Search CVE reports
211 – 220 of 1467 results
CVE-2017-9242
Medium prioritySome fixes available 16 of 25
The __ip6_append_data function in net/ipv6/ip6_output.c in the Linux kernel through 4.11.3 is too late in checking whether an overwrite of an skb data structure may occur, which allows local users to cause a denial of...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-armadaxp | — | — | — | Not in release | Not in release |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Not affected |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gke | — | — | — | Not in release | Fixed |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Fixed | Fixed |
linux-kvm | — | — | — | Not affected | Not affected |
linux-linaro-omap | — | — | — | Not in release | Not in release |
linux-linaro-shared | — | — | — | Not in release | Not in release |
linux-linaro-vexpress | — | — | — | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Not affected |
linux-qcm-msm | — | — | — | Not in release | Not in release |
linux-raspi2 | — | — | — | Not affected | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2017-1000363
Low prioritySome fixes available 15 of 25
Linux drivers/char/lp.c Out-of-Bounds Write. Due to a missing bounds check, and the fact that parport_ptr integer is static, a 'secure boot' kernel command line adversary (can happen due to bootloader vulns, e.g. Google Nexus 6's...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-armadaxp | — | — | — | Not in release | Not in release |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Not affected |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gke | — | — | — | Not in release | Fixed |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Fixed | Fixed |
linux-kvm | — | — | — | Not affected | Not affected |
linux-linaro-omap | — | — | — | Not in release | Not in release |
linux-linaro-shared | — | — | — | Not in release | Not in release |
linux-linaro-vexpress | — | — | — | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Not affected |
linux-qcm-msm | — | — | — | Not in release | Not in release |
linux-raspi2 | — | — | — | Not affected | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2017-9211
Low prioritySome fixes available 3 of 11
The crypto_skcipher_init_tfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows local users to cause a denial of service (NULL...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Not affected |
linux-armadaxp | — | — | — | — | Not in release |
linux-aws | — | — | — | — | Not affected |
linux-azure | — | — | — | — | Not affected |
linux-euclid | — | — | — | — | Not affected |
linux-flo | — | — | — | — | Ignored |
linux-gcp | — | — | — | — | Fixed |
linux-gke | — | — | — | — | Not affected |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-hwe | — | — | — | — | Fixed |
linux-hwe-edge | — | — | — | — | Fixed |
linux-kvm | — | — | — | — | Not affected |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Ignored |
linux-manta | — | — | — | — | Not in release |
linux-oem | — | — | — | — | Not affected |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Not affected |
linux-snapdragon | — | — | — | — | Not affected |
linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2017-9150
Medium prioritySome fixes available 13 of 20
The do_check function in kernel/bpf/verifier.c in the Linux kernel before 4.11.1 does not make the allow_ptr_leaks value available for restricting the output of the print_bpf_insn function, which allows local users to obtain...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Fixed |
linux-armadaxp | — | — | — | — | Not in release |
linux-aws | — | — | — | — | Fixed |
linux-azure | — | — | — | — | Not affected |
linux-euclid | — | — | — | — | Ignored |
linux-flo | — | — | — | — | Ignored |
linux-gcp | — | — | — | — | Not affected |
linux-gke | — | — | — | — | Fixed |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-hwe | — | — | — | — | Fixed |
linux-hwe-edge | — | — | — | — | Fixed |
linux-kvm | — | — | — | — | Not affected |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Ignored |
linux-manta | — | — | — | — | Not in release |
linux-oem | — | — | — | — | Not affected |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Fixed |
linux-snapdragon | — | — | — | — | Fixed |
linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2017-9077
Medium prioritySome fixes available 16 of 25
The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-armadaxp | — | — | — | Not in release | Not in release |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Not affected |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gke | — | — | — | Not in release | Fixed |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Fixed | Fixed |
linux-kvm | — | — | — | Not affected | Not affected |
linux-linaro-omap | — | — | — | Not in release | Not in release |
linux-linaro-shared | — | — | — | Not in release | Not in release |
linux-linaro-vexpress | — | — | — | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Not affected |
linux-qcm-msm | — | — | — | Not in release | Not in release |
linux-raspi2 | — | — | — | Not affected | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2017-9076
Medium prioritySome fixes available 16 of 25
