Met het volgende commando kan ik in ieder geval nagaan wat die laatste 17 livepatches geweest zijn:
canonical-livepatch status --verboseIk krijg dan de volgende melding:
client-version: 8.1.0
machine-id: xxxxxxxx
machine-token: xxxxxxxx
architecture: x86_64
cpu-model: Intel(R) Core(TM) i7-3770 CPU @ 3.40GHz
last-check: 2018-12-21T11:15:41.768792349+01:00
boot-time: 2018-12-21T11:15:36+01:00
uptime: 47m52s
status:
- kernel: 4.15.0-42.45-generic
running: true
livepatch:
checkState: checked
patchState: applied
version: "46.3"
fixes: |-
* CVE-2017-13168
An elevation of privilege vulnerability in the kernel scsi driver.
Product: Android. Versions: Android kernel. Android ID A-65023233.
* CVE-2018-10902
It was found that the raw midi kernel driver does not protect against
concurrent access which leads to a double realloc (double free) in
snd_rawmidi_input_params() and snd_rawmidi_output_status() which are
part of snd_rawmidi_ioctl() handler in rawmidi.c file. A malicious
local attacker could possibly use this for privilege escalation.
* CVE-2018-11412
In the Linux kernel 4.13 through 4.16.11, ext4_read_inline_data() in
fs/ext4/inline.c performs a memcpy with an untrusted length value in
certain circumstances involving a crafted filesystem that stores the
system.data extended attribute value in a dedicated inode.
* CVE-2018-11506
The sr_do_ioctl function in drivers/scsi/sr_ioctl.c in the Linux kernel
through 4.16.12 allows local users to cause a denial of service
(stack-based buffer overflow) or possibly have unspecified other impact
because sense buffers have different sizes at the CDROM layer and the
SCSI layer, as demonstrated by a CDROMREADMODE2 ioctl call.
* CVE-2018-13406
An integer overflow in the uvesafb_setcmap function in
drivers/video/fbdev/uvesafb.c in the Linux kernel before 4.17.4 could
result in local attackers being able to crash the kernel or potentially
elevate privileges because kmalloc_array is not used.
* CVE-2018-14633
A security flaw was found in the chap_server_compute_md5() function in
the ISCSI target code in the Linux kernel in a way an authentication
request from an ISCSI initiator is processed. An unauthenticated remote
attacker can cause a stack buffer overflow and smash up to 17 bytes of
the stack. The attack requires the iSCSI target to be enabled on the
victim host. Depending on how the target's code was built (i.e.
depending on a compiler, compile flags and hardware architecture) an
attack may lead to a system crash and thus to a denial-of-service or
possibly to a non-authorized access to data exported by an iSCSI
target. Due to the nature of the flaw, privilege escalation cannot be
fully ruled out, although we believe it is highly unlikely. Kernel
versions 4.18.x, 4.14.x and 3.10.x are believed to be vulnerable.
* CVE-2018-14734
drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11
allows ucma_leave_multicast to access a certain data structure after a
cleanup step in ucma_process_join, which allows attackers to cause a
denial of service (use-after-free).
* CVE-2018-15572
The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c
in the Linux kernel before 4.18.1 does not always fill RSB upon a
context switch, which makes it easier for attackers to conduct
userspace-userspace spectreRSB attacks.
* CVE-2018-15594
arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles
certain indirect calls, which makes it easier for attackers to conduct
Spectre-v2 attacks against paravirtual guests.
* CVE-2018-16276
An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in
the Linux kernel before 4.17.7. Local attackers could use user access
read/writes with incorrect bounds checking in the yurex USB driver to
crash the kernel or potentially escalate privileges.
* CVE-2018-16658
An issue was discovered in the Linux kernel before 4.18.6. An
information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c
could be used by local attackers to read kernel memory because a cast
from unsigned long to int interferes with bounds checking. This is
similar to CVE-2018-10940.
* CVE-2018-17182
An issue was discovered in the Linux kernel through 4.18.8. The
vmacache_flush_all function in mm/vmacache.c mishandles sequence number
overflows. An attacker can trigger a use-after-free (and possibly gain
privileges) via certain thread creation, map, unmap, invalidation, and
dereference operations.
* CVE-2018-18445
In the Linux kernel 4.14.x, 4.15.x, 4.16.x, 4.17.x, and 4.18.x before
4.18.13, faulty computation of numeric bounds in the BPF verifier
permits out-of-bounds memory accesses because
adjust_scalar_min_max_vals in kernel/bpf/verifier.c mishandles 32-bit
right shifts.
* CVE-2018-18690
In the Linux kernel before 4.17, a local attacker able to set
attributes on an xfs filesystem could make this filesystem
non-operational until the next mount by triggering an unchecked error
condition during an xfs attribute change, because
xfs_attr_shortform_addname in fs/xfs/libxfs/xfs_attr.c mishandles
ATTR_REPLACE operations with conversion of an attr from short to long
form.
* CVE-2018-18710
An issue was discovered in the Linux kernel through 4.19. An
information leak in cdrom_ioctl_select_disc in drivers/cdrom/cdrom.c
could be used by local attackers to read kernel memory because a cast
from unsigned long to int interferes with bounds checking. This is
similar to CVE-2018-10940 and CVE-2018-16658.
* CVE-2018-6555
The irda_setsockopt function in net/irda/af_irda.c and later in
drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17
allows local users to cause a denial of service (ias_object
use-after-free and system crash) or possibly have unspecified other
impact via an AF_IRDA socket.
* CVE-2018-9363
In the hidp_process_report in bluetooth, there is an integer overflow.
This could lead to an out of bounds write with no additional execution
privileges needed. User interaction is not needed for exploitation.
Product: Android Versions: Android kernel Android ID: A-65853588
References: Upstream kernel.
