[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-USN-4095-2":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T14:53:31.930Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":11,"aliases":12,"duplicate_of":9,"upstream":13,"downstream":42,"duplicates":43,"related":44,"reserved_at":9,"published_at":52,"modified_at":53,"state":9,"summary":54,"references_raw":56,"kevs":92,"epss":9,"epss_history":93,"metrics":94,"affected":95},"USN-4095-2","linux-lts-xenial, linux-aws vulnerabilities\n\n\nUSN-4095-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04\nLTS. This update provides the corresponding updates for the Linux\nHardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu\n14.04 ESM.\n\nEli Biham and Lior Neumann discovered that the Bluetooth implementation in\nthe Linux kernel did not properly validate elliptic curve parameters during\nDiffie-Hellman key exchange in some situations. An attacker could use this\nto expose sensitive information. (CVE-2018-5383)\n\nIt was discovered that a heap buffer overflow existed in the Marvell\nWireless LAN device driver for the Linux kernel. An attacker could use this\nto cause a denial of service (system crash) or possibly execute arbitrary\ncode. (CVE-2019-10126)\n\nAndrei Vlad Lutas and Dan Lutas discovered that some x86 processors\nincorrectly handle SWAPGS instructions during speculative execution. A\nlocal attacker could use this to expose sensitive information (kernel\nmemory). (CVE-2019-1125)\n\nIt was discovered that the ext4 file system implementation in the Linux\nkernel did not properly zero out memory in some situations. A local\nattacker could use this to expose sensitive information (kernel memory).\n(CVE-2019-11833)\n\nIt was discovered that the PowerPC dlpar implementation in the Linux kernel\ndid not properly check for allocation errors in some situations. A local\nattacker could possibly use this to cause a denial of service (system\ncrash). (CVE-2019-12614)\n\nIt was discovered that the Linux kernel on ARM processors allowed a tracing\nprocess to modify a syscall after a seccomp decision had been made on that\nsyscall. A local attacker could possibly use this to bypass seccomp\nrestrictions. (CVE-2019-2054)\n\nIt was discovered that the Marvell Wireless LAN device driver in the Linux\nkernel did not properly validate the BSS descriptor. A local attacker could\npossibly use this to cause a denial of service (system crash) or possibly\nexecute arbitrary code. (CVE-2019-3846)\n",null,[],[],[],[14,16,18,20,22,24,26,28,30,32,34,36,38,40],{"_key":15},"CVE-2018-5383",{"_key":17},"CVE-2019-10126",{"_key":19},"CVE-2019-1125",{"_key":21},"CVE-2019-11833",{"_key":23},"CVE-2019-12614",{"_key":25},"CVE-2019-2054",{"_key":27},"CVE-2019-3846",{"_key":29},"UBUNTU-CVE-2018-5383",{"_key":31},"UBUNTU-CVE-2019-10126",{"_key":33},"UBUNTU-CVE-2019-1125",{"_key":35},"UBUNTU-CVE-2019-11833",{"_key":37},"UBUNTU-CVE-2019-12614",{"_key":39},"UBUNTU-CVE-2019-2054",{"_key":41},"UBUNTU-CVE-2019-3846",[],[],[45,46,47,48,49,50,51],{"_key":29},{"_key":31},{"_key":33},{"_key":35},{"_key":37},{"_key":39},{"_key":41},"2019-08-13T16:40:55Z","2026-06-03T14:04:20.933911837Z",{"cisa_kev":55,"cisa_ransomware":55,"cisa_vendor":9,"epss_severity":9,"epss_score":9,"severity":9,"severity_score":9,"severity_version":9,"severity_source":9,"severity_vector":9,"severity_status":9},false,[57,63,68,72,76,80,84,88],{"url":58,"sources":59,"tags":61},"https://ubuntu.com/security/notices/USN-4095-2",[60],"osv_ubuntu",[62],"Advisory",{"url":64,"sources":65,"tags":66},"https://ubuntu.com/security/CVE-2018-5383",[60],[67],"REPORT",{"url":69,"sources":70,"tags":71},"https://ubuntu.com/security/CVE-2019-1125",[60],[67],{"url":73,"sources":74,"tags":75},"https://ubuntu.com/security/CVE-2019-2054",[60],[67],{"url":77,"sources":78,"tags":79},"https://ubuntu.com/security/CVE-2019-3846",[60],[67],{"url":81,"sources":82,"tags":83},"https://ubuntu.com/security/CVE-2019-10126",[60],[67],{"url":85,"sources":86,"tags":87},"https://ubuntu.com/security/CVE-2019-11833",[60],[67],{"url":89,"sources":90,"tags":91},"https://ubuntu.com/security/CVE-2019-12614",[60],[67],[],[],[],[96,108],{"ecosystem":97,"name":98,"vendor":99,"product":98,"cpe_part":9,"purl_type":100,"purl_namespace":99,"purl_name":98,"source":9,"versions":101},"Ubuntu","linux-aws","ubuntu","deb",[102],{"version":103,"is_range":104,"range_type":105,"version_start":9,"version_start_type":9,"version_end":106,"version_end_type":107,"fixed_in":9},"lt4_4_0_1050_54",true,"ecosystem","4.4.0-1050.54","excluding",{"ecosystem":97,"name":109,"vendor":99,"product":109,"cpe_part":9,"purl_type":100,"purl_namespace":99,"purl_name":109,"source":9,"versions":110},"linux-lts-xenial",[111],{"version":112,"is_range":104,"range_type":105,"version_start":9,"version_start_type":9,"version_end":113,"version_end_type":107,"fixed_in":9},"lt4_4_0_159_187~14_04_1","4.4.0-159.187~14.04.1"]