Search CVE reports
61 – 70 of 595 results
CVE-2019-11810
Low prioritySome fixes available 37 of 52
An issue was discovered in the Linux kernel before 5.0.7. A NULL pointer dereference can occur when megasas_create_frame_pool() fails in megasas_alloc_cmds() in drivers/scsi/megaraid/megaraid_sas_base.c. This causes a Denial of...
36 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-aws-5.0 | — | — | — | Not affected | Not in release |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-5.3 | — | — | — | Not affected | Not in release |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-5.3 | — | — | — | Not affected | Not in release |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Fixed | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Fixed | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oem-5.4 | — | — | — | Not in release | Not in release |
| linux-oem-osp1 | — | — | — | Not affected | Not in release |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-oracle-5.0 | — | — | — | Not affected | Not in release |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
| linux-snapdragon | — | — | — | Fixed | Fixed |
CVE-2018-20836
Low prioritySome fixes available 32 of 40
An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
29 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Not affected | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-snapdragon | — | — | — | Fixed | Fixed |
CVE-2019-11683
Medium prioritySome fixes available 7 of 13
udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP...
29 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Not affected | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2018-20510
Negligible prioritySome fixes available 6 of 14
The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "*from *code *flags" lines in a debugfs file.
28 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Fixed |
| linux-azure-edge | — | — | — | Not affected | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Fixed |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Fixed | Not affected |
CVE-2018-20509
Negligible prioritySome fixes available 6 of 14
The print_binder_ref_olocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading " ref *desc *node" lines in a debugfs file.
28 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Fixed |
| linux-azure-edge | — | — | — | Not affected | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Fixed |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Fixed | Not affected |
CVE-2019-11599
Medium prioritySome fixes available 36 of 55
The coredump implementation in the Linux kernel before 5.0.10 does not use locking or other mechanisms to prevent vma layout or vma flags changes while it runs, which allows local users to obtain sensitive information, cause a...
36 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-aws-5.0 | — | — | — | Not affected | Not in release |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-5.3 | — | — | — | Not affected | Not in release |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-5.3 | — | — | — | Not affected | Not in release |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Fixed | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Ignored | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oem-5.4 | — | — | — | Not in release | Not in release |
| linux-oem-osp1 | — | — | — | Fixed | Not in release |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-oracle-5.0 | — | — | — | Not affected | Not in release |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
| linux-snapdragon | — | — | — | Fixed | Fixed |
CVE-2019-3900
Medium prioritySome fixes available 37 of 59
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets faster than the other end can...
36 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-aws-5.0 | — | — | — | Not affected | Not in release |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-5.3 | — | — | — | Not affected | Not in release |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-5.3 | — | — | — | Not affected | Not in release |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Fixed | Not in release |
| linux-gke-5.0 | — | — | — | Fixed | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Ignored | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oem-5.4 | — | — | — | Not in release | Not in release |
| linux-oem-osp1 | — | — | — | Fixed | Not in release |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-oracle-5.0 | — | — | — | Not affected | Not in release |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
| linux-snapdragon | — | — | — | Fixed | Fixed |
CVE-2019-3882
Low prioritySome fixes available 45 of 53
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local attacker is administratively...
29 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Fixed | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-snapdragon | — | — | — | Fixed | Fixed |
CVE-2019-11486
Low prioritySome fixes available 35 of 53
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
29 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Fixed | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Fixed | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-snapdragon | — | — | — | Fixed | Fixed |
CVE-2013-7470
Medium prioritycipso_v4_validate in include/net/cipso_ipv4.h in the Linux kernel before 3.11.7, when CONFIG_NETLABEL is disabled, allows attackers to cause a denial of service (infinite loop and crash), as demonstrated by icmpsic, a different...
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not affected | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |