Search CVE reports

231 – 240 of 595 results

Detailed view

Sort by:

CVE-2018-1120

Medium priority

Some fixes available 21 of 32

A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or...

28 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Fixed	Fixed
linux-aws	—	—	—	Fixed	Fixed
linux-aws-hwe	—	—	—	Not in release	Not affected
linux-azure	—	—	—	Fixed	Fixed
linux-azure-edge	—	—	—	Fixed	Fixed
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Fixed	Fixed
linux-gcp-edge	—	—	—	Not affected	Not in release
linux-gke	—	—	—	Not affected	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Fixed
linux-hwe-edge	—	—	—	Not affected	Fixed
linux-kvm	—	—	—	Fixed	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Fixed	Ignored
linux-oracle	—	—	—	Not affected	Not affected
linux-raspi2	—	—	—	Fixed	Fixed
linux-snapdragon	—	—	—	Fixed	Fixed
procps	—	—	—	Not affected	Not affected

CVE-2018-1130

Medium priority

Some fixes available 17 of 21

Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.

23 affected packages

linux, linux-aws, linux-azure, linux-euclid, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Not affected	Fixed
linux-aws	—	—	—	Not affected	Fixed
linux-azure	—	—	—	Not affected	Fixed
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Not affected	Fixed
linux-gke	—	—	—	Not in release	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Fixed
linux-hwe-edge	—	—	—	Fixed	Fixed
linux-kvm	—	—	—	Not affected	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Fixed
linux-raspi2	—	—	—	Not affected	Fixed
linux-snapdragon	—	—	—	Not affected	Fixed

CVE-2018-1118

Low priority

Some fixes available 12 of 17

Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users...

24 affected packages

linux, linux-aws, linux-azure, linux-azure-edge, linux-euclid...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Fixed	Not affected
linux-aws	—	—	—	Fixed	Not affected
linux-azure	—	—	—	Fixed	Fixed
linux-azure-edge	—	—	—	Not affected	Fixed
linux-euclid	—	—	—	Not in release	Not affected
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Fixed	Fixed
linux-gke	—	—	—	Not in release	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Fixed
linux-hwe-edge	—	—	—	Not affected	Fixed
linux-kvm	—	—	—	Fixed	Not affected
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Fixed	Ignored
linux-raspi2	—	—	—	Fixed	Not affected
linux-snapdragon	—	—	—	Not affected	Not affected

CVE-2018-10940

Medium priority

Some fixes available 21 of 27

The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.

24 affected packages

linux, linux-aws, linux-azure, linux-azure-edge, linux-euclid...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Fixed	Fixed
linux-aws	—	—	—	Fixed	Fixed
linux-azure	—	—	—	Fixed	Fixed
linux-azure-edge	—	—	—	Not affected	Fixed
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Fixed	Fixed
linux-gke	—	—	—	Not in release	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Fixed
linux-hwe-edge	—	—	—	Not affected	Fixed
linux-kvm	—	—	—	Fixed	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Fixed	Ignored
linux-raspi2	—	—	—	Fixed	Fixed
linux-snapdragon	—	—	—	Not affected	Fixed

CVE-2018-8897

High priority

Some fixes available 14 of 17

A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for...

23 affected packages

linux, linux-aws, linux-azure, linux-euclid, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Not affected	Fixed
linux-aws	—	—	—	Not affected	Fixed
linux-azure	—	—	—	Not affected	Fixed
linux-euclid	—	—	—	Not in release	Fixed
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Not affected	Fixed
linux-gke	—	—	—	Not in release	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Fixed
linux-hwe-edge	—	—	—	Fixed	Fixed
linux-kvm	—	—	—	Not affected	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Fixed
linux-raspi2	—	—	—	Not affected	Not affected
linux-snapdragon	—	—	—	Not affected	Not affected

CVE-2018-1087

High priority

Some fixes available 14 of 17

kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch...

23 affected packages

linux, linux-aws, linux-azure, linux-euclid, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Not affected	Fixed
linux-aws	—	—	—	Not affected	Fixed
linux-azure	—	—	—	Not affected	Fixed
linux-euclid	—	—	—	Not in release	Fixed
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Not affected	Fixed
linux-gke	—	—	—	Not in release	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Fixed
linux-hwe-edge	—	—	—	Fixed	Fixed
linux-kvm	—	—	—	Not affected	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Fixed
linux-raspi2	—	—	—	Not affected	Not affected
linux-snapdragon	—	—	—	Not affected	Not affected

CVE-2018-10675

Medium priority

Some fixes available 11 of 15

The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.

24 affected packages

linux, linux-aws, linux-azure, linux-azure-edge, linux-euclid...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Not affected	Fixed
linux-aws	—	—	—	Not affected	Fixed
linux-azure	—	—	—	Not affected	Fixed
linux-azure-edge	—	—	—	Not affected	Not affected
linux-euclid	—	—	—	Not in release	Ignored
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Not affected	Fixed
linux-gke	—	—	—	Not in release	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Fixed
linux-hwe-edge	—	—	—	Not affected	Fixed
linux-kvm	—	—	—	Not affected	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Not affected
linux-raspi2	—	—	—	Not affected	Fixed
linux-snapdragon	—	—	—	Not affected	Fixed

CVE-2018-1000199

Medium priority

Some fixes available 18 of 21

The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the...

23 affected packages

linux, linux-aws, linux-azure, linux-euclid, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	Not affected	Fixed
linux-aws	—	—	—	Not affected	Fixed
linux-azure	—	—	—	Not affected	Fixed
linux-euclid	—	—	—	Not in release	Fixed
linux-flo	—	—	—	Not in release	Ignored
linux-gcp	—	—	—	Not affected	Fixed
linux-gke	—	—	—	Not in release	Ignored
linux-goldfish	—	—	—	Not in release	Ignored
linux-grouper	—	—	—	Not in release	Not in release
linux-hwe	—	—	—	Not affected	Fixed
linux-hwe-edge	—	—	—	Fixed	Fixed
linux-kvm	—	—	—	Not affected	Fixed
linux-lts-trusty	—	—	—	Not in release	Not in release
linux-lts-utopic	—	—	—	Not in release	Not in release
linux-lts-vivid	—	—	—	Not in release	Not in release
linux-lts-wily	—	—	—	Not in release	Not in release
linux-lts-xenial	—	—	—	Not in release	Not in release
linux-maguro	—	—	—	Not in release	Not in release
linux-mako	—	—	—	Not in release	Ignored
linux-manta	—	—	—	Not in release	Not in release
linux-oem	—	—	—	Not affected	Fixed
linux-raspi2	—	—	—	Not affected	Fixed
linux-snapdragon	—	—	—	Not affected	Fixed

CVE-2018-10322

Low priority

Some fixes available 28 of 44

The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.

49 affected packages

linux, linux-aws, linux-aws-5.0, linux-aws-5.3, linux-aws-5.4...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	Not affected	Fixed	Fixed
linux-aws	—	—	Not affected	Fixed	Fixed
linux-aws-5.0	—	—	Not in release	Not affected	Not in release
linux-aws-5.3	—	—	Not in release	Not affected	Not in release
linux-aws-5.4	—	—	Not in release	Not affected	Not in release
linux-aws-hwe	—	—	Not in release	Not in release	Fixed
linux-azure	—	—	Not affected	Fixed	Fixed
linux-azure-4.15	—	—	Not in release	Fixed	Not in release
linux-azure-5.3	—	—	Not in release	Not affected	Not in release
linux-azure-5.4	—	—	Not in release	Not affected	Not in release
linux-azure-edge	—	—	Not in release	Fixed	Not in release
linux-euclid	—	—	Not in release	Not in release	Ignored
linux-flo	—	—	Not in release	Not in release	Ignored
linux-gcp	—	—	Not affected	Fixed	Fixed
linux-gcp-4.15	—	—	Not in release	Fixed	Not in release
linux-gcp-5.3	—	—	Not in release	Not affected	Not in release
linux-gcp-5.4	—	—	Not in release	Not affected	Not in release
linux-gcp-edge	—	—	Not in release	Fixed	Not in release
linux-gke	—	—	Not affected	Not in release	Ignored
linux-gke-4.15	—	—	Not in release	Fixed	Not in release
linux-gke-5.0	—	—	Not in release	Not affected	Not in release
linux-gke-5.3	—	—	Not in release	Not affected	Not in release
linux-goldfish	—	—	Not in release	Not in release	Ignored
linux-grouper	—	—	Not in release	Not in release	Not in release
linux-hwe	—	—	Not in release	Not affected	Fixed
linux-hwe-5.4	—	—	Not in release	Not affected	Not in release
linux-hwe-edge	—	—	Not in release	Not affected	Ignored
linux-kvm	—	—	Not affected	Fixed	Fixed
linux-lts-trusty	—	—	Not in release	Not in release	Not in release
linux-lts-utopic	—	—	Not in release	Not in release	Not in release
linux-lts-vivid	—	—	Not in release	Not in release	Not in release
linux-lts-wily	—	—	Not in release	Not in release	Not in release
linux-lts-xenial	—	—	Not in release	Not in release	Not in release
linux-maguro	—	—	Not in release	Not in release	Not in release
linux-mako	—	—	Not in release	Not in release	Ignored
linux-manta	—	—	Not in release	Not in release	Not in release
linux-oem	—	—	Not in release	Fixed	Ignored
linux-oem-5.6	—	—	Not affected	Not in release	Not in release
linux-oem-osp1	—	—	Not in release	Not affected	Not in release
linux-oracle	—	—	Not affected	Fixed	Fixed
linux-oracle-5.0	—	—	Not in release	Not affected	Not in release
linux-oracle-5.3	—	—	Not in release	Not affected	Not in release
linux-oracle-5.4	—	—	Not in release	Not affected	Not in release
linux-raspi	—	—	Not affected	Not in release	Not in release
linux-raspi-5.4	—	—	Not in release	Not affected	Not in release
linux-raspi2	—	—	Not affected	Fixed	Fixed
linux-raspi2-5.3	—	—	Not in release	Not affected	Not in release
linux-riscv	—	—	Not affected	Not in release	Not in release
linux-snapdragon	—	—	Not in release	Fixed	Fixed

