The Common Vulnerabilities and Exposures (CVE) project, maintained by the MITRE Corporation, is a list of all standardized names for vulnerabilities and security exposures.
| ID | Description | Priority | Modified date | Fixed Release |
|---|---|---|---|---|
| CVE-2018-12130 | Microarchitectural Fill Buffer Data Sampling (MFBDS): Fill buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf | Medium | Jun 11, 2019 | 10.17.41.17 (Wind River Linux LTS 17) |
| CVE-2018-12127 | Microarchitectural Load Port Data Sampling (MLPDS): Load ports on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf | Medium | Jun 11, 2019 | 10.17.41.17 (Wind River Linux LTS 17) |
| CVE-2018-12126 | Microarchitectural Store Buffer Data Sampling (MSBDS): Store buffers on some microprocessors utilizing speculative execution may allow an authenticated user to potentially enable information disclosure via a side channel with local access. A list of impacted products can be found here: https://www.intel.com/content/dam/www/public/us/en/documents/corporate-information/SA00233-microcode-update-guidance_05132019.pdf | Medium | Jun 11, 2019 | 10.17.41.17 (Wind River Linux LTS 17) |
| CVE-2018-12020 | mainproc.c in GnuPG before 2.2.8 mishandles the original filename during decryption and verification actions, which allows remote attackers to spoof the output that GnuPG sends on file descriptor 2 to other programs that use the --status-fd 2 option. For example, the OpenPGP data might represent an original filename that contains line feed characters in conjunction with GOODSIG or VALIDSIG status codes. | MEDIUM | Jun 12, 2018 | 10.17.41.11 (Wind River Linux LTS 17) |
| CVE-2018-12015 | In Perl through 5.26.2, the Archive::Tar module allows remote attackers to bypass a directory-traversal protection mechanism, and overwrite arbitrary files, via an archive file containing a symlink and a regular file with the same name. | MEDIUM | Jun 12, 2018 | 10.17.41.9 (Wind River Linux LTS 17) |
| CVE-2018-11813 | libjpeg 9c has a large loop because read_pixel in rdtarga.c mishandles EOF. | MEDIUM | Jun 5, 2018 | 10.17.41.15 (Wind River Linux LTS 17) |
| CVE-2018-11806 | m_cat in slirp/mbuf.c in Qemu has a heap-based buffer overflow via incoming fragmented datagrams. | HIGH | Jun 13, 2018 | 10.17.41.9 (Wind River Linux LTS 17) |
| CVE-2018-11782 | In Apache Subversion versions up to and including 1.9.10, 1.10.4, 1.12.0, Subversion\'s svnserve server process may exit when a well-formed read-only request produces a particular answer. This can lead to disruption for users of the server. | Medium | Sep 27, 2019 | 10.17.41.19 (Wind River Linux LTS 17) |
| CVE-2018-11763 | In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 protocol. | MEDIUM | Oct 4, 2018 | 10.17.41.13 (Wind River Linux LTS 17) |
| CVE-2018-11506 | The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel through 4.16.12 allows local users to cause a denial of service (stack-based buffer overflow) or possibly have unspecified other impact because sense buffers have different sizes at the CDROM layer and the SCSI layer, as demonstrated by a CDROMREADMODE2 ioctl call. | HIGH | May 28, 2018 | 10.17.41.9 (Wind River Linux LTS 17) |
| CVE-2018-11439 | The TagLib::Ogg::FLAC::File::scan function in oggflacfile.cpp in TagLib 1.11.1 allows remote attackers to cause information disclosure (heap-based buffer over-read) via a crafted audio file. | MEDIUM | May 30, 2018 | 10.17.41.13 (Wind River Linux LTS 17) |
| CVE-2018-11396 | ephy-session.c in libephymain.so in GNOME Web (aka Epiphany) through 3.28.2.1 allows remote attackers to cause a denial of service (application crash) via JavaScript code that triggers access to a NULL URL, as demonstrated by a crafted window.open call. | MEDIUM | May 23, 2018 | 10.17.41.9 (Wind River Linux LTS 17) |
| CVE-2018-11237 | An AVX-512-optimized implementation of the mempcpy function in the GNU C Library (aka glibc or libc6) 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in __mempcpy_avx512_no_vzeroupper. | MEDIUM | May 26, 2018 | 10.17.41.9 (Wind River Linux LTS 17) |
| CVE-2018-11236 | stdlib/canonicalize.c in the GNU C Library (aka glibc or libc6) 2.27 and earlier, when processing very long pathname arguments to the realpath function, could encounter an integer overflow on 32-bit architectures, leading to a stack-based buffer overflow and, potentially, arbitrary code execution. | MEDIUM | May 25, 2018 | 10.17.41.9 (Wind River Linux LTS 17) |
| CVE-2018-11235 | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, remote code execution can occur. With a crafted .gitmodules file, a malicious project can execute an arbitrary script on a machine that runs git clone --recurse-submodules because submodule names are obtained from this file, and then appended to $GIT_DIR/modules, leading to directory traversal with ../ in a name. Finally, post-checkout hooks from a submodule are executed, bypassing the intended design in which hooks are not obtained from a remote server. | MEDIUM | May 30, 2018 | 10.17.41.10 (Wind River Linux LTS 17) |
