CVEs related to bugs in Ubuntu Cosmic

Open bugs in Ubuntu Cosmic

Bug CVE(s)
Bug #1753572: cpio in Busybox 1.27 ingnores "unsafe links" CVE-2011-5325
debirf (Ubuntu Cosmic) Confirmed (unassigned)
Bug #1770184: Security patches in 5.6.36, 7.0.30, 7.1.17 & 7.2.5 CVE-2018-10545
CVE-2018-10546
CVE-2018-10547
CVE-2018-10548
CVE-2018-10549
php7.2 (Ubuntu Cosmic) Confirmed (unassigned)
Bug #1779923: other users' coredumps can be read via setgid directory and killpriv bypass CVE-2018-13405
linux (Ubuntu Cosmic) In progress, assigned to Tyler Hicks

Resolved bugs in Ubuntu Cosmic

Bug CVE(s)
Bug #1745646: Battery drains when laptop is off (shutdown) CVE-2018-1068
CVE-2018-1092
CVE-2018-3639
CVE-2018-7492
CVE-2018-8087
CVE-2018-8781
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1753572: cpio in Busybox 1.27 ingnores "unsafe links" CVE-2011-5325
busybox (Ubuntu Cosmic) Fix released (unassigned)
Bug #1767539: Security fixes from 0.12.5 require backfit to earlier releases CVE-2018-1000178
CVE-2018-1000179
quassel (Ubuntu Cosmic) Fix released, assigned to Simon Quigley
Bug #1768431: Request to revert SAUCE patches in the 18.04 SRU and update with upstream version CVE-2018-11508
CVE-2018-7755
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1768649: [CVE] Access to privileged files CVE-2018-10380
kwallet-pam (Ubuntu Cosmic) Fix released, assigned to Rik Mills
Bug #1768852: Kernel bug when unplugging Thunderbolt 3 cable, leaves xHCI host controller dead CVE-2018-1092
CVE-2018-3639
CVE-2018-8087
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1769721: [ALSA] [PATCH] Clevo P950ER ALC1220 Fixup CVE-2018-1092
CVE-2018-3639
CVE-2018-8087
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1770184: Security patches in 5.6.36, 7.0.30, 7.1.17 & 7.2.5 CVE-2018-10545
CVE-2018-10546
CVE-2018-10547
CVE-2018-10548
CVE-2018-10549
php5 (Ubuntu Cosmic) Invalid (unassigned)
php7.0 (Ubuntu Cosmic) Invalid (unassigned)
php7.1 (Ubuntu Cosmic) Invalid (unassigned)
Bug #1771344: Fix enabling bridge MMIO windows CVE-2018-1130
CVE-2018-11508
CVE-2018-5750
CVE-2018-5803
CVE-2018-6927
CVE-2018-7755
CVE-2018-7757
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1771780: [LTCTest][OPAL][OP920] cpupower idle-info is not listing stop4 and stop5 idle states when all CORES are guarded CVE-2018-11508
CVE-2018-7755
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1771844: powerpc/livepatch: Implement reliable stack tracing for the consistency model CVE-2018-11508
CVE-2018-7755
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1775856: register on binfmt_misc may overflow and crash the system CVE-2017-12154
CVE-2017-12193
CVE-2017-15265
CVE-2018-1130
CVE-2018-11508
CVE-2018-3639
CVE-2018-3665
CVE-2018-5750
CVE-2018-5803
CVE-2018-6927
CVE-2018-7755
CVE-2018-7757
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1776332: [POWER9][Ubuntu 18.04] OpenJDK 10+ can halt when detecting RTM feature on POWER9 DD2.1 CVE-2018-2825
CVE-2018-2826
CVE-2018-2952
CVE-2018-2972
openjdk-lts (Ubuntu Cosmic) Fix released, assigned to Tiago Stürmer Daitx
Bug #1780151: Missing libfontconfig1 dependency for openjdk-11-jre-headless (compared to openjdk-8) CVE-2018-2825
CVE-2018-2826
CVE-2018-2952
CVE-2018-2972
openjdk-lts (Ubuntu Cosmic) Fix released (unassigned)
Bug #1780844: CVE-2017-7957: XStream through 1.4.9 mishandles attempts to create an instance of the primitive type 'void' CVE-2017-7957
libxstream-java (Ubuntu Cosmic) Fix released (unassigned)
Bug #1781925: Vulnerabilities in znc package CVE-2018-14055 CVE-2018-14056 CVE-2014-9403
CVE-2018-14055
CVE-2018-14056
znc (Ubuntu Cosmic) Fix released, assigned to Thomas Ward
Bug #1783591: lxc-user-nic allows unprivileged users to open arbitrary files CVE-2018-6556
lxc (Ubuntu Cosmic) Fix released, assigned to Ubuntu Container Security team

Other CVE reports

View the full set of CVE reports associated with Ubuntu.