Vulnerabilities > Canonical > Ubuntu Linux > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-06-28 CVE-2018-12928 NULL Pointer Dereference vulnerability in multiple products
In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko.
local
low complexity
linux canonical CWE-476
4.9
2018-06-27 CVE-2018-12904 Unspecified vulnerability in Linux Kernel
In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL.
4.4
2018-06-26 CVE-2018-12900 Out-of-bounds Write vulnerability in multiple products
Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 and 4.0.9 allows remote attackers to cause a denial of service (crash) or possibly have unspecified other impact via a crafted TIFF file.
6.8
2018-06-26 CVE-2018-1000204 Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp.
network
high complexity
linux debian canonical
5.3
2018-06-23 CVE-2018-12698 demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call.
network
low complexity
gnu canonical
5.0
2018-06-23 CVE-2018-12697 NULL Pointer Dereference vulnerability in multiple products
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30.
network
low complexity
gnu canonical CWE-476
5.0
2018-06-21 CVE-2018-3665 Information Exposure vulnerability in multiple products
System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.
4.7
2018-06-21 CVE-2018-12617 Integer Overflow or Wraparound vulnerability in multiple products
qmp_guest_file_read in qga/commands-posix.c and qga/commands-win32.c in qemu-ga (aka QEMU Guest Agent) in QEMU 2.12.50 has an integer overflow causing a g_malloc0() call to trigger a segmentation fault when trying to allocate a large memory chunk.
network
low complexity
qemu canonical debian CWE-190
5.0
2018-06-20 CVE-2018-12600 Out-of-bounds Write vulnerability in multiple products
In ImageMagick 7.0.8-3 Q16, ReadDIBImage and WriteDIBImage in coders/dib.c allow attackers to cause an out of bounds write via a crafted file.
6.8
2018-06-20 CVE-2018-12599 Out-of-bounds Write vulnerability in multiple products
In ImageMagick 7.0.8-3 Q16, ReadBMPImage and WriteBMPImage in coders/bmp.c allow attackers to cause an out of bounds write via a crafted file.
6.8