[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-USN-3821-2":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T08:53:30.047Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":42,"duplicates":43,"related":44,"reserved_at":9,"published_at":52,"modified_at":53,"state":9,"summary":54,"references_raw":56,"kevs":92,"epss":9,"epss_history":93,"metrics":94,"affected":95},"USN-3821-2","linux-lts-xenial, linux-aws vulnerabilities\n\nUSN-3821-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 LTS.\n\nWen Xu discovered that the ext4 filesystem implementation in the Linux\nkernel did not properly ensure that xattr information remained in inode\nbodies. An attacker could use this to construct a malicious ext4 image\nthat, when mounted, could cause a denial of service (system crash).\n(CVE-2018-10880)\n\nIt was discovered that the alarmtimer implementation in the Linux kernel\ncontained an integer overflow vulnerability. A local attacker could use\nthis to cause a denial of service. (CVE-2018-13053)\n\nWen Xu discovered that the f2fs filesystem implementation in the Linux\nkernel did not properly validate metadata. An attacker could use this to\nconstruct a malicious f2fs image that, when mounted, could cause a denial\nof service (system crash). (CVE-2018-13096)\n\nWen Xu and Po-Ning Tseng discovered that the btrfs filesystem\nimplementation in the Linux kernel did not properly handle relocations in\nsome situations. An attacker could use this to construct a malicious btrfs\nimage that, when mounted, could cause a denial of service (system crash).\n(CVE-2018-14609)\n\nWen Xu discovered that the HFS+ filesystem implementation in the Linux\nkernel did not properly handle malformed catalog data in some situations.\nAn attacker could use this to construct a malicious HFS+ image that, when\nmounted, could cause a denial of service (system crash). (CVE-2018-14617)\n\nJann Horn discovered that the procfs file system implementation in the\nLinux kernel did not properly restrict the ability to inspect the kernel\nstack of an arbitrary task. A local attacker could use this to expose\nsensitive information. (CVE-2018-17972)\n\nIt was discovered that the KVM implementation in the Linux kernel on ARM\n64bit processors did not properly handle some ioctls. An attacker with the\nprivilege to create KVM-based virtual machines could use this to cause a\ndenial of service (host system crash) or execute arbitrary code in the\nhost. (CVE-2018-18021)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40],{"_key":15},"CVE-2018-10880",{"_key":17},"CVE-2018-13053",{"_key":19},"CVE-2018-13096",{"_key":21},"CVE-2018-14609",{"_key":23},"CVE-2018-14617",{"_key":25},"CVE-2018-17972",{"_key":27},"CVE-2018-18021",{"_key":29},"UBUNTU-CVE-2018-10880",{"_key":31},"UBUNTU-CVE-2018-13053",{"_key":33},"UBUNTU-CVE-2018-13096",{"_key":35},"UBUNTU-CVE-2018-14609",{"_key":37},"UBUNTU-CVE-2018-14617",{"_key":39},"UBUNTU-CVE-2018-17972",{"_key":41},"UBUNTU-CVE-2018-18021",[],[],[45,46,47,48,49,50,51],{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},"2018-11-14T22:36:19Z","2026-06-03T14:04:11.343665932Z",{"cisa_kev":55,"cisa_ransomware":55,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[57,63,68,72,76,80,84,88],{"url":58,"sources":59,"tags":61},"https://ubuntu.com/security/notices/USN-3821-2",[60],"osv_ubuntu",[62],"Advisory",{"url":64,"sources":65,"tags":66},"https://ubuntu.com/security/CVE-2018-10880",[60],[67],"REPORT",{"url":69,"sources":70,"tags":71},"https://ubuntu.com/security/CVE-2018-13053",[60],[67],{"url":73,"sources":74,"tags":75},"https://ubuntu.com/security/CVE-2018-13096",[60],[67],{"url":77,"sources":78,"tags":79},"https://ubuntu.com/security/CVE-2018-14609",[60],[67],{"url":81,"sources":82,"tags":83},"https://ubuntu.com/security/CVE-2018-14617",[60],[67],{"url":85,"sources":86,"tags":87},"https://ubuntu.com/security/CVE-2018-17972",[60],[67],{"url":89,"sources":90,"tags":91},"https://ubuntu.com/security/CVE-2018-18021",[60],[67],[],[],[],[96,108],{"ecosystem":97,"name":98,"vendor":99,"product":98,"cpe_part":9,"purl_type":100,"purl_namespace":99,"purl_name":98,"source":9,"versions":101},"Ubuntu","linux-aws","ubuntu","deb",[102],{"version":103,"is_range":104,"range_type":105,"version_start":9,"version_start_type":9,"version_end":106,"version_end_type":107,"fixed_in":9},"lt4_4_0_1034_37",true,"ecosystem","4.4.0-1034.37","excluding",{"ecosystem":97,"name":109,"vendor":99,"product":109,"cpe_part":9,"purl_type":100,"purl_namespace":99,"purl_name":109,"source":9,"versions":110},"linux-lts-xenial",[111],{"version":112,"is_range":104,"range_type":105,"version_start":9,"version_start_type":9,"version_end":113,"version_end_type":107,"fixed_in":9},"lt4_4_0_139_165~14_04_1","4.4.0-139.165~14.04.1"]