Search CVE reports
21 – 30 of 1477 results
CVE-2019-13648
Medium prioritySome fixes available 8 of 14
In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that...
36 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-5.0 | — | — | — | Not affected | Not in release |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-5.3 | — | — | — | Not affected | Not in release |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Not affected |
| linux-flo | — | — | — | Not in release | Not affected |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gcp-5.3 | — | — | — | Not affected | Not in release |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not in release | Not affected |
| linux-gke-4.15 | — | — | — | Not affected | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Not affected |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Ignored | Fixed |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Not affected |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Not affected |
| linux-oem-5.4 | — | — | — | Not in release | Not in release |
| linux-oem-osp1 | — | — | — | Fixed | Not in release |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-oracle-5.0 | — | — | — | Not affected | Not in release |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2019-13631
Low prioritySome fixes available 37 of 56
In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.
38 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | Not affected | Fixed | Fixed |
| linux-aws | — | — | Not affected | Fixed | Fixed |
| linux-aws-5.0 | — | — | Not in release | Not affected | Not in release |
| linux-aws-hwe | — | — | Not in release | Not in release | Fixed |
| linux-azure | — | — | Not affected | Fixed | Fixed |
| linux-azure-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-azure-edge | — | — | Not in release | Fixed | Fixed |
| linux-euclid | — | — | Not in release | Not in release | Ignored |
| linux-flo | — | — | Not in release | Not in release | Ignored |
| linux-gcp | — | — | Not affected | Fixed | Fixed |
| linux-gcp-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-gcp-edge | — | — | Not in release | Fixed | Not in release |
| linux-gke | — | — | Not affected | Not in release | Ignored |
| linux-gke-4.15 | — | — | Not in release | Fixed | Not in release |
| linux-gke-5.0 | — | — | Not in release | Fixed | Not in release |
| linux-gke-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-goldfish | — | — | Not in release | Not in release | Ignored |
| linux-grouper | — | — | Not in release | Not in release | Not in release |
| linux-hwe | — | — | Not in release | Fixed | Fixed |
| linux-hwe-edge | — | — | Not in release | Ignored | Fixed |
| linux-kvm | — | — | Not affected | Fixed | Fixed |
| linux-lts-trusty | — | — | Not in release | Not in release | Not in release |
| linux-lts-utopic | — | — | Not in release | Not in release | Not in release |
| linux-lts-vivid | — | — | Not in release | Not in release | Not in release |
| linux-lts-wily | — | — | Not in release | Not in release | Not in release |
| linux-lts-xenial | — | — | Not in release | Not in release | Not in release |
| linux-maguro | — | — | Not in release | Not in release | Not in release |
| linux-mako | — | — | Not in release | Not in release | Ignored |
| linux-manta | — | — | Not in release | Not in release | Not in release |
| linux-oem | — | — | Not in release | Fixed | Ignored |
| linux-oem-5.6 | — | — | Not affected | Not in release | Not in release |
| linux-oem-osp1 | — | — | Not in release | Fixed | Not in release |
| linux-oracle | — | — | Not affected | Fixed | Fixed |
| linux-oracle-5.0 | — | — | Not in release | Not affected | Not in release |
| linux-oracle-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-raspi2 | — | — | Not affected | Fixed | Fixed |
| linux-raspi2-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-snapdragon | — | — | Not in release | Fixed | Fixed |
CVE-2019-13272
Medium prioritySome fixes available 37 of 54
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging...
36 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-aws-5.0 | — | — | — | Not affected | Not in release |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-5.3 | — | — | — | Not affected | Not in release |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-5.3 | — | — | — | Not affected | Not in release |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Fixed | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Ignored | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oem-5.4 | — | — | — | Not in release | Not in release |
| linux-oem-osp1 | — | — | — | Fixed | Not in release |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-oracle-5.0 | — | — | — | Not affected | Not in release |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
| linux-snapdragon | — | — | — | Fixed | Fixed |
CVE-2019-10639
Medium prioritySome fixes available 35 of 52
The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using...
36 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-aws-5.0 | — | — | — | Not affected | Not in release |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-5.3 | — | — | — | Not affected | Not in release |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-5.3 | — | — | — | Not affected | Not in release |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Fixed | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Fixed | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oem-5.4 | — | — | — | Not in release | Not in release |
| linux-oem-osp1 | — | — | — | Not affected | Not in release |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-oracle-5.0 | — | — | — | Not affected | Not in release |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
| linux-snapdragon | — | — | — | Fixed | Fixed |
CVE-2019-10638
Medium prioritySome fixes available 37 of 56
In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination...
36 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-aws-5.0 | — | — | — | Not affected | Not in release |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-5.3 | — | — | — | Not affected | Not in release |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-5.3 | — | — | — | Not affected | Not in release |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Fixed | Not in release |
| linux-gke-5.0 | — | — | — | Fixed | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Ignored | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oem-5.4 | — | — | — | Not in release | Not in release |
| linux-oem-osp1 | — | — | — | Fixed | Not in release |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-oracle-5.0 | — | — | — | Not affected | Not in release |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
| linux-snapdragon | — | — | — | Fixed | Fixed |
CVE-2019-13233
Medium prioritySome fixes available 32 of 50
In arch/x86/lib/insn-eval.c in the Linux kernel before 5.1.9, there is a use-after-free for access to an LDT entry because of a race condition between modify_ldt() and a #BR exception for an MPX bounds violation.
36 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Not affected |
| linux-aws | — | — | — | Fixed | Not affected |
| linux-aws-5.0 | — | — | — | Not affected | Not in release |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-5.3 | — | — | — | Not affected | Not in release |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-5.3 | — | — | — | Not affected | Not in release |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Fixed | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Ignored | Fixed |
| linux-kvm | — | — | — | Fixed | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oem-5.4 | — | — | — | Not in release | Not in release |
| linux-oem-osp1 | — | — | — | Fixed | Not in release |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-oracle-5.0 | — | — | — | Not affected | Not in release |
| linux-raspi2 | — | — | — | Fixed | Not affected |
| linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
| linux-snapdragon | — | — | — | Fixed | Not affected |
CVE-2019-12984
Medium prioritySome fixes available 32 of 50
A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omits certain NFC attributes,...
36 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Not affected |
| linux-aws | — | — | — | Fixed | Not affected |
| linux-aws-5.0 | — | — | — | Not affected | Not in release |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-5.3 | — | — | — | Not affected | Not in release |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-5.3 | — | — | — | Not affected | Not in release |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Fixed | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Ignored | Fixed |
| linux-kvm | — | — | — | Fixed | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oem-5.4 | — | — | — | Not in release | Not in release |
| linux-oem-osp1 | — | — | — | Fixed | Not in release |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-oracle-5.0 | — | — | — | Not affected | Not in release |
| linux-raspi2 | — | — | — | Fixed | Not affected |
| linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
| linux-snapdragon | — | — | — | Fixed | Not affected |
CVE-2019-12817
High prioritySome fixes available 4 of 7
arch/powerpc/mm/mmu_context_book3s64.c in the Linux kernel before 5.1.15 for powerpc has a bug where unrelated processes may be able to read/write to one another's virtual memory under certain conditions via an mmap above 512 TB....
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Not affected |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not affected | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Not affected |
| linux-hwe-edge | — | — | — | Fixed | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Not affected |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2019-2025
Medium priorityIn binder_thread_read of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not...
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not affected | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2019-3896
Medium priorityA double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |