CVEs related to bugs in Ubuntu Cosmic

Open bugs in Ubuntu Cosmic

Bug CVE(s)
Bug #1753572: cpio in Busybox 1.27 ingnores "unsafe links" CVE-2011-5325
debirf (Ubuntu Cosmic) Confirmed (unassigned)
Bug #1762385: dell_wmi: Unknown key codes CVE-2017-5715
CVE-2018-14633
CVE-2018-15572
CVE-2018-15594
CVE-2018-17182
CVE-2018-3639
CVE-2018-6554
CVE-2018-6555
linux (Ubuntu Cosmic) Fix committed by Kai-Heng Feng
Bug #1778486: x86/kvm: fix LAPIC timer drift when guest uses periodic mode CVE-2018-10323
CVE-2018-10840
CVE-2018-10881
CVE-2018-1108
CVE-2018-11412
CVE-2018-11506
CVE-2018-12232
CVE-2018-12233
CVE-2018-12904
CVE-2018-13094
CVE-2018-13405
CVE-2018-13406
linux (Ubuntu Cosmic) In progress, assigned to Joseph Salisbury
Bug #1779923: other users' coredumps can be read via setgid directory and killpriv bypass CVE-2016-10208
CVE-2017-11472
CVE-2017-11473
CVE-2017-14991
CVE-2017-15649
CVE-2017-16526
CVE-2017-16527
CVE-2017-16529
CVE-2017-16531
CVE-2017-16532
CVE-2017-16533
CVE-2017-16535
CVE-2017-16536
CVE-2017-16537
CVE-2017-16538
CVE-2017-16643
CVE-2017-16644
CVE-2017-16645
CVE-2017-16650
CVE-2017-16911
CVE-2017-16912
CVE-2017-16913
CVE-2017-16914
CVE-2017-17558
CVE-2017-18255
CVE-2017-18270
CVE-2017-2583
CVE-2017-2584
CVE-2017-2671
CVE-2017-5549
CVE-2017-5715
CVE-2017-5897
CVE-2017-6345
CVE-2017-6348
CVE-2017-7518
CVE-2017-7645
CVE-2017-8831
CVE-2017-9984
CVE-2018-1000204
CVE-2018-10021
CVE-2018-10087
CVE-2018-10124
CVE-2018-10323
CVE-2018-10675
CVE-2018-10840
CVE-2018-10877
CVE-2018-10881
CVE-2018-1092
CVE-2018-1093
CVE-2018-10940
CVE-2018-1108
CVE-2018-11412
CVE-2018-11506
CVE-2018-12232
CVE-2018-12233
CVE-2018-12904
CVE-2018-13094
CVE-2018-13405
CVE-2018-13406
linux (Ubuntu Cosmic) In progress, assigned to Tyler Hicks
Bug #1788222: Bugfix for handling of shadow doorbell buffer CVE-2018-1118
linux (Ubuntu Cosmic) Fix committed by Marcelo Cerri
Bug #1793461: Improvements to the kernel source package preparation CVE-2018-14633
CVE-2018-5391
linux-hwe-edge (Ubuntu Cosmic) New (unassigned)

Resolved bugs in Ubuntu Cosmic

Bug CVE(s)
Bug #1745646: Battery drains when laptop is off (shutdown) CVE-2018-1068
CVE-2018-1092
CVE-2018-3639
CVE-2018-7492
CVE-2018-8087
CVE-2018-8781
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1753572: cpio in Busybox 1.27 ingnores "unsafe links" CVE-2011-5325
busybox (Ubuntu Cosmic) Fix released (unassigned)
Bug #1762385: dell_wmi: Unknown key codes CVE-2017-5715
CVE-2018-14633
CVE-2018-15572
CVE-2018-15594
CVE-2018-17182
CVE-2018-3639
CVE-2018-6554
CVE-2018-6555
systemd (Ubuntu Cosmic) Fix released (unassigned)
Bug #1767539: Security fixes from 0.12.5 require backfit to earlier releases CVE-2018-1000178
CVE-2018-1000179
quassel (Ubuntu Cosmic) Fix released, assigned to Simon Quigley
Bug #1768431: Request to revert SAUCE patches in the 18.04 SRU and update with upstream version CVE-2018-11508
CVE-2018-7755
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1768649: [CVE] Access to privileged files CVE-2018-10380
kwallet-pam (Ubuntu Cosmic) Fix released, assigned to Rik Mills
Bug #1768852: Kernel bug when unplugging Thunderbolt 3 cable, leaves xHCI host controller dead CVE-2018-1092
CVE-2018-3639
CVE-2018-8087
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1769721: [ALSA] [PATCH] Clevo P950ER ALC1220 Fixup CVE-2018-1092
CVE-2018-3639
CVE-2018-8087
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1769937: Error reported when creating ZFS pool with "-t" option, despite successful pool creation CVE-2018-14633
CVE-2018-5391
zfs-linux (Ubuntu Cosmic) Fix released, assigned to Colin Ian King
linux (Ubuntu Cosmic) Fix released, assigned to Colin Ian King
Bug #1770095: Need fix to aacraid driver to prevent panic CVE-2018-10323
CVE-2018-10840
CVE-2018-10881
CVE-2018-1108
CVE-2018-11412
CVE-2018-11506
CVE-2018-12232
CVE-2018-12233
CVE-2018-12904
CVE-2018-13094
CVE-2018-13405
CVE-2018-13406
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1770184: Security patches in 5.6.36, 7.0.30, 7.1.17 & 7.2.5 CVE-2018-10545
CVE-2018-10546
CVE-2018-10547
CVE-2018-10548
CVE-2018-10549
php5 (Ubuntu Cosmic) Invalid (unassigned)
php7.0 (Ubuntu Cosmic) Invalid (unassigned)
php7.1 (Ubuntu Cosmic) Invalid (unassigned)
php7.2 (Ubuntu Cosmic) Fix released (unassigned)
Bug #1771245: [ICL] Touch support CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1771344: Fix enabling bridge MMIO windows CVE-2018-1130
CVE-2018-11508
CVE-2018-5750
CVE-2018-5803
CVE-2018-6927
CVE-2018-7755
CVE-2018-7757
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1771780: [LTCTest][OPAL][OP920] cpupower idle-info is not listing stop4 and stop5 idle states when all CORES are guarded CVE-2018-11508
CVE-2018-7755
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1771823: Please include ax88179_178a and r8152 modules in d-i udeb CVE-2018-10323
CVE-2018-10840
CVE-2018-10881
CVE-2018-1108
CVE-2018-11412
CVE-2018-11506
CVE-2018-12232
CVE-2018-12233
CVE-2018-12904
CVE-2018-13094
CVE-2018-13405
CVE-2018-13406
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1771844: powerpc/livepatch: Implement reliable stack tracing for the consistency model CVE-2018-11508
CVE-2018-7755
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1774366: Fix MCE handling for user access of poisoned device-dax mapping CVE-2017-5715
linux (Ubuntu Cosmic) Fix released, assigned to Thadeu Lima de Souza Cascardo
Bug #1774950: Suspend fails in Ubuntu and Kubuntu 18.04 but works fine in Ubuntu and Kubuntu 17.10 (and on Kubuntu 18.04 using kernel 4.14.47) CVE-2018-1118
CVE-2018-12233
CVE-2018-13094
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1775856: register on binfmt_misc may overflow and crash the system CVE-2017-12154
CVE-2017-12193
CVE-2017-15265
CVE-2018-1130
CVE-2018-11508
CVE-2018-3639
CVE-2018-3665
CVE-2018-5750
CVE-2018-5803
CVE-2018-6927
CVE-2018-7755
CVE-2018-7757
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1776332: [POWER9][Ubuntu 18.04] OpenJDK 10+ can halt when detecting RTM feature on POWER9 DD2.1 CVE-2018-2825
CVE-2018-2826
CVE-2018-2952
CVE-2018-2972
openjdk-lts (Ubuntu Cosmic) Fix released, assigned to Tiago Stürmer Daitx
Bug #1780151: Missing libfontconfig1 dependency for openjdk-11-jre-headless (compared to openjdk-8) CVE-2018-2825
CVE-2018-2826
CVE-2018-2952
CVE-2018-2972
openjdk-lts (Ubuntu Cosmic) Fix released (unassigned)
Bug #1780844: CVE-2017-7957: XStream through 1.4.9 mishandles attempts to create an instance of the primitive type 'void' CVE-2017-7957
libxstream-java (Ubuntu Cosmic) Fix released (unassigned)
Bug #1781364: Kernel error "task zfs:pid blocked for more than 120 seconds" CVE-2018-10323
CVE-2018-10840
CVE-2018-10881
CVE-2018-1108
CVE-2018-11412
CVE-2018-11506
CVE-2018-12232
CVE-2018-12233
CVE-2018-12904
CVE-2018-13094
CVE-2018-13405
CVE-2018-13406
linux (Ubuntu Cosmic) Fix released, assigned to Colin Ian King
zfs-linux (Ubuntu Cosmic) Fix released, assigned to Colin Ian King
Bug #1781925: Vulnerabilities in znc package CVE-2018-14055 CVE-2018-14056 CVE-2014-9403
CVE-2018-14055
CVE-2018-14056
znc (Ubuntu Cosmic) Fix released, assigned to Thomas Ward
Bug #1782152: GDM blocks SIGUSR1 used in PAM scripts CVE-2018-14424
gdm3 (Ubuntu Cosmic) Fix released, assigned to Dariusz Gadomski
Bug #1783591: lxc-user-nic allows unprivileged users to open arbitrary files CVE-2018-6556
lxc (Ubuntu Cosmic) Fix released, assigned to Ubuntu Container Security team
Bug #1783651: Please enable CONFIG_PAGE_POISONING CVE-2017-5715
