Oval Definition:	oval:com.ubuntu.bionic:def:201812714000
Revision Date: 2018-06-24 Version: 1 Title: CVE-2018-12714 on Ubuntu 18.04 LTS (bionic) - medium. Description: An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index invalid. This allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via crafted perf_event_open and mmap system calls. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-12714 Platform(s): Ubuntu 18.04 LTS Product(s): Definition Synopsis Ubuntu 18.04 LTS (bionic) is installed. AND Package Information NOT While related to the CVE in some way, the 'linux' package in bionic is not affected. OR NOT While related to the CVE in some way, the 'linux-aws' package in bionic is not affected. OR NOT While related to the CVE in some way, the 'linux-azure' package in bionic is not affected. OR The 'linux-azure-edge' package in bionic is affected. An update containing the fix has been completed and is pending publication (note: '4.18.0-1003.3~18.04.1'). OR NOT While related to the CVE in some way, the 'linux-gcp' package in bionic is not affected. OR NOT While related to the CVE in some way, the 'linux-hwe' package in bionic is not affected. OR The 'linux-hwe-edge' package in bionic is affected. An update containing the fix has been completed and is pending publication (note: '4.18.0-8.9~18.04.1'). OR NOT While related to the CVE in some way, the 'linux-kvm' package in bionic is not affected. OR NOT While related to the CVE in some way, the 'linux-oem' package in bionic is not affected. OR NOT While related to the CVE in some way, the 'linux-raspi2' package in bionic is not affected.
BACK