The dccp_v6_request_recv_sock function in net/dccp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-armadaxp | — | — | — | Not in release | Not in release |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Not affected |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gke | — | — | — | Not in release | Fixed |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Fixed | Fixed |
linux-kvm | — | — | — | Not affected | Not affected |
linux-linaro-omap | — | — | — | Not in release | Not in release |
linux-linaro-shared | — | — | — | Not in release | Not in release |
linux-linaro-vexpress | — | — | — | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Not affected |
linux-qcm-msm | — | — | — | Not in release | Not in release |
linux-raspi2 | — | — | — | Not affected | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2017-9075
Medium prioritySome fixes available 16 of 25
The sctp_v6_create_accept_sk function in net/sctp/ipv6.c in the Linux kernel through 4.11.1 mishandles inheritance, which allows local users to cause a denial of service or possibly have unspecified other impact via crafted system...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-armadaxp | — | — | — | Not in release | Not in release |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Not affected |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gke | — | — | — | Not in release | Fixed |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Fixed | Fixed |
linux-kvm | — | — | — | Not affected | Not affected |
linux-linaro-omap | — | — | — | Not in release | Not in release |
linux-linaro-shared | — | — | — | Not in release | Not in release |
linux-linaro-vexpress | — | — | — | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Not affected |
linux-qcm-msm | — | — | — | Not in release | Not in release |
linux-raspi2 | — | — | — | Not affected | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2017-9074
Medium prioritySome fixes available 16 of 25
The IPv6 fragmentation implementation in the Linux kernel through 4.11.1 does not consider that the nexthdr field may be associated with an invalid option, which allows local users to cause a denial of service (out-of-bounds read...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-armadaxp | — | — | — | Not in release | Not in release |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Not affected |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gke | — | — | — | Not in release | Fixed |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Fixed | Fixed |
linux-kvm | — | — | — | Not affected | Not affected |
linux-linaro-omap | — | — | — | Not in release | Not in release |
linux-linaro-shared | — | — | — | Not in release | Not in release |
linux-linaro-vexpress | — | — | — | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Not affected |
linux-qcm-msm | — | — | — | Not in release | Not in release |
linux-raspi2 | — | — | — | Not affected | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2017-9059
Medium prioritySome fixes available 4 of 20
The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service (resource consumption) by leveraging improper channel callback shutdown when unmounting an NFSv4 filesystem, aka a "module...
36 affected packages
linux, linux-armadaxp, linux-aws, linux-aws-hwe, linux-azure...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Not affected |
linux-armadaxp | — | — | — | Not in release | Not in release |
linux-aws | — | — | — | Not affected | Not affected |
linux-aws-hwe | — | — | — | Not in release | Not affected |
linux-azure | — | — | — | Not affected | Fixed |
linux-azure-edge | — | — | — | Not affected | Not affected |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Fixed |
linux-gcp-edge | — | — | — | Not affected | Not in release |
linux-gke | — | — | — | Not in release | Ignored |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Not affected | Fixed |
linux-kvm | — | — | — | Not affected | Not affected |
linux-linaro-omap | — | — | — | Not in release | Not in release |
linux-linaro-shared | — | — | — | Not in release | Not in release |
linux-linaro-vexpress | — | — | — | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Not affected |
linux-oracle | — | — | — | Not affected | Not affected |
linux-qcm-msm | — | — | — | Not in release | Not in release |
linux-raspi2 | — | — | — | Not affected | Not affected |
linux-snapdragon | — | — | — | Not affected | Not affected |
linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2017-7495
Medium prioritySome fixes available 9 of 16
fs/ext4/inode.c in the Linux kernel before 4.6.2, when ext4 data=ordered mode is used, mishandles a needs-flushing-before-commit list, which allows local users to obtain sensitive information from other users' files...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Fixed |
linux-armadaxp | — | — | — | — | Not in release |
linux-aws | — | — | — | — | Fixed |
linux-azure | — | — | — | — | Not affected |
linux-euclid | — | — | — | — | Ignored |
linux-flo | — | — | — | — | Ignored |
linux-gcp | — | — | — | — | Not affected |
linux-gke | — | — | — | — | Fixed |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-hwe | — | — | — | — | Not affected |
linux-hwe-edge | — | — | — | — | Not affected |
linux-kvm | — | — | — | — | Fixed |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Ignored |
linux-manta | — | — | — | — | Not in release |
linux-oem | — | — | — | — | Not affected |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Fixed |
linux-snapdragon | — | — | — | — | Fixed |
linux-ti-omap4 | — | — | — | — | Not in release |