Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2019-11-29 | CVE-2019-14901 | A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The vulnerability allows a remote attacker to cause a system crash, resulting in a denial of service, or execute arbitrary code. The highest threat with this vulnerability is with the availability of the system. If code execution occurs, the code will run with the permissions of root. This will affect both confidentiality and integrity of files on the system. | Ubuntu_linux, Debian_linux, Fedora, Linux_kernel | 9.8 | ||
| 2018-11-07 | CVE-2018-19058 | An issue was discovered in Poppler 0.71.0. There is a reachable abort in Object.h, will lead to denial of service because EmbFile::save2 in FileSpec.cc lacks a stream check before saving an embedded file. | Ubuntu_linux, Debian_linux, Poppler, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_workstation | 6.5 | ||
| 2019-01-01 | CVE-2018-20650 | A reachable Object::dictLookup assertion in Poppler 0.72.0 allows attackers to cause a denial of service due to the lack of a check for the dict data type, as demonstrated by use of the FileSpec class (in FileSpec.cc) in pdfdetach. | Ubuntu_linux, Debian_linux, Poppler, Enterprise_linux, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_tus, Enterprise_linux_workstation | 6.5 | ||
| 2019-04-01 | CVE-2018-3979 | A remote denial-of-service vulnerability exists in the way the Nouveau Display Driver (the default Ubuntu Nvidia display driver) handles GPU shader execution. A specially crafted pixel shader can cause remote denial-of-service issues. An attacker can provide a specially crafted website to trigger this vulnerability. This vulnerability can be triggered remotely after the user visits a malformed website. No further user interaction is required. Vulnerable versions include Ubuntu 18.04 LTS... | Ubuntu_linux, Geforce_gtx_745_firmware, Geforce_gtx_750_firmware, Geforce_gtx_750_ti_firmware, Geforce_gtx_840m_firmware, Geforce_gtx_845m_firmware, Geforce_gtx_850m_firmware, Geforce_gtx_860m_firmware, Geforce_gtx_950m_firmware, Geforce_gtx_960m_firmware, Grid_m30_firmware, Grid_m40_firmware, Quadro_k1200_firmware, Quadro_k2200_firmware, Quadro_k620_firmware, Quadro_m1000m_firmware, Quadro_m1200m_firmware | 6.5 | ||
| 2018-01-24 | CVE-2017-18075 | crypto/pcrypt.c in the Linux kernel before 4.14.13 mishandles freeing instances, allowing a local user able to access the AF_ALG-based AEAD interface (CONFIG_CRYPTO_USER_API_AEAD) and pcrypt (CONFIG_CRYPTO_PCRYPT) to cause a denial of service (kfree of an incorrect pointer) or possibly have unspecified other impact by executing a crafted sequence of system calls. | Ubuntu_linux, Linux_kernel | 7.8 | ||
| 2018-01-29 | CVE-2017-18079 | drivers/input/serio/i8042.c in the Linux kernel before 4.12.4 allows attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact because the port->exists value can change after it is validated. | Ubuntu_linux, Linux_kernel | 7.8 | ||
| 2019-09-08 | CVE-2019-16091 | Symonics libmysofa 0.7 has an out-of-bounds read in directblockRead in hdf/fractalhead.c. | Ubuntu_linux, Libmysofa | 7.5 | ||
| 2019-09-08 | CVE-2019-16092 | Symonics libmysofa 0.7 has a NULL pointer dereference in getHrtf in hrtf/reader.c. | Ubuntu_linux, Libmysofa | 9.8 | ||
| 2019-09-08 | CVE-2019-16093 | Symonics libmysofa 0.7 has an invalid write in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. | Ubuntu_linux, Libmysofa | 9.8 | ||
| 2019-09-08 | CVE-2019-16094 | Symonics libmysofa 0.7 has an invalid read in readOHDRHeaderMessageDataLayout in hdf/dataobject.c. | Ubuntu_linux, Libmysofa | 7.5 |