Canonical Ubuntu Linux vulnerabilities

CVE-2018-2817 [MEDIUM] CVE-2018-2817: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported v Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerabilit

CVE-2018-2798 [MEDIUM] CVE-2018-2798: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: A Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161; JRockit: R28.3.17. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Jav

CVE-2018-2787 [MEDIUM] CVE-2018-2787: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versio Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauth

CVE-2018-2790 [LOW] CVE-2018-2790: Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u171, 8u162 and 10; Java SE Embedded: 8u161. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successfu

CVE-2018-10194 [HIGH] CWE-119 CVE-2018-10194: The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Gho The set_text_distance function in devices/vector/gdevpdts.c in the pdfwrite component in Artifex Ghostscript through 9.22 does not prevent overflows in text-positioning calculation, which allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted PDF document.

CVE-2018-6797 [CRITICAL] CWE-787 CVE-2018-6797: An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-bas An issue was discovered in Perl 5.18 through 5.26. A crafted regular expression can cause a heap-based buffer overflow, with control over the bytes written.

CVE-2018-6913 [CRITICAL] CWE-787 CVE-2018-6913: Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attac Heap-based buffer overflow in the pack function in Perl before 5.26.2 allows context-dependent attackers to execute arbitrary code via a large item count.

CVE-2018-6798 [HIGH] CWE-125 CVE-2018-6798: An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expre An issue was discovered in Perl 5.22 through 5.26. Matching a crafted locale dependent regular expression can cause a heap-based buffer over-read and potentially information disclosure.

CVE-2018-10119 [HIGH] CWE-416 CVE-2018-10119: sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrec sot/source/sdstor/stgstrms.cxx in LibreOffice before 5.4.5.1 and 6.x before 6.0.1.1 uses an incorrect integer data type in the StgSmallStrm class, which allows remote attackers to cause a denial of service (use-after-free with write access) or possibly have unspecified other impact via a crafted document that uses the structured storage ole2 wrapper f

CVE-2018-10120 [HIGH] CWE-129 CVE-2018-10120: The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 The SwCTBWrapper::Read function in sw/source/filter/ww8/ww8toolbar.cxx in LibreOffice before 5.4.6.1 and 6.x before 6.0.2.1 does not validate a customizations index, which allows remote attackers to cause a denial of service (heap-based buffer overflow with write access) or possibly have unspecified other impact via a crafted document that contains a

CVE-2018-10124 [MEDIUM] CWE-119 CVE-2018-10124: The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspeci The kill_something_info function in kernel/signal.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service via an INT_MIN argument.

CVE-2018-10177 [MEDIUM] CWE-835 CVE-2018-10177: In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png In ImageMagick 7.0.7-28, there is an infinite loop in the ReadOneMNGImage function of the coders/png.c file. Remote attackers could leverage this vulnerability to cause a denial of service via a crafted mng file.

CVE-2018-0737 [MEDIUM] CWE-327 CVE-2018-0737: The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side chan The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).

CVE-2018-10087 [MEDIUM] CWE-20 CVE-2018-10087: The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified arch The kernel_wait4 function in kernel/exit.c in the Linux kernel before 4.13, when an unspecified architecture and compiler is used, might allow local users to cause a denial of service by triggering an attempted use of the -INT_MIN value.

CVE-2018-1084 [HIGH] CWE-190 CVE-2018-1084: corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c. corosync before version 2.4.4 is vulnerable to an integer overflow in exec/totemcrypto.c.

CVE-2018-1100 [HIGH] CWE-120 CVE-2018-1100: zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpat zsh through version 5.4.2 is vulnerable to a stack-based buffer overflow in the utils.c:checkmailpath function. A local attacker could exploit this to execute arbitrary code in the context of another user.

CVE-2018-9918 [HIGH] CWE-674 CVE-2018-9918: libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name objec libqpdf.a in QPDF through 8.0.2 mishandles certain "expected dictionary key but found non-name object" cases, allowing remote attackers to cause a denial of service (stack exhaustion), related to the QPDFObjectHandle and QPDF_Dictionary classes, because nesting in direct objects is not restricted.

CVE-2018-1000156 [HIGH] CWE-20 CVE-2018-1000156: GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, spec GNU Patch version 2.7.6 contains an input validation vulnerability when processing patch files, specifically the EDITOR_PROGRAM invocation (using ed) can result in code execution. This attack appear to be exploitable via a patch file processed via the patch utility. This is similar to FreeBSD's CVE-2015-1418 however although they share a common anc

CVE-2018-9234 [HIGH] CWE-320 CVE-2018-9234: GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offlin GnuPG 2.2.4 and 2.2.5 does not enforce a configuration in which key certification requires an offline master Certify key, which results in apparently valid certifications that occurred only with access to a signing subkey.

CVE-2017-13305 [HIGH] CWE-125 CVE-2017-13305: A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Vers A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974.