Search

Find a vulnerability

Search criteria

    2 vulnerabilities found for Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10 by Canonical Ltd.

    CVE-2018-6559 (GCVE-0-2018-6559)

    Vulnerability from nvd – Published: 2018-10-26 17:00 – Updated: 2024-09-16 19:19
    VLAI
    Summary
    The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/105752 vdb-entryx_refsource_BID
    https://usn.ubuntu.com/3836-2/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/3835-1/ vendor-advisoryx_refsource_UBUNTU
    https://people.canonical.com/~ubuntu-security/cve… x_refsource_CONFIRM
    https://lists.ubuntu.com/archives/kernel-team/201… x_refsource_CONFIRM
    https://usn.ubuntu.com/3833-1/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/3832-1/ vendor-advisoryx_refsource_UBUNTU
    https://launchpad.net/bugs/1793458 x_refsource_CONFIRM
    https://usn.ubuntu.com/3836-1/ vendor-advisoryx_refsource_UBUNTU
    Impacted products
    Date Public
    2018-10-18 00:00
    Credits
    Philipp Wendler
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:10:10.381Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "105752",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105752"
              },
              {
                "name": "USN-3836-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/3836-2/"
              },
              {
                "name": "USN-3835-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/3835-1/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6559.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://lists.ubuntu.com/archives/kernel-team/2018-October/096172.html"
              },
              {
                "name": "USN-3833-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/3833-1/"
              },
              {
                "name": "USN-3832-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/3832-1/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://launchpad.net/bugs/1793458"
              },
              {
                "name": "USN-3836-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/3836-1/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10",
              "vendor": "Canonical Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.15.0-38.41"
                },
                {
                  "status": "affected",
                  "version": "4.18.0-10.11"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Philipp Wendler"
            }
          ],
          "datePublic": "2018-10-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200: Information Exposure",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-04T10:57:01.000Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "name": "105752",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105752"
            },
            {
              "name": "USN-3836-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/3836-2/"
            },
            {
              "name": "USN-3835-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/3835-1/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6559.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://lists.ubuntu.com/archives/kernel-team/2018-October/096172.html"
            },
            {
              "name": "USN-3833-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/3833-1/"
            },
            {
              "name": "USN-3832-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/3832-1/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://launchpad.net/bugs/1793458"
            },
            {
              "name": "USN-3836-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/3836-1/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@ubuntu.com",
              "DATE_PUBLIC": "2018-10-18T00:00:00.000Z",
              "ID": "CVE-2018-6559",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10",
                          "version": {
                            "version_data": [
                              {
                                "affected": "=",
                                "version_affected": "=",
                                "version_value": "4.15.0-38.41"
                              },
                              {
                                "affected": "=",
                                "version_affected": "=",
                                "version_value": "4.18.0-10.11"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Canonical Ltd."
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Philipp Wendler"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-200: Information Exposure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "105752",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105752"
                },
                {
                  "name": "USN-3836-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/3836-2/"
                },
                {
                  "name": "USN-3835-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/3835-1/"
                },
                {
                  "name": "https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6559.html",
                  "refsource": "CONFIRM",
                  "url": "https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6559.html"
                },
                {
                  "name": "https://lists.ubuntu.com/archives/kernel-team/2018-October/096172.html",
                  "refsource": "CONFIRM",
                  "url": "https://lists.ubuntu.com/archives/kernel-team/2018-October/096172.html"
                },
                {
                  "name": "USN-3833-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/3833-1/"
                },
                {
                  "name": "USN-3832-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/3832-1/"
                },
                {
                  "name": "https://launchpad.net/bugs/1793458",
                  "refsource": "CONFIRM",
                  "url": "https://launchpad.net/bugs/1793458"
                },
                {
                  "name": "USN-3836-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/3836-1/"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2018-6559",
        "datePublished": "2018-10-26T17:00:00.000Z",
        "dateReserved": "2018-02-02T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:19:23.303Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-6559 (GCVE-0-2018-6559)

