools-4.4.0-1039-aws | < 4.4.0-1039.42 | UNKNOWN |
4.9 Medium
CVSS2
Attack Vector
LOCAL
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:N/I:N/A:C
6.7 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
7.2 High
AI Score
Confidence
High
0.002 Low
EPSS
Percentile
57.5%