[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-USN-3932-2":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":94,"duplicates":95,"related":96,"reserved_at":9,"published_at":117,"modified_at":118,"state":9,"summary":119,"references_raw":121,"kevs":209,"epss":9,"epss_history":210,"metrics":211,"affected":212},"USN-3932-2","linux-lts-xenial, linux-aws vulnerabilities\n\nUSN-3932-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 LTS.\n\nIt was discovered that a race condition existed in the f2fs file system\nimplementation in the Linux kernel. A local attacker could use this to\ncause a denial of service. (CVE-2017-18249)\n\nWen Xu discovered that the f2fs file system implementation in the Linux\nkernel did not properly validate metadata. An attacker could use this to\nconstruct a malicious f2fs image that, when mounted, could cause a denial\nof service (system crash). (CVE-2018-13097, CVE-2018-13099, CVE-2018-13100,\nCVE-2018-14614, CVE-2018-14616)\n\nWen Xu and Po-Ning Tseng discovered that btrfs file system implementation\nin the Linux kernel did not properly validate metadata. An attacker could\nuse this to construct a malicious btrfs image that, when mounted, could\ncause a denial of service (system crash). (CVE-2018-14610, CVE-2018-14611,\nCVE-2018-14612, CVE-2018-14613)\n\nVasily Averin and Evgenii Shatokhin discovered that a use-after-free\nvulnerability existed in the NFS41+ subsystem when multiple network\nnamespaces are in use. A local attacker in a container could use this to\ncause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2018-16884)\n\nIt was discovered that a use-after-free vulnerability existed in the PPP\nover L2TP implementation in the Linux kernel. A privileged local attacker\ncould use this to possibly execute arbitrary code. (CVE-2018-9517)\n\nShlomi Oberman, Yuli Shapiro, and Ran Menscher discovered an information\nleak in the Bluetooth implementation of the Linux kernel. An attacker\nwithin Bluetooth range could use this to expose sensitive information\n(kernel memory). (CVE-2019-3459, CVE-2019-3460)\n\nJann Horn discovered that the KVM implementation in the Linux kernel\ncontained a use-after-free vulnerability. An attacker in a guest VM with\naccess to /dev/kvm could use this to cause a denial of service (guest VM\ncrash). (CVE-2019-6974)\n\nJim Mattson and Felix Wilhelm discovered a use-after-free vulnerability in\nthe KVM subsystem of the Linux kernel, when using nested virtual machines.\nA local attacker in a guest VM could use this to cause a denial of service\n(system crash) or possibly execute arbitrary code in the host system.\n(CVE-2019-7221)\n\nFelix Wilhelm discovered that an information leak vulnerability existed in\nthe KVM subsystem of the Linux kernel, when nested virtualization is used.\nA local attacker could use this to expose sensitive information (host\nsystem memory to a guest VM). (CVE-2019-7222)\n\nJann Horn discovered that the mmap implementation in the Linux kernel did\nnot properly check for the mmap minimum address in some situations. A local\nattacker could use this to assist exploiting a kernel NULL pointer\ndereference vulnerability. (CVE-2019-9213)\n\nMuyu Yu discovered that the CAN implementation in the Linux kernel in some\nsituations did not properly restrict the field size when processing\noutgoing frames. A local attacker with CAP_NET_ADMIN privileges could use\nthis to execute arbitrary code. (CVE-2019-3701)\n\nVladis Dronov discovered that the debug interface for the Linux kernel's\nHID subsystem did not properly validate passed parameters in some\nsituations. A local privileged attacker could use this to cause a denial of\nservice (infinite