| CVE-2018-11233 | In Git before 2.13.7, 2.14.x before 2.14.4, 2.15.x before 2.15.2, 2.16.x before 2.16.4, and 2.17.x before 2.17.1, code to sanity-check pathnames on NTFS can result in reading out-of-bounds memory. | MEDIUM | May 30, 2018 | 10.17.41.10 (Wind River Linux LTS 17) |
| CVE-2018-10963 | The TIFFWriteDirectorySec() function in tif_dirwrite.c in LibTIFF through 4.0.9 allows remote attackers to cause a denial of service (assertion failure and application crash) via a crafted file, a different vulnerability than CVE-2017-13726. | MEDIUM | May 9, 2018 | 10.17.41.8 (Wind River Linux LTS 17) |
| CVE-2018-10940 | The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory. | MEDIUM | May 9, 2018 | 10.17.41.8 (Wind River Linux LTS 17) |
| CVE-2018-10938 | A flaw was found in the Linux kernel present since v4.0-rc1 and through v4.13-rc4. A crafted network packet sent remotely by an attacker may force the kernel to enter an infinite loop in the cipso_v4_optptr() function in net/ipv4/cipso_ipv4.c leading to a denial-of-service. A certain non-default configuration of LSM (Linux Security Module) and NetLabel should be set up on a system before an attacker could leverage this flaw. | HIGH | Aug 28, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10930 | A flaw was found in RPC request using gfs3_rename_req in glusterfs server. An authenticated attacker could use this flaw to write to a destination outside the gluster volume. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10929 | A flaw was found in RPC request using gfs2_create_req in glusterfs server. An authenticated attacker could use this flaw to create arbitrary files and execute arbitrary code on glusterfs server nodes. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10928 | A flaw was found in RPC request using gfs3_symlink_req in glusterfs server which allows symlink destinations to point to file paths outside of the gluster volume. An authenticated attacker could use this flaw to create arbitrary symlinks pointing anywhere on the server and execute arbitrary code on glusterfs server nodes. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10927 | A flaw was found in RPC request using gfs3_lookup_req in glusterfs server. An authenticated attacker could use this flaw to leak information and execute remote denial of service by crashing gluster brick process. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10926 | A flaw was found in RPC request using gfs3_mknod_req supported by glusterfs server. An authenticated attacker could use this flaw to write files to an arbitrary location via path traversal and execute arbitrary code on a glusterfs server node. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10923 | It was found that the mknod call derived from mknod(2) can create files pointing to devices on a glusterfs server node. An authenticated attacker could use this to create an arbitrary device and read data from any device attached to the glusterfs server node. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10919 | The Samba Active Directory LDAP server was vulnerable to an information disclosure flaw because of missing access control checks. An authenticated attacker could use this flaw to extract confidential attribute values using LDAP search expressions. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable. | MEDIUM | Aug 23, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10915 | A vulnerability was found in libpq, the default PostgreSQL client library where libpq failed to properly reset its internal state between connections. If an affected version of libpq was used with host or hostaddr connection parameters from untrusted input, attackers could bypass client-side connection security features, obtain access to higher privileged connections or potentially cause other impact through SQL injection, by causing the PQescape() functions to malfunction. Postgresql versions before 10.5, 9.6.10, 9.5.14, 9.4.19, and 9.3.24 are affected. | MEDIUM | Aug 9, 2018 | 10.17.41.11 (Wind River Linux LTS 17) |
| CVE-2018-10914 | It was found that an attacker could issue a xattr request via glusterfs FUSE to cause gluster brick process to crash which will result in a remote denial of service. If gluster multiplexing is enabled this will result in a crash of multiple bricks and gluster volumes. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10913 | An information disclosure vulnerability was discovered in glusterfs server. An attacker could issue a xattr request via glusterfs FUSE to determine the existence of any file. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10911 | A flaw was found in the way dic_unserialize function of glusterfs does not handle negative key length values. An attacker could use this flaw to read memory from other locations into the stored dict value. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10907 | It was found that glusterfs server is vulnerable to multiple stack based buffer overflows due to functions in server-rpc-fopc.c allocating fixed size buffers using \'alloca(3)\'. An authenticated attacker could exploit this by mounting a gluster volume and sending a string longer that the fixed buffer size to cause crash or potential code execution. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10906 | In fuse before versions 2.9.8 and 3.x before 3.2.5, fusermount is vulnerable to a restriction bypass when SELinux is active. This allows non-root users to mount a FUSE file system with the \'allow_other\' mount option regardless of whether \'user_allow_other\' is set in the fuse configuration. An attacker may use this flaw to mount a FUSE file system, accessible by other users, and trick them into accessing files on that file system, possibly causing Denial of Service or other unspecified effects. | MEDIUM | Jul 24, 2018 | 10.17.41.10 (Wind River Linux LTS 17) |
| CVE-2018-10904 | It was found that glusterfs server does not properly sanitize file paths in the trusted.io-stats-dump extended attribute which is used by the debug/io-stats translator. Attacker can use this flaw to create files and execute arbitrary code. To exploit this attacker would require sufficient access to modify the extended attributes of files on a gluster volume. | MEDIUM | Sep 5, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10903 | A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. The finalize_with_tag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalize_with_tag an attacker could craft an invalid payload with a shortened tag (e.g. 1 byte) such that they would have a 1 in 256 chance of passing the MAC check. GCM tag forgeries can cause key leakage. | MEDIUM | Jul 30, 2018 | 10.17.41.10 (Wind River Linux LTS 17) |
| CVE-2018-10902 | It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation. | MEDIUM | Aug 22, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10883 | A flaw was found in the Linux kernel\'s ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. | MEDIUM | Jul 30, 2018 | 10.17.41.11 (Wind River Linux LTS 17) |
| CVE-2018-10882 | A flaw was found in the Linux kernel\'s ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image. | MEDIUM | Jul 28, 2018 | 10.17.41.11 (Wind River Linux LTS 17) |
| CVE-2018-10881 | A flaw was found in the Linux kernel\'s ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image. | MEDIUM | Jul 26, 2018 | 10.17.41.11 (Wind River Linux LTS 17) |
| CVE-2018-10880 | Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service. | HIGH | Jul 26, 2018 | 10.17.41.11 (Wind River Linux LTS 17) |
| CVE-2018-10879 | A flaw was found in the Linux kernel\'s ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image. | MEDIUM | Jul 26, 2018 | 10.17.41.11 (Wind River Linux LTS 17) |
| CVE-2018-10878 | A flaw was found in the Linux kernel\'s ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image. | MEDIUM | Jul 26, 2018 | 10.17.41.11 (Wind River Linux LTS 17) |
| CVE-2018-10877 | Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image. | MEDIUM | Jul 19, 2018 | 10.17.41.11 (Wind River Linux LTS 17) |
| CVE-2018-10876 | A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image. | MEDIUM | Jul 26, 2018 | 10.17.41.11 (Wind River Linux LTS 17) |
| CVE-2018-10873 | A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially, other impacts. | MEDIUM | Aug 23, 2018 | 10.17.41.13 (Wind River Linux LTS 17) |
| CVE-2018-10858 | A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable. | MEDIUM | Aug 23, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10853 | A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest. | MEDIUM | Jun 21, 2018 | 10.17.41.10 (Wind River Linux LTS 17) |
| CVE-2018-10845 | It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets. | MEDIUM | Aug 24, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10844 | It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets. | MEDIUM | Aug 24, 2018 | 10.17.41.12 (Wind River Linux LTS 17) |
| CVE-2018-10841 | glusterfs is vulnerable to privilege escalation on gluster server nodes. An authenticated gluster client via TLS could use gluster cli with --remote-host command to add it self to trusted storage pool and perform privileged gluster operations like adding other machines to trusted storage pool, start, stop, and delete volumes. | MEDIUM | Jun 20, 2018 | 10.17.41.13 (Wind River Linux LTS 17) |
| CVE-2018-10839 | Qemu emulator <= 3.0.0 built with the NE2000 NIC emulation support is vulnerable to an integer overflow, which could lead to buffer overflow issue. It could occur when receiving packets over the network. A user inside guest could use this flaw to crash the Qemu process resulting in DoS. | MEDIUM | Oct 16, 2018 | 10.17.41.13 (Wind River Linux LTS 17) |
