Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports

Toggle filters

71 – 80 of 595 results

CVE-2019-11487

Low priority

Some fixes available 36 of 58

The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h,...

36 affected packages

linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Fixed Fixed
linux-aws Fixed Fixed
linux-aws-5.0 Not affected Not in release
linux-aws-hwe Not in release Fixed
linux-azure Fixed Fixed
linux-azure-5.3 Not affected Not in release
linux-azure-edge Fixed Fixed
linux-euclid Not in release Ignored
linux-flo Not in release Ignored
linux-gcp Fixed Fixed
linux-gcp-5.3 Not affected Not in release
linux-gcp-edge Fixed Not in release
linux-gke Not in release Ignored
linux-gke-4.15 Fixed Not in release
linux-gke-5.0 Not affected Not in release
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Fixed Fixed
linux-hwe-edge Ignored Fixed
linux-kvm Fixed Fixed
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Fixed Ignored
linux-oem-5.4 Not in release Not in release
linux-oem-osp1 Fixed Not in release
linux-oracle Fixed Fixed
linux-oracle-5.0 Not affected Not in release
linux-raspi2 Fixed Fixed
linux-raspi2-5.3 Not affected Not in release
linux-snapdragon Fixed Fixed
Show all 36 packages Show less packages

CVE-2019-3901

Medium priority

Some fixes available 4 of 11

A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for...

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Fixed
linux-aws Not affected Not affected
linux-aws-hwe Not in release Not affected
linux-azure Not affected Not affected
linux-azure-edge Not affected Not affected
linux-euclid Not in release Not affected
linux-flo Not in release Ignored
linux-gcp Not affected Not affected
linux-gcp-edge Not affected Not in release
linux-gke Not affected Ignored
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not affected Not affected
linux-hwe-edge Not affected Not affected
linux-kvm Not affected Not affected
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Not affected Ignored
linux-oracle Not affected Not affected
linux-raspi2 Not affected Fixed
linux-snapdragon Not affected Fixed
Show all 27 packages Show less packages

CVE-2019-9503

Medium priority

Some fixes available 43 of 53

The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the...

29 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Fixed Fixed
linux-aws Fixed Fixed
linux-aws-hwe Not in release Fixed
linux-azure Fixed Fixed
linux-azure-edge Fixed Fixed
linux-euclid Not in release Ignored
linux-flo Not in release Ignored
linux-gcp Fixed Fixed
linux-gcp-edge Fixed Not in release
linux-gke Not in release Ignored
linux-gke-4.15 Fixed Not in release
linux-gke-5.0 Not affected Not in release
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Fixed Fixed
linux-hwe-edge Not affected Fixed
linux-kvm Fixed Fixed
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Fixed Ignored
linux-oracle Fixed Fixed
linux-raspi2 Fixed Fixed
linux-snapdragon Fixed Fixed
Show all 29 packages Show less packages

CVE-2019-9500

Medium priority

Some fixes available 37 of 43

The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be...

29 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Fixed Not affected
linux-aws Fixed Not affected
linux-aws-hwe Not in release Fixed
linux-azure Fixed Fixed
linux-azure-edge Fixed Fixed
linux-euclid Not in release Not affected
linux-flo Not in release Ignored
linux-gcp Fixed Fixed
linux-gcp-edge Fixed Not in release
linux-gke Not in release Ignored
linux-gke-4.15 Fixed Not in release
linux-gke-5.0 Not affected Not in release
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Fixed Fixed
linux-hwe-edge Not affected Fixed
linux-kvm Fixed Not affected
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Fixed Ignored
linux-oracle Fixed Fixed
linux-raspi2 Fixed Not affected
linux-snapdragon Not affected Not affected
Show all 29 packages Show less packages

CVE-2019-3837

Medium priority

Some fixes available 1 of 5

It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel...

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected
linux-aws Not affected Not affected
linux-aws-hwe Not in release Not affected
linux-azure Not affected Not affected
linux-azure-edge Not affected Not affected
linux-euclid Not in release Ignored
linux-flo Not in release Ignored
linux-gcp Not affected Not affected
linux-gcp-edge Not affected Not in release
linux-gke Not affected Ignored
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not affected Not affected
linux-hwe-edge Not affected Not affected
linux-kvm Not affected Not affected
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Not affected Ignored
linux-oracle Not affected Not affected
linux-raspi2 Not affected Not affected
linux-snapdragon Not affected Not affected
Show all 27 packages Show less packages

CVE-2019-11191

Negligible priority

Some fixes available 37 of 46

** DISPUTED ** The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in...

29 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Fixed Fixed
linux-aws Fixed Fixed
linux-aws-hwe Not in release Fixed
linux-azure Fixed Fixed
linux-azure-edge Fixed Fixed
linux-euclid Not in release Ignored
linux-flo Not in release Ignored
linux-gcp Fixed Fixed
linux-gcp-edge Fixed Not in release
linux-gke Not in release Ignored
linux-gke-4.15 Fixed Not in release
linux-gke-5.0 Not affected Not in release
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Fixed Fixed
linux-hwe-edge Not affected Fixed
linux-kvm Fixed Fixed
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Fixed Ignored
linux-oracle Fixed Fixed
linux-raspi2 Fixed Fixed
linux-snapdragon Fixed Fixed
Show all 29 packages Show less packages

CVE-2019-11190

Low priority

Some fixes available 8 of 16

The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has...

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Fixed
linux-aws Not affected Fixed
linux-aws-hwe Not in release Not affected
linux-azure Not affected Not affected
linux-azure-edge Not affected Not affected
linux-euclid Not in release Ignored
linux-flo Not in release Ignored
linux-gcp Not affected Not affected
linux-gcp-edge Not affected Not in release
linux-gke Not affected Ignored
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not affected Not affected
linux-hwe-edge Not affected Not affected
linux-kvm Not affected Fixed
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Not affected Ignored
linux-oracle Not affected Not affected
linux-raspi2 Not affected Fixed
linux-snapdragon Fixed Fixed
Show all 27 packages Show less packages

CVE-2019-3887

Medium priority

Some fixes available 17 of 23

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when...

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected
linux-aws Not affected Not affected
linux-aws-hwe Not in release Not affected
linux-azure Fixed Not affected
linux-azure-edge Fixed Not affected
linux-euclid Not in release Not affected
linux-flo Not in release Ignored
linux-gcp Not affected Not affected
linux-gcp-edge Fixed Not in release
linux-gke Not affected Ignored
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Fixed Not affected
linux-hwe-edge Not affected Not affected
linux-kvm Not affected Not affected
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Not affected Ignored
linux-oracle Not affected Not affected
linux-raspi2 Not affected Not affected
linux-snapdragon Not affected Not affected
Show all 27 packages Show less packages

CVE-2018-20449

Negligible priority
Ignored

The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected
linux-aws Not affected Not affected
linux-aws-hwe Not in release Not affected
linux-azure Not affected Not affected
linux-azure-edge Not affected Not affected
linux-euclid Not in release Ignored
linux-flo Not in release Ignored
linux-gcp Not affected Not affected
linux-gcp-edge Not affected Not in release
linux-gke Not affected Ignored
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not affected Not affected
linux-hwe-edge Not affected Not affected
linux-kvm Not affected Not affected
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Not affected Ignored
linux-oracle Not affected Not affected
linux-raspi2 Not affected Not affected
linux-snapdragon Not affected Not affected
Show all 27 packages Show less packages

CVE-2019-10125

Medium priority
Ignored

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return...

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected
linux-aws Not affected Not affected
linux-aws-hwe Not in release Not affected
linux-azure Not affected Not affected
linux-azure-edge Not affected Not affected
linux-euclid Not in release Ignored
linux-flo Not in release Ignored
linux-gcp Not affected Not affected
linux-gcp-edge Not affected Not in release
linux-gke Not affected Ignored
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not affected Not affected
linux-hwe-edge Not affected Not affected
linux-kvm Not affected Not affected
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Not affected Ignored
linux-oracle Not affected Not affected
linux-raspi2 Not affected Not affected
linux-snapdragon Not affected Not affected
Show all 27 packages Show less packages
  1. Previous page
  2. 6
  3. 7
  4. 8
  5. 9
  6. 10
  7. Next page
Export to JSON