Oval Definition:
oval:com.ubuntu.cosmic:def:20193874000
Revision Date
:
2019-03-25
Version
:
1
Title
:
CVE-2019-3874 on Ubuntu 18.10 (cosmic) - medium.
Description
:
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
Family
:
unix
Class
:
vulnerability
Status
:
Reference(s)
:
CVE-2019-3874
Platform(s)
:
Ubuntu 18.10
Product(s)
:
Definition Synopsis
Ubuntu 18.10 (cosmic) is installed.
AND
Package Information
The 'linux' package in cosmic is affected. An update containing the fix has been completed and is pending publication (note: '4.18.0-19.20').
OR
The 'linux-aws' package in cosmic is affected. An update containing the fix has been completed and is pending publication (note: '4.18.0-1015.17').
OR
The 'linux-azure' package in cosmic is affected. An update containing the fix has been completed and is pending publication (note: '4.18.0-1017.17').
OR
The 'linux-gcp' package in cosmic is affected. An update containing the fix has been completed and is pending publication (note: '4.18.0-1010.11').
OR
The 'linux-kvm' package in cosmic is affected. An update containing the fix has been completed and is pending publication (note: '4.18.0-1011.11').
OR
The 'linux-oem' package in cosmic is affected. An update containing the fix has been completed and is pending publication (note: '4.15.0-1037.42').
OR
The 'linux-oracle' package in cosmic is affected. An update containing the fix has been completed and is pending publication (note: '4.15.0-1012.14').
OR
The 'linux-raspi2' package in cosmic is affected. An update containing the fix has been completed and is pending publication (note: '4.18.0-1013.15').
BACK