Search CVE reports

81 – 90 of 595 results

Detailed view

Sort by:

CVE-2019-3874

Medium priority

Some fixes available 45 of 53

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.

29 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Fixed	Fixed
linux-aws	—	—	—	Fixed	Fixed
linux-aws-hwe	—	—	—	Not in release	Fixed
linux-azure	—	—	—	Fixed	Fixed
linux-azure-edge	—	—	—	Fixed	Fixed
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Fixed	Fixed
linux-gcp-edge	—	—	—	Fixed	Not in release
linux-gke	—	—	—	Not in release	Ignored
linux-gke-4.15	—	—	—	Fixed	Not in release
linux-gke-5.0	—	—	—	Not affected	Not in release
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Fixed	Fixed
linux-hwe-edge	—	—	—	Not affected	Fixed
linux-kvm	—	—	—	Fixed	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Fixed	Ignored
linux-oracle	—	—	—	Fixed	Fixed
linux-raspi2	—	—	—	Fixed	Fixed
linux-snapdragon	—	—	—	Fixed	Fixed

CVE-2019-9857

Medium priority

Ignored

In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory...

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Not affected	Not affected
linux-aws	—	—	—	Not affected	Not affected
linux-aws-hwe	—	—	—	Not in release	Not affected
linux-azure	—	—	—	Not affected	Not affected
linux-azure-edge	—	—	—	Not affected	Not affected
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Not affected	Not affected
linux-gcp-edge	—	—	—	Not affected	Not in release
linux-gke	—	—	—	Not affected	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Not affected
linux-hwe-edge	—	—	—	Not affected	Not affected
linux-kvm	—	—	—	Not affected	Not affected
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Ignored
linux-oracle	—	—	—	Not affected	Not affected
linux-raspi2	—	—	—	Not affected	Not affected
linux-snapdragon	—	—	—	Not affected	Not affected

CVE-2018-20669

Low priority

Some fixes available 22 of 40

An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a...

49 affected packages

linux, linux-aws, linux-aws-5.0, linux-aws-5.3, linux-aws-5.4...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	Not affected	Fixed	Not affected
linux-aws	—	—	Not affected	Fixed	Not affected
linux-aws-5.0	—	—	Not in release	Not affected	Not in release
linux-aws-5.3	—	—	Not in release	Not affected	Not in release
linux-aws-5.4	—	—	Not in release	Not affected	Not in release
linux-aws-hwe	—	—	Not in release	Not in release	Fixed
linux-azure	—	—	Not affected	Fixed	Fixed
linux-azure-4.15	—	—	Not in release	Fixed	Not in release
linux-azure-5.3	—	—	Not in release	Not affected	Not in release
linux-azure-5.4	—	—	Not in release	Not affected	Not in release
linux-azure-edge	—	—	Not in release	Fixed	Not in release
linux-euclid	—	—	Not in release	Not in release	Ignored
linux-flo	—	—	Not in release	Not in release	Ignored
linux-gcp	—	—	Not affected	Fixed	Fixed
linux-gcp-4.15	—	—	Not in release	Fixed	Not in release
linux-gcp-5.3	—	—	Not in release	Not affected	Not in release
linux-gcp-5.4	—	—	Not in release	Not affected	Not in release
linux-gcp-edge	—	—	Not in release	Fixed	Not in release
linux-gke	—	—	Not affected	Not in release	Ignored
linux-gke-4.15	—	—	Not in release	Fixed	Not in release
linux-gke-5.0	—	—	Not in release	Not affected	Not in release
linux-gke-5.3	—	—	Not in release	Not affected	Not in release
linux-goldfish	—	—	Not in release	Not in release	Ignored
linux-grouper	—	—	Not in release	Not in release	Not in release
linux-hwe	—	—	Not in release	Fixed	Fixed
linux-hwe-5.4	—	—	Not in release	Not affected	Not in release
linux-hwe-edge	—	—	Not in release	Not affected	Ignored
linux-kvm	—	—	Not affected	Fixed	Not affected
linux-lts-trusty	—	—	Not in release	Not in release	Not in release
linux-lts-utopic	—	—	Not in release	Not in release	Not in release
linux-lts-vivid	—	—	Not in release	Not in release	Not in release
linux-lts-wily	—	—	Not in release	Not in release	Not in release
linux-lts-xenial	—	—	Not in release	Not in release	Not in release
linux-maguro	—	—	Not in release	Not in release	Not in release
linux-mako	—	—	Not in release	Not in release	Ignored
linux-manta	—	—	Not in release	Not in release	Not in release
linux-oem	—	—	Not in release	Fixed	Ignored
linux-oem-5.6	—	—	Not affected	Not in release	Not in release
linux-oem-osp1	—	—	Not in release	Not affected	Not in release
linux-oracle	—	—	Not affected	Fixed	Fixed
linux-oracle-5.0	—	—	Not in release	Not affected	Not in release
linux-oracle-5.3	—	—	Not in release	Not affected	Not in release
linux-oracle-5.4	—	—	Not in release	Not affected	Not in release
linux-raspi	—	—	Not affected	Not in release	Not in release
linux-raspi-5.4	—	—	Not in release	Not affected	Not in release
linux-raspi2	—	—	Not affected	Fixed	Not affected
linux-raspi2-5.3	—	—	Not in release	Not affected	Not in release
linux-riscv	—	—	Not affected	Not in release	Not in release
linux-snapdragon	—	—	Not in release	Fixed	Not affected

CVE-2019-7222

Medium priority

Some fixes available 36 of 43

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Fixed	Fixed
linux-aws	—	—	—	Fixed	Fixed
linux-aws-hwe	—	—	—	Not in release	Fixed
linux-azure	—	—	—	Fixed	Fixed
linux-azure-edge	—	—	—	Fixed	Fixed
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Fixed	Fixed
linux-gcp-edge	—	—	—	Fixed	Not in release
linux-gke	—	—	—	Not affected	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Fixed	Fixed
linux-hwe-edge	—	—	—	Not affected	Fixed
linux-kvm	—	—	—	Fixed	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Fixed	Ignored
linux-oracle	—	—	—	Fixed	Fixed
linux-raspi2	—	—	—	Fixed	Fixed
linux-snapdragon	—	—	—	Fixed	Fixed

CVE-2019-7221

Medium priority

Some fixes available 35 of 42

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Fixed	Fixed
linux-aws	—	—	—	Fixed	Fixed
linux-aws-hwe	—	—	—	Not in release	Fixed
linux-azure	—	—	—	Fixed	Fixed
linux-azure-edge	—	—	—	Fixed	Fixed
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Fixed	Fixed
linux-gcp-edge	—	—	—	Fixed	Not in release
linux-gke	—	—	—	Not affected	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Fixed	Fixed
linux-hwe-edge	—	—	—	Not affected	Fixed
linux-kvm	—	—	—	Fixed	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Fixed	Ignored
linux-oracle	—	—	—	Fixed	Fixed
linux-raspi2	—	—	—	Fixed	Fixed
linux-snapdragon	—	—	—	Fixed	Fixed

CVE-2019-9213

Medium priority

Some fixes available 36 of 43

In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related...

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Fixed	Fixed
linux-aws	—	—	—	Fixed	Fixed
linux-aws-hwe	—	—	—	Not in release	Fixed
linux-azure	—	—	—	Fixed	Fixed
linux-azure-edge	—	—	—	Fixed	Fixed
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Fixed	Fixed
linux-gcp-edge	—	—	—	Fixed	Not in release
linux-gke	—	—	—	Not affected	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Fixed	Fixed
linux-hwe-edge	—	—	—	Not affected	Fixed
linux-kvm	—	—	—	Fixed	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Fixed	Ignored
linux-oracle	—	—	—	Fixed	Fixed
linux-raspi2	—	—	—	Fixed	Fixed
linux-snapdragon	—	—	—	Fixed	Fixed

CVE-2019-2001

Low priority

Some fixes available 6 of 10

The permissions on /proc/iomem were world-readable. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions:...

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Not affected	Fixed
linux-aws	—	—	—	Not affected	Fixed
linux-aws-hwe	—	—	—	Not in release	Not affected
linux-azure	—	—	—	Not affected	Not affected
linux-azure-edge	—	—	—	Not affected	Not affected
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Not affected	Not affected
linux-gcp-edge	—	—	—	Not affected	Not in release
linux-gke	—	—	—	Not affected	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Not affected
linux-hwe-edge	—	—	—	Not affected	Not affected
linux-kvm	—	—	—	Not affected	Not affected
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Ignored
linux-oracle	—	—	—	Not affected	Not affected
linux-raspi2	—	—	—	Not affected	Fixed
linux-snapdragon	—	—	—	Not affected	Fixed

CVE-2019-2000

Medium priority

Some fixes available 5 of 9

In several functions of binder.c, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Not affected	Not affected
linux-aws	—	—	—	Not affected	Not affected
linux-aws-hwe	—	—	—	Not in release	Not affected
linux-azure	—	—	—	Not affected	Fixed
linux-azure-edge	—	—	—	Not affected	Fixed
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Not affected	Fixed
linux-gcp-edge	—	—	—	Not affected	Not in release
linux-gke	—	—	—	Not affected	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Fixed
linux-hwe-edge	—	—	—	Not affected	Fixed
linux-kvm	—	—	—	Not affected	Not affected
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Ignored
linux-oracle	—	—	—	Not affected	Not affected
linux-raspi2	—	—	—	Not affected	Not affected
linux-snapdragon	—	—	—	Not affected	Not affected

CVE-2019-1999

Medium priority

Some fixes available 1 of 8

In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction...

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Not affected	Not affected
linux-aws	—	—	—	Not affected	Not affected
linux-aws-hwe	—	—	—	Not in release	Not affected
linux-azure	—	—	—	Not affected	Not affected
linux-azure-edge	—	—	—	Not affected	Not affected
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Not affected	Not affected
linux-gcp-edge	—	—	—	Not affected	Not in release
linux-gke	—	—	—	Not affected	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Not affected
linux-hwe-edge	—	—	—	Not affected	Not affected
linux-kvm	—	—	—	Not affected	Not affected
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Ignored
linux-oracle	—	—	—	Not affected	Not affected
linux-raspi2	—	—	—	Not affected	Not affected
linux-snapdragon	—	—	—	Not affected	Not affected

CVE-2019-9162

Medium priority

Some fixes available 10 of 13

In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and write operations possible,...

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Not affected	Not affected
linux-aws	—	—	—	Not affected	Not affected
linux-aws-hwe	—	—	—	Not in release	Not affected
linux-azure	—	—	—	Fixed	Not affected
linux-azure-edge	—	—	—	Fixed	Not affected
linux-euclid	—	—	—	Not in release	Not affected
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Not affected	Not affected
linux-gcp-edge	—	—	—	Fixed	Not in release
linux-gke	—	—	—	Not in release	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Fixed	Not affected
linux-hwe-edge	—	—	—	Not affected	Not affected
linux-kvm	—	—	—	Not affected	Not affected
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Ignored
linux-oracle	—	—	—	Not affected	Not affected
linux-raspi2	—	—	—	Not affected	Not affected
linux-snapdragon	—	—	—	Not affected	Not affected

Export to JSON

Results by page: