Filtered by vendor Canonical Subscriptions
Total 4218 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2018-10910 3 Bluez, Canonical, Redhat 3 Bluez, Ubuntu Linux, Enterprise Linux 2024-11-21 N/A
A bug in Bluez may allow for the Bluetooth Discoverable state being set to on when no Bluetooth agent is registered with the system. This situation could lead to the unauthorized pairing of certain Bluetooth devices without any form of authentication. Versions before bluez 5.51 are vulnerable.
CVE-2018-10903 3 Canonical, Cryptography, Redhat 3 Ubuntu Linux, Python-cryptography, Openstack 2024-11-21 N/A
A flaw was found in python-cryptography versions between >=1.9.0 and <2.3. The finalize_with_tag API did not enforce a minimum tag length. If a user did not validate the input length prior to passing it to finalize_with_tag an attacker could craft an invalid payload with a shortened tag (e.g. 1 byte) such that they would have a 1 in 256 chance of passing the MAC check. GCM tag forgeries can cause key leakage.
CVE-2018-10902 4 Canonical, Debian, Linux and 1 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2024-11-21 N/A
It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious local attacker could possibly use this for privilege escalation.
CVE-2018-10896 2 Canonical, Redhat 3 Cloud-init, Enterprise Linux, Rhel Eus 2024-11-21 7.1 High
The default cloud-init configuration, in cloud-init 0.6.2 and newer, included "ssh_deletekeys: 0", disabling cloud-init's deletion of ssh host keys. In some environments, this could lead to instances created by cloning a golden master or template system, sharing ssh host keys, and being able to impersonate one another or conduct man-in-the-middle attacks.
CVE-2018-10883 4 Canonical, Debian, Linux and 1 more 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more 2024-11-21 N/A
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.
CVE-2018-10882 4 Canonical, Debian, Linux and 1 more 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more 2024-11-21 N/A
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.
CVE-2018-10881 4 Canonical, Debian, Linux and 1 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2024-11-21 N/A
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound access in ext4_get_group_info function, a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.
CVE-2018-10880 4 Canonical, Debian, Linux and 1 more 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more 2024-11-21 N/A
Linux kernel is vulnerable to a stack-out-of-bounds write in the ext4 filesystem code when mounting and writing to a crafted ext4 image in ext4_update_inline_data(). An attacker could use this to cause a system crash and a denial of service.
CVE-2018-10879 4 Canonical, Debian, Linux and 1 more 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more 2024-11-21 N/A
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause a use-after-free in ext4_xattr_set_entry function and a denial of service or unspecified other impact may occur by renaming a file in a crafted ext4 filesystem image.
CVE-2018-10878 4 Canonical, Debian, Linux and 1 more 8 Ubuntu Linux, Debian Linux, Linux Kernel and 5 more 2024-11-21 7.8 High
A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write and a denial of service or unspecified other impact is possible by mounting and operating a crafted ext4 filesystem image.
CVE-2018-10877 4 Canonical, Debian, Linux and 1 more 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more 2024-11-21 N/A
Linux kernel ext4 filesystem is vulnerable to an out-of-bound access in the ext4_ext_drop_refs() function when operating on a crafted ext4 filesystem image.
CVE-2018-10876 4 Canonical, Debian, Linux and 1 more 4 Ubuntu Linux, Debian Linux, Linux Kernel and 1 more 2024-11-21 N/A
A flaw was found in Linux kernel in the ext4 filesystem code. A use-after-free is possible in ext4_ext_remove_space() function when mounting and operating a crafted ext4 image.
CVE-2018-10875 4 Canonical, Debian, Redhat and 1 more 12 Ubuntu Linux, Debian Linux, Ansible Engine and 9 more 2024-11-21 7.8 High
A flaw was found in ansible. ansible.cfg is read from the current working directory which can be altered to make it point to a plugin or a module path under the control of an attacker, thus allowing the attacker to execute arbitrary code.
CVE-2018-10873 4 Canonical, Debian, Redhat and 1 more 12 Ubuntu Linux, Debian Linux, Enterprise Linux and 9 more 2024-11-21 N/A
A vulnerability was discovered in SPICE before version 0.14.1 where the generated code used for demarshalling messages lacked sufficient bounds checks. A malicious client or server, after authentication, could send specially crafted messages to its peer which would result in a crash or, potentially, other impacts.
CVE-2018-10860 3 Canonical, Debian, Perl-archive-zip Project 3 Ubuntu Linux, Debian Linux, Perl-archive-zip 2024-11-21 N/A
perl-archive-zip is vulnerable to a directory traversal in Archive::Zip. It was found that the Archive::Zip module did not properly sanitize paths while extracting zip files. An attacker able to provide a specially crafted archive for processing could use this flaw to write or overwrite arbitrary files in the context of the perl interpreter.
CVE-2018-10858 4 Canonical, Debian, Redhat and 1 more 10 Ubuntu Linux, Debian Linux, Enterprise Linux and 7 more 2024-11-21 N/A
A heap-buffer overflow was found in the way samba clients processed extra long filename in a directory listing. A malicious samba server could use this flaw to cause arbitrary code execution on a samba client. Samba versions before 4.6.16, 4.7.9 and 4.8.4 are vulnerable.
CVE-2018-10855 3 Canonical, Debian, Redhat 8 Ubuntu Linux, Debian Linux, Ansible Engine and 5 more 2024-11-21 5.9 Medium
Ansible 2.5 prior to 2.5.5, and 2.4 prior to 2.4.5, do not honor the no_log task flag for failed tasks. When the no_log flag has been used to protect sensitive data passed to a task from being logged, and that task does not run successfully, Ansible will expose sensitive data in log files and on the terminal of the user running Ansible.
CVE-2018-10853 4 Canonical, Debian, Linux and 1 more 9 Ubuntu Linux, Debian Linux, Linux Kernel and 6 more 2024-11-21 N/A
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged guest user/process could use this flaw to potentially escalate privileges inside guest.
CVE-2018-10846 5 Canonical, Debian, Fedoraproject and 2 more 8 Ubuntu Linux, Debian Linux, Fedora and 5 more 2024-11-21 5.6 Medium
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets.
CVE-2018-10845 5 Canonical, Debian, Fedoraproject and 2 more 8 Ubuntu Linux, Debian Linux, Fedora and 5 more 2024-11-21 5.9 Medium
It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets.