{"id":"USN-3826-1","summary":"qemu vulnerabilities","details":"Daniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled\nNE2000 device emulation. An attacker inside the guest could use this issue\nto cause QEMU to crash, resulting in a denial of service. (CVE-2018-10839)\n\nIt was discovered that QEMU incorrectly handled the Slirp networking\nback-end. A privileged attacker inside the guest could use this issue to\ncause QEMU to crash, resulting in a denial of service, or possibly execute\narbitrary code on the host. In the default installation, when QEMU is used\nwith libvirt, attackers would be isolated by the libvirt AppArmor profile.\nThis issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu\n18.04 LTS. (CVE-2018-11806)\n\nFakhri Zulkifli discovered that the QEMU guest agent incorrectly handled\ncertain QMP commands. An attacker could possibly use this issue to crash\nthe QEMU guest agent, resulting in a denial of service. (CVE-2018-12617)\n\nLi Qiang discovered that QEMU incorrectly handled NVM Express Controller\nemulation. An attacker inside the guest could use this issue to cause QEMU\nto crash, resulting in a denial of service, or possibly execute arbitrary\ncode on the host. In the default installation, when QEMU is used with\nlibvirt, attackers would be isolated by the libvirt AppArmor profile. This\nissue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. (CVE-2018-16847)\n\nDaniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled\nRTL8139 device emulation. An attacker inside the guest could use this issue\nto cause QEMU to crash, resulting in a denial of service. (CVE-2018-17958)\n\nDaniel Shapira and Arash Tohidi discovered that QEMU incorrectly handled\nPCNET device emulation. An attacker inside the guest could use this issue\nto cause QEMU to crash, resulting in a denial of service. (CVE-2018-17962)\n\nDaniel Shapira discovered that QEMU incorrectly handled large packet sizes.\nAn attacker inside the guest could use this issue to cause QEMU to crash,\nresulting in a denial of service. (CVE-2018-17963)\n\nIt was discovered that QEMU incorrectly handled LSI53C895A device\nemulation. An attacker inside the guest could use this issue to cause QEMU\nto crash, resulting in a denial of service. (CVE-2018-18849)\n\nMoguofang discovered that QEMU incorrectly handled the IPowerNV LPC\ncontroller. An attacker inside the guest could use this issue to cause QEMU\nto crash, resulting in a denial of service. This issue only affected Ubuntu\n18.04 LTS and Ubuntu 18.10. (CVE-2018-18954)\n\nZhibin Hu discovered that QEMU incorrectly handled the Plan 9 File System\nsupport. An attacker inside the guest could use this issue to cause QEMU\nto crash, resulting in a denial of service. (CVE-2018-19364)\n","modified":"2026-02-10T04:41:27Z","published":"2018-11-26T14:23:51Z","related":["UBUNTU-CVE-2018-10839","UBUNTU-CVE-2018-11806","UBUNTU-CVE-2018-12617","UBUNTU-CVE-2018-16847","UBUNTU-CVE-2018-17958","UBUNTU-CVE-2018-17962","UBUNTU-CVE-2018-17963","UBUNTU-CVE-2018-18849","UBUNTU-CVE-2018-18954","UBUNTU-CVE-2018-19364"],"upstream":["CVE-2018-10839","CVE-2018-11806","CVE-2018-12617","CVE-2018-16847","CVE-2018-17958","CVE-2018-17962","CVE-2018-17963","CVE-2018-18849","CVE-2018-18954","CVE-2018-19364","UBUNTU-CVE-2018-10839","UBUNTU-CVE-2018-11806","UBUNTU-CVE-2018-12617","UBUNTU-CVE-2018-16847","UBUNTU-CVE-2018-17958","UBUNTU-CVE-2018-17962","UBUNTU-CVE-2018-17963","UBUNTU-CVE-2018-18849","UBUNTU-CVE-2018-18954","UBUNTU-CVE-2018-19364"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-3826-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-10839"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-11806"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-12617"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-16847"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-17958"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-17962"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-17963"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-18849"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-18954"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2018-19364"}],"affected":[{"package":{"name":"qemu","ecosystem":"Ubuntu:14.04:LTS","purl":"pkg:deb/ubuntu/qemu@2.0.0+dfsg-2ubuntu1.44?arch=source&distro=trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.0.0+dfsg-2ubuntu1.44"}]}],"versions":["1.5.0+dfsg-3ubuntu5","1.5.0+dfsg-3ubuntu6","1.6.0+dfsg-2ubuntu1","1.6.0+dfsg-2ubuntu2","1.6.0+dfsg-2ubuntu3","1.6.0+dfsg-2ubuntu4","1.7.0+dfsg-2ubuntu1","1.7.0+dfsg-2ubuntu2","1.7.0+dfsg-2ubuntu3","1.7.0+dfsg-2ubuntu4","1.7.0+dfsg-2ubuntu5","1.7.0+dfsg-2ubuntu7","1.7.0+dfsg-2ubuntu8","1.7.0+dfsg-2ubuntu9","1.7.0+dfsg-3ubuntu1~ppa1","1.7.0+dfsg-3ubuntu1","1.7.0+dfsg-3ubuntu2","1.7.0+dfsg-3ubuntu3","1.7.0+dfsg-3ubuntu4","1.7.0+dfsg-3ubuntu5","1.7.0+dfsg-3ubuntu6","1.7.0+dfsg-3ubuntu7","2.0.0~rc1+dfsg-0ubuntu1","2.0.0~rc1+dfsg-0ubuntu2","2.0.0~rc1+dfsg-0ubuntu3","2.0.0~rc1+dfsg-0ubuntu3.1","2.0.0+dfsg-2ubuntu1","2.0.0+dfsg-2ubuntu1.1","2.0.0+dfsg-2ubuntu1.2","2.0.0+dfsg-2ubuntu1.3","2.0.0+dfsg-2ubuntu1.5","2.0.0+dfsg-2ubuntu1.6","2.0.0+dfsg-2ubuntu1.7","2.0.0+dfsg-2ubuntu1.8","2.0.0+dfsg-2ubuntu1.9","2.0.0+dfsg-2ubuntu1.10","2.0.0+dfsg-2ubuntu1.11","2.0.0+dfsg-2ubuntu1.13","2.0.0+dfsg-2ubuntu1.14","2.0.0+dfsg-2ubuntu1.15","2.0.0+dfsg-2ubuntu1.16","2.0.0+dfsg-2ubuntu1.17","2.0.0+dfsg-2ubuntu1.18","2.0.0+dfsg-2ubuntu1.19","2.0.0+dfsg-2ubuntu1.20","2.0.0+dfsg-2ubuntu1.21","2.0.0+dfsg-2ubuntu1.22","2.0.0+dfsg-2ubuntu1.24","2.0.0+dfsg-2ubuntu1.25","2.0.0+dfsg-2ubuntu1.26","2.0.0+dfsg-2ubuntu1.27","2.0.0+dfsg-2ubuntu1.28","2.0.0+dfsg-2ubuntu1.29","2.0.0+dfsg-2ubuntu1.30","2.0.0+dfsg-2ubuntu1.31","2.0.0+dfsg-2ubuntu1.32","2.0.0+dfsg-2ubuntu1.33","2.0.0+dfsg-2ubuntu1.34","2.0.0+dfsg-2ubuntu1.35","2.0.0+dfsg-2ubuntu1.36","2.0.0+dfsg-2ubuntu1.38","2.0.0+dfsg-2ubuntu1.39","2.0.0+dfsg-2ubuntu1.40","2.0.0+dfsg-2ubuntu1.41","2.0.0+dfsg-2ubuntu1.42","2.0.0+dfsg-2ubuntu1.43"],"ecosystem_specific":{"binaries":[{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-common"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-guest-agent"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-keymaps"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-kvm"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-system"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-system-aarch64"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-system-arm"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-system-common"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-system-mips"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-system-misc"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-system-ppc"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-system-sparc"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-system-x86"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-user"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-user-static"},{"binary_version":"2.0.0+dfsg-2ubuntu1.44","binary_name":"qemu-utils"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3826-1.json","cves_map":{"cves":[{"id":"CVE-2018-10839","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-11806","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-12617","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-17958","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-17962","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-17963","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-18849","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2018-19364","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}],"ecosystem":"Ubuntu:14.04:LTS"}}},{"package":{"name":"qemu","ecosystem":"Ubuntu:16.04:LTS","purl":"pkg:deb/ubuntu/qemu@1:2.5+dfsg-5ubuntu10.33?arch=source&distro=xenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.5+dfsg-5ubuntu10.33"}]}],"versions":["1:2.3+dfsg-5ubuntu9","1:2.3+dfsg-5ubuntu10","1:2.4+dfsg-4ubuntu1","1:2.4+dfsg-4ubuntu2","1:2.4+dfsg-4ubuntu3","1:2.4+dfsg-5ubuntu3","1:2.5+dfsg-1ubuntu2","1:2.5+dfsg-1ubuntu3","1:2.5+dfsg-1ubuntu4","1:2.5+dfsg-1ubuntu5","1:2.5+dfsg-5ubuntu1","1:2.5+dfsg-5ubuntu2","1:2.5+dfsg-5ubuntu4","1:2.5+dfsg-5ubuntu6","1:2.5+dfsg-5ubuntu7","1:2.5+dfsg-5ubuntu10","1:2.5+dfsg-5ubuntu10.1","1:2.5+dfsg-5ubuntu10.2","1:2.5+dfsg-5ubuntu10.3","1:2.5+dfsg-5ubuntu10.4","1:2.5+dfsg-5ubuntu10.5","1:2.5+dfsg-5ubuntu10.6","1:2.5+dfsg-5ubuntu10.7","1:2.5+dfsg-5ubuntu10.8","1:2.5+dfsg-5ubuntu10.9","1:2.5+dfsg-5ubuntu10.10","1:2.5+dfsg-5ubuntu10.11","1:2.5+dfsg-5ubuntu10.13","1:2.5+dfsg-5ubuntu10.14","1:2.5+dfsg-5ubuntu10.15","1:2.5+dfsg-5ubuntu10.16","1:2.5+dfsg-5ubuntu10.20","1:2.5+dfsg-5ubuntu10.21","1:2.5+dfsg-5ubuntu10.22","1:2.5+dfsg-5ubuntu10.24","1:2.5+dfsg-5ubuntu10.25","1:2.5+dfsg-5ubuntu10.26","1:2.5+dfsg-5ubuntu10.28","1:2.5+dfsg-5ubuntu10.29","1:2.5+dfsg-5ubuntu10.30","1:2.5+dfsg-5ubuntu10.31","1:2.5+dfsg-5ubuntu10.32"],"ecosystem_specific":{"binaries":[{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-block-extra"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-guest-agent"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-kvm"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-system"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-system-aarch64"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-system-arm"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-system-common"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-system-mips"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-system-misc"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-system-ppc"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-system-s390x"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-system-sparc"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-system-x86"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-user"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-user-binfmt"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-user-static"},{"binary_version":"1:2.5+dfsg-5ubuntu10.33","binary_name":"qemu-utils"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3826-1.json","cves_map":{"cves":[{"id":"CVE-2018-10839","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-11806","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-12617","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-17958","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-17962","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-17963","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-18849","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2018-19364","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}],"ecosystem":"Ubuntu:16.04:LTS"}}},{"package":{"name":"qemu","ecosystem":"Ubuntu:18.04:LTS","purl":"pkg:deb/ubuntu/qemu@1:2.11+dfsg-1ubuntu7.8?arch=source&distro=bionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1:2.11+dfsg-1ubuntu7.8"}]}],"versions":["1:2.10+dfsg-0ubuntu3","1:2.10+dfsg-0ubuntu4","1:2.10+dfsg-0ubuntu5","1:2.11+dfsg-1ubuntu1","1:2.11+dfsg-1ubuntu2","1:2.11+dfsg-1ubuntu4","1:2.11+dfsg-1ubuntu5","1:2.11+dfsg-1ubuntu6","1:2.11+dfsg-1ubuntu7","1:2.11+dfsg-1ubuntu7.1","1:2.11+dfsg-1ubuntu7.2","1:2.11+dfsg-1ubuntu7.3","1:2.11+dfsg-1ubuntu7.4","1:2.11+dfsg-1ubuntu7.5","1:2.11+dfsg-1ubuntu7.6","1:2.11+dfsg-1ubuntu7.7"],"ecosystem_specific":{"binaries":[{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-block-extra"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-guest-agent"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-kvm"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-system"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-system-arm"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-system-common"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-system-mips"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-system-misc"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-system-ppc"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-system-s390x"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-system-sparc"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-system-x86"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-user"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-user-binfmt"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-user-static"},{"binary_version":"1:2.11+dfsg-1ubuntu7.8","binary_name":"qemu-utils"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3826-1.json","cves_map":{"cves":[{"id":"CVE-2018-10839","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-11806","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-12617","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-16847","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-17958","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-17962","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-17963","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2018-18849","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2018-18954","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]},{"id":"CVE-2018-19364","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"},{"type":"Ubuntu","score":"low"}]}],"ecosystem":"Ubuntu:18.04:LTS"}}}],"schema_version":"1.7.3"}