The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2018-17358 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in _bfd_stab_section_find_nearest_line in syms.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file. | MEDIUM | Sep 23, 2018 | 10.17.41.13 (Wind River Linux LTS 17) |
| CVE-2018-17359 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. An invalid memory access exists in bfd_zalloc in opncls.c. Attackers could leverage this vulnerability to cause a denial of service (application crash) via a crafted ELF file. | MEDIUM | Sep 23, 2018 | 10.17.41.13 (Wind River Linux LTS 17) |
| CVE-2018-17360 | An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.31. a heap-based buffer over-read in bfd_getl32 in libbfd.c allows an attacker to cause a denial of service through a crafted PE file. This vulnerability can be triggered by the executable objdump. | MEDIUM | Sep 23, 2018 | 10.17.41.13 (Wind River Linux LTS 17) |
| CVE-2018-17204 | An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default. | MEDIUM | Sep 19, 2018 | 10.17.41.13 (Wind River Linux LTS 17) |
| CVE-2018-17082 | The Apache2 component in PHP before 5.6.38, 7.0.x before 7.0.32, 7.1.x before 7.1.22, and 7.2.x before 7.2.10 allows XSS via the body of a Transfer-Encoding: chunked request, because the bucket brigade is mishandled in the php_handler function in sapi/apache2handler/sapi_apache2.c. | MEDIUM | Sep 16, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-17100 | An issue was discovered in LibTIFF 4.0.9. There is a int32 overflow in multiply_ms in tools/ppm2tiff.c, which can cause a denial of service (crash) or possibly have unspecified other impact via a crafted image file. | MEDIUM | Sep 16, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-17101 | An issue was discovered in LibTIFF 4.0.9. There are two out-of-bounds writes in cpTags in tools/tiff2bw.c and tools/pal2rgb.c, which can cause a denial of service (application crash) or possibly have unspecified other impact via a crafted image file. | MEDIUM | Sep 16, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-16999 | Netwide Assembler (NASM) 2.14rc15 has an invalid memory write (segmentation fault) in expand_smacro in preproc.c, which allows attackers to cause a denial of service via a crafted input file. | MEDIUM | Sep 13, 2018 | 10.17.41.13 (Wind River Linux LTS 17) |
| CVE-2018-17000 | A NULL pointer dereference in the function _TIFFmemcmp at tif_unix.c (called from TIFFWriteDirectoryTagTransferfunction) in LibTIFF 4.0.9 allows an attacker to cause a denial-of-service through a crafted tiff file. This vulnerability can be triggered by the executable tiffcp. | MEDIUM | Sep 13, 2018 | 10.17.41.20 (Wind River Linux LTS 17) |
| CVE-2018-14625 | A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the AF_VSOCK protocol to gather a 4 byte information leak or possibly intercept or corrupt AF_VSOCK messages destined to other clients. | MEDIUM | Sep 10, 2018 | 10.17.41.18 (Wind River Linux LTS 17) |
| CVE-2018-16802 | An issue was discovered in Artifex Ghostscript before 9.25. Incorrect restoration of privilege checking when running out of stack during exception handling could be used by attackers able to supply crafted PostScript to execute code using the pipe instruction. This is due to an incomplete fix for CVE-2018-16509. | MEDIUM | Sep 10, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-16511 | An issue was discovered in Artifex Ghostscript before 9.24. A type confusion in ztype could be used by remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. | MEDIUM | Sep 9, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-16513 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the setcolor function to crash the interpreter or possibly have unspecified other impact. | MEDIUM | Sep 9, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-16539 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect access checking in temp file handling to disclose contents of files on the system otherwise not readable. | MEDIUM | Sep 9, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-16540 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files to the builtin PDF14 converter could use a use-after-free in copydevice handling to crash the interpreter or possibly have unspecified other impact. | MEDIUM | Sep 9, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-16541 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use incorrect free logic in pagedevice replacement to crash the interpreter. | MEDIUM | Sep 9, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-16542 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use insufficient interpreter stack-size checking during error handling to crash the interpreter. | MEDIUM | Sep 9, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-16543 | In Artifex Ghostscript before 9.24, gssetresolution and gsgetresolution allow attackers to have an unspecified impact. | MEDIUM | Sep 9, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-16585 | ** DISPUTED ** An issue was discovered in Artifex Ghostscript before 9.24. The .setdistillerkeys PostScript command is accepted even though it is not intended for use during document processing (e.g., after the startup phase). This leads to memory corruption, allowing remote attackers able to supply crafted PostScript to crash the interpreter or possibly have unspecified other impact. Note: A reputable source believes that the CVE is potentially a duplicate of CVE-2018-15910 as explained in Red Hat bugzilla (https://bugzilla.redhat.com/show_bug.cgi?id=1626193). | MEDIUM | Sep 9, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-16658 | An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int interferes with bounds checking. This is similar to CVE-2018-10940. | LOW | Sep 7, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-1000667 | NASM nasm-2.13.03 nasm- 2.14rc15 version 2.14rc15 and earlier contains a memory corruption (crashed) of nasm when handling a crafted file due to function assemble_file(inname, depend_ptr) at asm/nasm.c:482. vulnerability in function assemble_file(inname, depend_ptr) at asm/nasm.c:482. that can result in aborting/crash nasm program. This attack appear to be exploitable via a specially crafted asm file.. | MEDIUM | Sep 6, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-14618 | curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.) | HIGH | Sep 6, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10904 | It was found that glusterfs server does not properly sanitize file paths in the trusted.io-stats-dump extended attribute which is used by the debug/io-stats translator. Attacker can use this flaw to create files and execute arbitrary code. To exploit this attacker would require sufficient access to modify the extended attributes of files on a gluster volume. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10907 | It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using \'alloca(3)\'. An authenticated attacker could exploit this by mounting a gluster volume and sending a string longer that the fixed buffer size to cause crash or potential code execution. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10911 | A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10913 | An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10914 | It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. If gluster multiplexing is enabled this will result in a crash of multiple bricks and gluster volumes. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10923 | It was found that the mknod call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs server node. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10926 | A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10927 | A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10928 | A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10929 | A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10930 | A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-16509 | An issue was discovered in Artifex Ghostscript before 9.24. Incorrect restoration of privilege checking during handling of /invalidaccess exceptions could be used by attackers able to supply crafted PostScript to execute code using the pipe instruction. | HIGH | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-6554 | Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket. | MEDIUM | Sep 4, 2018 | 10.17.41.13 (Wind River Linux LTS 17) |
| CVE-2018-6555 | The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecified other impact via an AF_IRDA socket. | HIGH | Sep 4, 2018 | 10.17.41.13 (Wind River Linux LTS 17) |
| CVE-2018-16402 | libelf/elf_end.c in elfutils 0.173 allows remote attackers to cause a denial of service (double free and application crash) or possibly have unspecified other impact because it tries to decompress twice. | HIGH | Sep 3, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-16403 | libdw in elfutils 0.173 checks the end of the attributes list incorrectly in dwarf_getabbrev in dwarf_getabbrev.c and dwarf_hasattr in dwarf_hasattr.c, leading to a heap-based buffer over-read and an application crash. | MEDIUM | Sep 3, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-16335 | newoffsets handling in ChopUpSingleUncompressedStrip in tif_dirread.c in LibTIFF 4.0.9 allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted TIFF file, as demonstrated by tiff2pdf. This is a different vulnerability than CVE-2018-15209. | MEDIUM | Sep 1, 2018 | 10.17.41.13 (Wind River Linux LTS 17) |
| CVE-2018-16276 | An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate privileges. | HIGH | Aug 31, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-5740 | deny-answer-aliases is a little-used feature intended to help recursive server operators protect end users against DNS rebinding attacks, a potential method of circumventing the security model used by client browsers. However, a defect in this feature makes it easy, when the feature is in use, to experience an assertion failure in name.c. Affects BIND 9.7.0->9.8.8, 9.9.0->9.9.13, 9.10.0->9.10.8, 9.11.0->9.11.4, 9.12.0->9.12.2, 9.13.0->9.13.2. | MEDIUM | Aug 30, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-9363 | In the hidp_process_report in bluetooth, there is an integer overflow. This could lead to an out of bounds write with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android Versions: Android kernel Android ID: A-65853588 References: Upstream kernel. | HIGH | Aug 30, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-15746 | qemu-seccomp.c in QEMU might allow local OS guest users to cause a denial of service (guest crash) by leveraging mishandling of the seccomp policy for threads other than the main thread. | LOW | Aug 29, 2018 | 10.17.41.13 (Wind River Linux LTS 17) |
| CVE-2017-15412 | Use after free in libxml2 before 2.9.5, as used in Google Chrome prior to 63.0.3239.84 and other products, allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. | MEDIUM | Aug 28, 2018 | 10.17.41.11 (Wind River Linux LTS 17) |
| CVE-2018-10938 | A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw. | HIGH | Aug 28, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-15911 | In Artifex Ghostscript 9.23 before 2018-08-24, attackers able to supply crafted PostScript could use uninitialized memory access in the aesdecode operator to crash the interpreter or potentially execute code. | MEDIUM | Aug 28, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-16062 | dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote attackers to cause a denial of service (heap-based buffer over-read) via a crafted file. | MEDIUM | Aug 28, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-15908 | In Artifex Ghostscript 9.23 before 2018-08-23, attackers are able to supply malicious PostScript files to bypass .tempfile restrictions and write files. | MEDIUM | Aug 27, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-15909 | In Artifex Ghostscript 9.23 before 2018-08-24, a type confusion using the .shfill operator could be used by attackers able to supply crafted PostScript files to crash the interpreter or potentially execute code. | MEDIUM | Aug 27, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-15910 | In Artifex Ghostscript before 9.24, attackers able to supply crafted PostScript files could use a type confusion in the LockDistillerParams parameter to crash the interpreter or execute code. | MEDIUM | Aug 27, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
