Search CVE reports
141 – 150 of 595 results
CVE-2018-14633
Medium prioritySome fixes available 21 of 25
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause...
24 affected packages
linux, linux-aws, linux-azure, linux-azure-edge, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-edge | — | — | — | Not affected | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-snapdragon | — | — | — | Not affected | Fixed |
CVE-2018-16597
Medium priorityAn issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.
24 affected packages
linux, linux-aws, linux-azure, linux-azure-edge, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2018-3574
Low priorityIn all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, userspace can request ION cache maintenance on a secure ION buffer for which the ION_FLAG_SECURE ion flag is not set and...
24 affected packages
linux, linux-aws, linux-azure, linux-azure-edge, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Not affected |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2018-17182
High prioritySome fixes available 20 of 24
An issue was discovered in the Linux kernel through 4.18.8. The vmacache_flush_all function in mm/vmacache.c mishandles sequence number overflows. An attacker can trigger a use-after-free (and possibly gain privileges) via certain...
24 affected packages
linux, linux-aws, linux-azure, linux-azure-edge, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-edge | — | — | — | Not affected | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-snapdragon | — | — | — | Not affected | Fixed |
CVE-2018-11832
Low priorityIn all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of input size validation before copying to buffer in PMIC function can lead to heap overflow.
24 affected packages
linux, linux-aws, linux-azure, linux-azure-edge, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Not affected |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2018-14641
High priorityA security flaw was found in the ip_frag_reasm() function in net/ipv4/ip_fragment.c in the Linux kernel from 4.19-rc1 to 4.19-rc3 inclusive, which can cause a later system crash in ip_do_fragment(). With certain non-default, but...
24 affected packages
linux, linux-aws, linux-azure, linux-azure-edge, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Not affected |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2018-10853
Medium prioritySome fixes available 22 of 32
A flaw was found in the way Linux kernel KVM hypervisor before 4.18 emulated instructions such as sgdt/sidt/fxsave/fxrstor. It did not check current privilege(CPL) level while emulating unprivileged instructions. An unprivileged...
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Not affected |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not affected | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-snapdragon | — | — | — | Fixed | Fixed |
CVE-2018-9518
Medium prioritySome fixes available 20 of 24
In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is...
24 affected packages
linux, linux-aws, linux-azure, linux-azure-edge, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-edge | — | — | — | Not affected | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-snapdragon | — | — | — | Not affected | Fixed |
CVE-2018-14625
Medium prioritySome fixes available 25 of 32
A flaw was found in the Linux Kernel where an attacker may be able to have an uncontrolled read to kernel-memory from within a vm guest. A race condition between connect() and close() function may allow an attacker using the...
42 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-5.3, linux-aws-hwe...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | Not affected | Fixed | Not affected |
| linux-aws | — | — | Not affected | Fixed | Not affected |
| linux-aws-5.0 | — | — | Not in release | Not affected | Not in release |
| linux-aws-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-aws-hwe | — | — | Not in release | Not in release | Fixed |
| linux-azure | — | — | Not affected | Fixed | Fixed |
| linux-azure-4.15 | — | — | Not in release | Not affected | Not in release |
| linux-azure-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-azure-edge | — | — | Not in release | Fixed | Not in release |
| linux-euclid | — | — | Not in release | Not in release | Not affected |
| linux-flo | — | — | Not in release | Not in release | Ignored |
| linux-gcp | — | — | Not affected | Fixed | Fixed |
| linux-gcp-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-gcp-edge | — | — | Not in release | Ignored | Not in release |
| linux-gke | — | — | Not affected | Not in release | Ignored |
| linux-gke-4.15 | — | — | Not in release | Not affected | Not in release |
| linux-gke-5.0 | — | — | Not in release | Not affected | Not in release |
| linux-gke-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-goldfish | — | — | Not in release | Not in release | Ignored |
| linux-grouper | — | — | Not in release | Not in release | Not in release |
| linux-hwe | — | — | Not in release | Fixed | Fixed |
| linux-hwe-edge | — | — | Not in release | Not affected | Fixed |
| linux-kvm | — | — | Not affected | Fixed | Not affected |
| linux-lts-trusty | — | — | Not in release | Not in release | Not in release |
| linux-lts-utopic | — | — | Not in release | Not in release | Not in release |
| linux-lts-vivid | — | — | Not in release | Not in release | Not in release |
| linux-lts-wily | — | — | Not in release | Not in release | Not in release |
| linux-lts-xenial | — | — | Not in release | Not in release | Not in release |
| linux-maguro | — | — | Not in release | Not in release | Not in release |
| linux-mako | — | — | Not in release | Not in release | Ignored |
| linux-manta | — | — | Not in release | Not in release | Not in release |
| linux-oem | — | — | Not in release | Fixed | Ignored |
| linux-oem-5.6 | — | — | Not affected | Not in release | Not in release |
| linux-oem-osp1 | — | — | Not in release | Not affected | Not in release |
| linux-oracle | — | — | Not affected | Fixed | Fixed |
| linux-oracle-5.0 | — | — | Not in release | Not affected | Not in release |
| linux-oracle-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-raspi | — | — | Not affected | Not in release | Not in release |
| linux-raspi2 | — | — | Not affected | Fixed | Not affected |
| linux-raspi2-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-riscv | — | — | Not affected | Not in release | Not in release |
| linux-snapdragon | — | — | Not in release | Not affected | Not affected |
CVE-2018-16658
Medium prioritySome fixes available 22 of 26
An issue was discovered in the Linux kernel before 4.18.6. An information leak in cdrom_ioctl_drive_status in drivers/cdrom/cdrom.c could be used by local attackers to read kernel memory because a cast from unsigned long to int...
24 affected packages
linux, linux-aws, linux-azure, linux-azure-edge, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-edge | — | — | — | Not affected | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-snapdragon | — | — | — | Not affected | Fixed |