loop). (CVE-2019-3819)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40,42,44,46,48,50,52,54,56,58,60,62,64,66,68,70,72,74,76,78,80,82,84,86,88,90,92],{"_key":15},"CVE-2017-18249",{"_key":17},"CVE-2018-13097",{"_key":19},"CVE-2018-13099",{"_key":21},"CVE-2018-13100",{"_key":23},"CVE-2018-14610",{"_key":25},"CVE-2018-14611",{"_key":27},"CVE-2018-14612",{"_key":29},"CVE-2018-14613",{"_key":31},"CVE-2018-14614",{"_key":33},"CVE-2018-14616",{"_key":35},"CVE-2018-16884",{"_key":37},"CVE-2018-9517",{"_key":39},"CVE-2019-3459",{"_key":41},"CVE-2019-3460",{"_key":43},"CVE-2019-3701",{"_key":45},"CVE-2019-3819",{"_key":47},"CVE-2019-6974",{"_key":49},"CVE-2019-7221",{"_key":51},"CVE-2019-7222",{"_key":53},"CVE-2019-9213",{"_key":55},"UBUNTU-CVE-2017-18249",{"_key":57},"UBUNTU-CVE-2018-13097",{"_key":59},"UBUNTU-CVE-2018-13099",{"_key":61},"UBUNTU-CVE-2018-13100",{"_key":63},"UBUNTU-CVE-2018-14610",{"_key":65},"UBUNTU-CVE-2018-14611",{"_key":67},"UBUNTU-CVE-2018-14612",{"_key":69},"UBUNTU-CVE-2018-14613",{"_key":71},"UBUNTU-CVE-2018-14614",{"_key":73},"UBUNTU-CVE-2018-14616",{"_key":75},"UBUNTU-CVE-2018-16884",{"_key":77},"UBUNTU-CVE-2018-9517",{"_key":79},"UBUNTU-CVE-2019-3459",{"_key":81},"UBUNTU-CVE-2019-3460",{"_key":83},"UBUNTU-CVE-2019-3701",{"_key":85},"UBUNTU-CVE-2019-3819",{"_key":87},"UBUNTU-CVE-2019-6974",{"_key":89},"UBUNTU-CVE-2019-7221",{"_key":91},"UBUNTU-CVE-2019-7222",{"_key":93},"UBUNTU-CVE-2019-9213",[],[],[97,98,99,100,101,102,103,104,105,106,107,108,109,110,111,112,113,114,115,116],{"_key":55},{"_key":57},{"_key":59},{"_key":61},{"_key":63},{"_key":65},{"_key":67},{"_key":69},{"_key":71},{"_key":73},{"_key":75},{"_key":77},{"_key":79},{"_key":81},{"_key":83},{"_key":85},{"_key":87},{"_key":89},{"_key":91},{"_key":93},"2019-04-02T21:18:19Z","2026-06-03T14:04:23.859569017Z",{"cisa_kev":120,"cisa_ransomware":120,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[122,128,133,137,141,145,149,153,157,161,165,169,173,177,181,185,189,193,197,201,205],{"url":123,"sources":124,"tags":126},"https://ubuntu.com/security/notices/USN-3932-2",[125],"osv_ubuntu",[127],"Advisory",{"url":129,"sources":130,"tags":131},"https://ubuntu.com/security/CVE-2017-18249",[125],[132],"REPORT",{"url":134,"sources":135,"tags":136},"https://ubuntu.com/security/CVE-2018-9517",[125],[132],{"url":138,"sources":139,"tags":140},"https://ubuntu.com/security/CVE-2018-13097",[125],[132],{"url":142,"sources":143,"tags":144},"https://ubuntu.com/security/CVE-2018-13099",[125],[132],{"url":146,"sources":147,"tags":148},"https://ubuntu.com/security/CVE-2018-13100",[125],[132],{"url":150,"sources":151,"tags":152},"https://ubuntu.com/security/CVE-2018-14610",[125],[132],{"url":154,"sources":155,"tags":156},"https://ubuntu.com/security/CVE-2018-14611",[125],[132],{"url":158,"sources":159,"tags":160},"https://ubuntu.com/security/CVE-2018-14612",[125],[132],{"url":162,"sources":163,"tags":164},"https://ubuntu.com/security/CVE-2018-14613",[125],[132],{"url":166,"sources":167,"tags":168},"https://ubuntu.com/security/CVE-2018-14614",[125],[132],{"url":170,"sources":171,"tags":172},"https://ubuntu.com/security/CVE-2018-14616",[125],[132],{"url":174,"sources":175,"tags":176},"https://ubuntu.com/security/CVE-2018-16884",[125],[132],{"url":178,"sources":179,"tags":180},"https://ubuntu.com/security/CVE-2019-3459",[125],[132],{"url":182,"sources":183,"tags":184},"https://ubuntu.com/security/CVE-2019-3460",[125],[132],{"url":186,"sources":187,"tags":188},"https://ubuntu.com/security/CVE-2019-3701",[125],[132],{"url":190,"sources":191,"tags":192},"https://ubuntu.com/security/CVE-2019-3819",[125],[132],{"url":194,"sources":195,"tags":196},"https://ubuntu.com/security/CVE-2019-6974",[125],[132],{"url":198,"sources":199,"tags":200},"https://ubuntu.com/security/CVE-2019-7221",[125],[132],{"url":202,"sources":203,"tags":204},"https://ubuntu.com/security/CVE-2019-7222",[125],[132],{"url":206,"sources":207,"tags":208},"https://ubuntu.com/security/CVE-2019-9213",[125],[132],[],[],[],[213,225],{"ecosystem":214,"name":215,"vendor":216,"product":215,"cpe_part":9,"purl_type":217,"purl_namespace":216,"purl_name":215,"source":9,"versions":218},"Ubuntu","linux-aws","ubuntu","deb",[219],{"version":220,"is_range":221,"range_type":222,"version_start":9,"version_start_type":9,"version_end":223,"version_end_type":224,"fixed_in":9},"lt4_4_0_1040_43",true,"ecosystem","4.4.0-1040.43","excluding",{"ecosystem":214,"name":226,"vendor":216,"product":226,"cpe_part":9,"purl_type":217,"purl_namespace":216,"purl_name":226,"source":9,"versions":227},"linux-lts-xenial",[228],{"version":229,"is_range":221,"range_type":222,"version_start":9,"version_start_type":9,"version_end":230,"version_end_type":224,"fixed_in":9},"lt4_4_0_144_170~14_04_1","4.4.0-144.170~14.04.1"]