CVE-2018-10323

Low priority

Some fixes available 22 of 32

The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.

49 affected packages

linux, linux-aws, linux-aws-5.0, linux-aws-5.3, linux-aws-5.4...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	Not affected	Fixed	Fixed
linux-aws	—	—	Not affected	Fixed	Fixed
linux-aws-5.0	—	—	Not in release	Not affected	Not in release
linux-aws-5.3	—	—	Not in release	Not affected	Not in release
linux-aws-5.4	—	—	Not in release	Not affected	Not in release
linux-aws-hwe	—	—	Not in release	Not in release	Not affected
linux-azure	—	—	Not affected	Fixed	Fixed
linux-azure-4.15	—	—	Not in release	Not affected	Not in release
linux-azure-5.3	—	—	Not in release	Not affected	Not in release
linux-azure-5.4	—	—	Not in release	Not affected	Not in release
linux-azure-edge	—	—	Not in release	Fixed	Not in release
linux-euclid	—	—	Not in release	Not in release	Ignored
linux-flo	—	—	Not in release	Not in release	Ignored
linux-gcp	—	—	Not affected	Fixed	Fixed
linux-gcp-4.15	—	—	Not in release	Not affected	Not in release
linux-gcp-5.3	—	—	Not in release	Not affected	Not in release
linux-gcp-5.4	—	—	Not in release	Not affected	Not in release
linux-gcp-edge	—	—	Not in release	Fixed	Not in release
linux-gke	—	—	Not affected	Not in release	Ignored
linux-gke-4.15	—	—	Not in release	Not affected	Not in release
linux-gke-5.0	—	—	Not in release	Not affected	Not in release
linux-gke-5.3	—	—	Not in release	Not affected	Not in release
linux-goldfish	—	—	Not in release	Not in release	Ignored
linux-grouper	—	—	Not in release	Not in release	Not in release
linux-hwe	—	—	Not in release	Not affected	Fixed
linux-hwe-5.4	—	—	Not in release	Not affected	Not in release
linux-hwe-edge	—	—	Not in release	Not affected	Fixed
linux-kvm	—	—	Not affected	Fixed	Fixed
linux-lts-trusty	—	—	Not in release	Not in release	Not in release
linux-lts-utopic	—	—	Not in release	Not in release	Not in release
linux-lts-vivid	—	—	Not in release	Not in release	Not in release
linux-lts-wily	—	—	Not in release	Not in release	Not in release
linux-lts-xenial	—	—	Not in release	Not in release	Not in release
linux-maguro	—	—	Not in release	Not in release	Not in release
linux-mako	—	—	Not in release	Not in release	Ignored
linux-manta	—	—	Not in release	Not in release	Not in release
linux-oem	—	—	Not in release	Fixed	Ignored
linux-oem-5.6	—	—	Not affected	Not in release	Not in release
linux-oem-osp1	—	—	Not in release	Not affected	Not in release
linux-oracle	—	—	Not affected	Not affected	Not affected
linux-oracle-5.0	—	—	Not in release	Not affected	Not in release
linux-oracle-5.3	—	—	Not in release	Not affected	Not in release
linux-oracle-5.4	—	—	Not in release	Not affected	Not in release
linux-raspi	—	—	Not affected	Not in release	Not in release
linux-raspi-5.4	—	—	Not in release	Not affected	Not in release
linux-raspi2	—	—	Not affected	Fixed	Fixed
linux-raspi2-5.3	—	—	Not in release	Not affected	Not in release
linux-riscv	—	—	Not affected	Not in release	Not in release
linux-snapdragon	—	—	Not in release	Fixed	Fixed

Export to JSON

Results by page: