OVAL Reference oval:com.ubuntu.bionic:def:201718360000

Oval Definition:

oval:com.ubuntu.bionic:def:201718360000

Revision Date:	2019-01-31	Version:	1
Title:	CVE-2017-18360 on Ubuntu 18.04 LTS (bionic) - medium.
Description:	In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates. It was discovered that the USB serial device driver in the Linux kernel did not properly validate baud rate settings when debugging is enabled. A local attacker could use this to cause a denial of service (system crash).
Family:	unix	Class:	vulnerability
Status:		Reference(s):	CVE-2017-18360
Platform(s):	Ubuntu 18.04 LTS	Product(s):
Definition Synopsis
Ubuntu 18.04 LTS (bionic) is installed. AND Package Information NOT While related to the CVE in some way, the 'linux' package in bionic is not affected (note: '4.13.0-16.19'). OR NOT While related to the CVE in some way, the 'linux-aws' package in bionic is not affected (note: '4.15.0-1001.1'). OR NOT While related to the CVE in some way, the 'linux-azure' package in bionic is not affected (note: '4.15.0-1002.2'). OR NOT While related to the CVE in some way, the 'linux-azure-edge' package in bionic is not affected (note: '4.15.0-1002.2'). OR NOT While related to the CVE in some way, the 'linux-gcp' package in bionic is not affected (note: '4.15.0-1001.1'). OR NOT While related to the CVE in some way, the 'linux-gcp-edge' package in bionic is not affected (note: '4.18.0-1004.5~18.04.1'). OR NOT While related to the CVE in some way, the 'linux-hwe' package in bionic is not affected (note: '4.18.0-13.14~18.04.1'). OR NOT While related to the CVE in some way, the 'linux-hwe-edge' package in bionic is not affected (note: '5.0.0-8.9~18.04.1'). OR NOT While related to the CVE in some way, the 'linux-kvm' package in bionic is not affected (note: '4.15.0-1002.2'). OR NOT While related to the CVE in some way, the 'linux-oem' package in bionic is not affected (note: '4.15.0-1002.3'). OR NOT While related to the CVE in some way, the 'linux-oracle' package in bionic is not affected (note: '4.15.0-1007.9'). OR NOT While related to the CVE in some way, the 'linux-raspi2' package in bionic is not affected (note: '4.13.0-1005.5').

BACK