9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.019 Low
EPSS
Percentile
88.3%
It was discovered that a race condition existed in the GFS2 file system in
the Linux kernel. A local attacker could possibly use this to cause a
denial of service (system crash). (CVE-2016-10905)
It was discovered that the IPv6 implementation in the Linux kernel did not
properly validate socket options in some situations. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2017-18509)
It was discovered that the USB gadget Midi driver in the Linux kernel
contained a double-free vulnerability when handling certain error
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2018-20961)
It was discovered that the XFS file system in the Linux kernel did not
properly handle mount failures in some situations. A local attacker could
possibly use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2018-20976)
It was discovered that the Intel Wi-Fi device driver in the Linux kernel
did not properly validate certain Tunneled Direct Link Setup (TDLS). A
physically proximate attacker could use this to cause a denial of service
(Wi-Fi disconnect). (CVE-2019-0136)
It was discovered that the Bluetooth UART implementation in the Linux
kernel did not properly check for missing tty operations. A local attacker
could use this to cause a denial of service. (CVE-2019-10207)
It was discovered that an integer overflow existed in the Linux kernel when
reference counting pages, leading to potential use-after-free issues. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2019-11487)
It was discovered that the GTCO tablet input driver in the Linux kernel did
not properly bounds check the initial HID report sent by the device. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2019-13631)
It was discovered that the Raremono AM/FM/SW radio device driver in the
Linux kernel did not properly allocate memory, leading to a use-after-free.
A physically proximate attacker could use this to cause a denial of service
or possibly execute arbitrary code. (CVE-2019-15211)
It was discovered that a race condition existed in the CPiA2 video4linux
device driver for the Linux kernel, leading to a use-after-free. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2019-15215)
It was discovered that the Atheros mobile chipset driver in the Linux
kernel did not properly validate data in some situations. An attacker could
use this to cause a denial of service (system crash). (CVE-2019-15926)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 16.04 | noarch | linux-image-4.4.0-1059-kvm | <Ā 4.4.0-1059.66 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-buildinfo-4.4.0-1059-kvm | <Ā 4.4.0-1059.66 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-cloud-tools-4.4.0-1059-kvm | <Ā 4.4.0-1059.66 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-headers-4.4.0-1059-kvm | <Ā 4.4.0-1059.66 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-image-4.4.0-1059-kvm-dbgsym | <Ā 4.4.0-1059.66 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-kvm-cloud-tools-4.4.0-1059 | <Ā 4.4.0-1059.66 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-kvm-headers-4.4.0-1059 | <Ā 4.4.0-1059.66 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-kvm-tools-4.4.0-1059 | <Ā 4.4.0-1059.66 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-modules-4.4.0-1059-kvm | <Ā 4.4.0-1059.66 | UNKNOWN |
Ubuntu | 16.04 | noarch | linux-tools-4.4.0-1059-kvm | <Ā 4.4.0-1059.66 | UNKNOWN |
ubuntu.com/security/CVE-2016-10905
ubuntu.com/security/CVE-2017-18509
ubuntu.com/security/CVE-2018-20961
ubuntu.com/security/CVE-2018-20976
ubuntu.com/security/CVE-2019-0136
ubuntu.com/security/CVE-2019-10207
ubuntu.com/security/CVE-2019-11487
ubuntu.com/security/CVE-2019-13631
ubuntu.com/security/CVE-2019-15211
ubuntu.com/security/CVE-2019-15215
ubuntu.com/security/CVE-2019-15926
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
8.4 High
AI Score
Confidence
High
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.019 Low
EPSS
Percentile
88.3%