    Vulnerability from cvelistv5 – Published: 2018-10-26 17:00 – Updated: 2024-09-16 19:19
    VLAI
    Summary
    The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace.
    Severity
    No CVSS data available.
    CWE
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/105752 vdb-entryx_refsource_BID
    https://usn.ubuntu.com/3836-2/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/3835-1/ vendor-advisoryx_refsource_UBUNTU
    https://people.canonical.com/~ubuntu-security/cve… x_refsource_CONFIRM
    https://lists.ubuntu.com/archives/kernel-team/201… x_refsource_CONFIRM
    https://usn.ubuntu.com/3833-1/ vendor-advisoryx_refsource_UBUNTU
    https://usn.ubuntu.com/3832-1/ vendor-advisoryx_refsource_UBUNTU
    https://launchpad.net/bugs/1793458 x_refsource_CONFIRM
    https://usn.ubuntu.com/3836-1/ vendor-advisoryx_refsource_UBUNTU
    Impacted products
    Date Public
    2018-10-18 00:00
    Credits
    Philipp Wendler
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T06:10:10.381Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "105752",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/105752"
              },
              {
                "name": "USN-3836-2",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/3836-2/"
              },
              {
                "name": "USN-3835-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/3835-1/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6559.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://lists.ubuntu.com/archives/kernel-team/2018-October/096172.html"
              },
              {
                "name": "USN-3833-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/3833-1/"
              },
              {
                "name": "USN-3832-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/3832-1/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://launchpad.net/bugs/1793458"
              },
              {
                "name": "USN-3836-1",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
                  "x_transferred"
                ],
                "url": "https://usn.ubuntu.com/3836-1/"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10",
              "vendor": "Canonical Ltd.",
              "versions": [
                {
                  "status": "affected",
                  "version": "4.15.0-38.41"
                },
                {
                  "status": "affected",
                  "version": "4.18.0-10.11"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "value": "Philipp Wendler"
            }
          ],
          "datePublic": "2018-10-18T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-200",
                  "description": "CWE-200: Information Exposure",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-12-04T10:57:01.000Z",
            "orgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            "shortName": "canonical"
          },
          "references": [
            {
              "name": "105752",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/105752"
            },
            {
              "name": "USN-3836-2",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/3836-2/"
            },
            {
              "name": "USN-3835-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/3835-1/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6559.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://lists.ubuntu.com/archives/kernel-team/2018-October/096172.html"
            },
            {
              "name": "USN-3833-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/3833-1/"
            },
            {
              "name": "USN-3832-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/3832-1/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://launchpad.net/bugs/1793458"
            },
            {
              "name": "USN-3836-1",
              "tags": [
                "vendor-advisory",
                "x_refsource_UBUNTU"
              ],
              "url": "https://usn.ubuntu.com/3836-1/"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "security@ubuntu.com",
              "DATE_PUBLIC": "2018-10-18T00:00:00.000Z",
              "ID": "CVE-2018-6559",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10",
                          "version": {
                            "version_data": [
                              {
                                "affected": "=",
                                "version_affected": "=",
                                "version_value": "4.15.0-38.41"
                              },
                              {
                                "affected": "=",
                                "version_affected": "=",
                                "version_value": "4.18.0-10.11"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Canonical Ltd."
                  }
                ]
              }
            },
            "credit": [
              {
                "lang": "eng",
                "value": "Philipp Wendler"
              }
            ],
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "CWE-200: Information Exposure"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "105752",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/105752"
                },
                {
                  "name": "USN-3836-2",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/3836-2/"
                },
                {
                  "name": "USN-3835-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/3835-1/"
                },
                {
                  "name": "https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6559.html",
                  "refsource": "CONFIRM",
                  "url": "https://people.canonical.com/~ubuntu-security/cve/2018/CVE-2018-6559.html"
                },
                {
                  "name": "https://lists.ubuntu.com/archives/kernel-team/2018-October/096172.html",
                  "refsource": "CONFIRM",
                  "url": "https://lists.ubuntu.com/archives/kernel-team/2018-October/096172.html"
                },
                {
                  "name": "USN-3833-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/3833-1/"
                },
                {
                  "name": "USN-3832-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/3832-1/"
                },
                {
                  "name": "https://launchpad.net/bugs/1793458",
                  "refsource": "CONFIRM",
                  "url": "https://launchpad.net/bugs/1793458"
                },
                {
                  "name": "USN-3836-1",
                  "refsource": "UBUNTU",
                  "url": "https://usn.ubuntu.com/3836-1/"
                }
              ]
            },
            "source": {
              "discovery": "UNKNOWN"
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "cc1ad9ee-3454-478d-9317-d3e869d708bc",
        "assignerShortName": "canonical",
        "cveId": "CVE-2018-6559",
        "datePublished": "2018-10-26T17:00:00.000Z",
        "dateReserved": "2018-02-02T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:19:23.303Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }