Oval Definition:oval:com.ubuntu.bionic:def:201895160000000
Revision Date:2018-11-06Version:1
Title:CVE-2018-9516 on Ubuntu 18.04 LTS (bionic) - negligible.
Description:In hid_debug_events_read of drivers/hid/hid-debug.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-71361580. It was discovered that the debug interface for the Linux kernel's HID subsystem did not properly perform bounds checking in some situations. An attacker with access to debugfs could use this to cause a denial of service or possibly gain additional privileges.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-9516
Platform(s):Ubuntu 18.04 LTS
Product(s):
Definition Synopsis
  • Ubuntu 18.04 LTS (bionic) is installed.
  • AND Package Information
  • linux package in bionic was vulnerable but has been fixed (note: '4.15.0-44.47').
  • OR linux-aws package in bionic was vulnerable but has been fixed (note: '4.15.0-1032.34').
  • OR linux-azure package in bionic was vulnerable but has been fixed (note: '4.15.0-1037.39').
  • OR linux-gcp package in bionic was vulnerable but has been fixed (note: '4.15.0-1027.28').
  • OR linux-hwe package in bionic, is related to the CVE in some way and has been fixed (note: '4.18.0-13.14~18.04.1').
  • OR linux-kvm package in bionic was vulnerable but has been fixed (note: '4.15.0-1029.29').
  • OR linux-meta package in bionic was vulnerable but has been fixed (note: '4.15.0-44.47').
  • OR linux-meta-aws package in bionic was vulnerable but has been fixed (note: '4.15.0-1032.34').
  • OR linux-meta-azure package in bionic was vulnerable but has been fixed (note: '4.15.0-1037.39').
  • OR linux-meta-gcp package in bionic was vulnerable but has been fixed (note: '4.15.0-1027.28').
  • OR linux-meta-hwe package in bionic, is related to the CVE in some way and has been fixed (note: '4.18.0-13.14~18.04.1').
  • OR linux-meta-kvm package in bionic was vulnerable but has been fixed (note: '4.15.0-1029.29').
  • OR linux-meta-oem package in bionic was vulnerable but has been fixed (note: '4.15.0-1033.38').
  • OR linux-meta-oracle package in bionic was vulnerable but has been fixed (note: '4.15.0-1008.10').
  • OR linux-meta-raspi2 package in bionic was vulnerable but has been fixed (note: '4.15.0-1031.33').
  • OR linux-meta-snapdragon package in bionic was vulnerable but has been fixed (note: '4.15.0-1053.57').
  • OR linux-oem package in bionic was vulnerable but has been fixed (note: '4.15.0-1033.38').
  • OR linux-oracle package in bionic was vulnerable but has been fixed (note: '4.15.0-1008.10').
  • OR linux-raspi2 package in bionic was vulnerable but has been fixed (note: '4.15.0-1031.33').
  • OR linux-signed package in bionic was vulnerable but has been fixed (note: '4.15.0-44.47').
  • OR linux-signed-azure package in bionic was vulnerable but has been fixed (note: '4.15.0-1037.39').
  • OR linux-signed-gcp package in bionic was vulnerable but has been fixed (note: '4.15.0-1027.28').
  • OR linux-signed-hwe package in bionic, is related to the CVE in some way and has been fixed (note: '4.18.0-13.14~18.04.1').
  • OR linux-signed-oem package in bionic was vulnerable but has been fixed (note: '4.15.0-1033.38').
  • OR linux-signed-oracle package in bionic was vulnerable but has been fixed (note: '4.15.0-1008.10').
  • OR linux-snapdragon package in bionic was vulnerable but has been fixed (note: '4.15.0-1053.57').
    • BACK