linux (Ubuntu Cosmic) Fix released, assigned to Colin Ian King
Bug #1783766: linux-azure: 4.17.0-1001.1 -proposed tracker CVE-2018-14633
CVE-2018-5391
linux-azure (Ubuntu Cosmic) Fix released (unassigned)
Bug #1783964: Please make CONFIG_PWM_LPSS_PCI and CONFIG_PWM_LPSS_PLATFORM built in to make brightness adjustment working on various BayTrail/CherryTrail-based devices CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1784634: Cosmic update to 4.17.10 stable release CVE-2018-12233
CVE-2018-13094
linux (Ubuntu Cosmic) Fix released, assigned to Thadeu Lima de Souza Cascardo
Bug #1784636: Cosmic update to 4.17.11 stable release CVE-2018-12233
CVE-2018-13094
linux (Ubuntu Cosmic) Fix released, assigned to Thadeu Lima de Souza Cascardo
Bug #1785211: Cosmic update to 4.17.12 stable release CVE-2018-12233
CVE-2018-13094
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1785242: linux: 4.17.0-7.8 -proposed tracker CVE-2018-12233
CVE-2018-13094
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1785780: TB 16 issue on Dell Lattitude 7490 with large amount of data CVE-2017-5715
CVE-2018-14633
CVE-2018-15572
CVE-2018-15594
CVE-2018-17182
CVE-2018-3639
CVE-2018-6554
CVE-2018-6555
linux (Ubuntu Cosmic) Fix released, assigned to Kai-Heng Feng
Bug #1786938: New upstream microreleases 9.3.24, 9.5.14, and 10.5 CVE-2018-10915
CVE-2018-10925
postgresql-10 (Ubuntu Cosmic) Fix released (unassigned)
Bug #1787259: linux: 4.17.0-8.9 -proposed tracker CVE-2018-9363
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1787267: Can't type | ( pipe ) over vnc CVE-2018-15746
qemu (Ubuntu Cosmic) Fix released (unassigned)
Bug #1787898: [18.10 FEAT] Add kernel config option "CONFIG_SCLP_OFB" CVE-2017-5715
CVE-2018-14633
CVE-2018-15572
CVE-2018-15594
CVE-2018-17182
CVE-2018-3639
CVE-2018-6554
CVE-2018-6555
linux (Ubuntu Cosmic) Fix released, assigned to Canonical Kernel
Bug #1787988: linux: 4.17.0-9.10 -proposed tracker CVE-2018-9363
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1788563: L1TF mitigation not effective in some CPU and RAM combinations CVE-2017-5715
CVE-2017-5753
CVE-2018-1093
CVE-2018-14633
CVE-2018-14634
CVE-2018-15572
CVE-2018-15594
CVE-2018-17182
CVE-2018-3620
CVE-2018-3639
CVE-2018-3646
CVE-2018-6554
CVE-2018-6555
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1789358: Support Power Management for Thunderbolt Controller CVE-2017-5715
CVE-2018-14633
CVE-2018-15572
CVE-2018-15594
CVE-2018-17182
CVE-2018-3639
CVE-2018-6554
CVE-2018-6555
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1789551: qemu: CVE-2018-15746: seccomp: blacklist is not applied to all threads CVE-2018-15746
qemu (Ubuntu Cosmic) Fix released, assigned to  Christian Ehrhardt 
Bug #1790652: Oracle cosmic image does not find broadcom network device in Shape VMStandard2.1 CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to Seth Forshee
Bug #1791377: linux-azure: 4.18.0-1001.1 -proposed tracker CVE-2018-14633
CVE-2018-5391
linux-azure (Ubuntu Cosmic) Fix released (unassigned)
Bug #1791663: linux: 4.18.0-8.9 -proposed tracker CVE-2017-5715
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1791664: linux-azure: 4.18.0-1002.2 -proposed tracker CVE-2018-14633
CVE-2018-5391
linux-azure (Ubuntu Cosmic) Fix released (unassigned)
Bug #1792009: linux-raspi2: 4.18.0-1004.6 -proposed tracker CVE-2017-5715
linux-raspi2 (Ubuntu Cosmic) Fix released (unassigned)
Bug #1792309: Fix I2C touchpanels' interrupt storms after system suspend CVE-2017-5715
CVE-2018-14633
CVE-2018-15572
CVE-2018-15594
CVE-2018-17182
CVE-2018-3639
CVE-2018-5391
CVE-2018-6554
CVE-2018-6555
linux (Ubuntu Cosmic) Fix released (unassigned)
linux-oem (Ubuntu Cosmic) Fix released (unassigned)
Bug #1793086: qeth: use vzalloc for QUERY OAT buffer CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to Joseph Salisbury
Bug #1793338: Fix unusable NVIDIA GPU after S3 CVE-2017-5715
CVE-2018-14633
CVE-2018-15572
CVE-2018-15594
CVE-2018-17182
CVE-2018-3639
CVE-2018-5391
CVE-2018-6554
CVE-2018-6555
linux (Ubuntu Cosmic) Fix released (unassigned)
linux-oem (Ubuntu Cosmic) Fix released (unassigned)
Bug #1793394: hns3: enable ethtool rx-vlan-filter on supported hw CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to dann frazier
Bug #1793404: hns3: Modifying channel parameters will reset ring parameters back to defaults CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to dann frazier
Bug #1793430: Page leaking in cachefiles_read_backing_file while vmscan is active CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to Daniel Axtens
Bug #1793461: Improvements to the kernel source package preparation CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1793682: Cosmic update to 4.18.9 stable release CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1794151: hisi_sas: Add SATA FIX check for v3 hw CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to dann frazier
Bug #1794156: Fix potential corruption using SAS controller on HiSilicon arm64 boards CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to dann frazier
Bug #1794165: hisi_sas: Reduce unnecessary spin lock contention CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to dann frazier
Bug #1794166: Add functional level reset support for the SAS controller on HiSilicon D06 systems CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to dann frazier
Bug #1794172: HiSilicon SAS controller doesn't recover from PHY STP link timeout CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to dann frazier
Bug #1794294: [Ubuntu] s390/crypto: Fix return code checking in cbc_paes_crypt. CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to Seth Forshee
Bug #1794597: Cosmic update to 4.18.10 stable release CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1795036: iptables --list --numeric fails on -virtual kernel / -virtual missing bpfilter CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to Seth Forshee
Bug #1795492: linux-aws: 4.18.0-1001.2 -proposed tracker CVE-2018-14633
CVE-2018-5391
linux-aws (Ubuntu Cosmic) Fix released (unassigned)
Bug #1795665: fails to build on armhf because of module rename CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to Thadeu Lima de Souza Cascardo
Bug #1795784: Fix usbcore.quirks when used at boot CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released (unassigned)
Bug #1796139: Cosmic update: v4.18.12 upstream stable release CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released, assigned to Seth Forshee
Bug #1796346: linux: 4.18.0-9.10 -proposed tracker CVE-2018-14633
CVE-2018-5391
linux (Ubuntu Cosmic) Fix released (unassigned)
debian-installer (Ubuntu Cosmic) Fix released (unassigned)
Bug #1796349: linux-raspi2: 4.18.0-1005.7 -proposed tracker CVE-2018-14633
CVE-2018-5391
linux-raspi2 (Ubuntu Cosmic) Fix released (unassigned)
Bug #1796350: linux-azure: 4.18.0-1003.3 -proposed tracker CVE-2018-14633
CVE-2018-5391
linux-azure (Ubuntu Cosmic) Fix released (unassigned)
Bug #1796351: linux-gcp: 4.18.0-1002.3 -proposed tracker CVE-2018-14633
CVE-2018-5391
linux-gcp (Ubuntu Cosmic) Fix released (unassigned)
Bug #1796353: linux-kvm: 4.18.0-1003.3 -proposed tracker CVE-2018-14633
CVE-2018-5391
linux-kvm (Ubuntu Cosmic) Fix released (unassigned)
Bug #1796944: linux-aws: 4.18.0-1002.3 -proposed tracker CVE-2018-14633
CVE-2018-5391
linux-aws (Ubuntu Cosmic) Fix released (unassigned)

Other CVE reports

View the full set of CVE reports associated with Ubuntu.