Search CVE reports
231 – 240 of 595 results
CVE-2018-1120
Medium prioritySome fixes available 21 of 32
A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or...
28 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Fixed | Fixed |
linux-aws | — | — | — | Fixed | Fixed |
linux-aws-hwe | — | — | — | Not in release | Not affected |
linux-azure | — | — | — | Fixed | Fixed |
linux-azure-edge | — | — | — | Fixed | Fixed |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Fixed | Fixed |
linux-gcp-edge | — | — | — | Not affected | Not in release |
linux-gke | — | — | — | Not affected | Ignored |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Not affected | Fixed |
linux-kvm | — | — | — | Fixed | Fixed |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Fixed | Ignored |
linux-oracle | — | — | — | Not affected | Not affected |
linux-raspi2 | — | — | — | Fixed | Fixed |
linux-snapdragon | — | — | — | Fixed | Fixed |
procps | — | — | — | Not affected | Not affected |
CVE-2018-1130
Medium prioritySome fixes available 17 of 21
Linux kernel before version 4.16-rc7 is vulnerable to a null pointer dereference in dccp_write_xmit() function in net/dccp/output.c in that allows a local user to cause a denial of service by a number of certain crafted system calls.
23 affected packages
linux, linux-aws, linux-azure, linux-euclid, linux-flo...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Fixed |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Fixed |
linux-gke | — | — | — | Not in release | Ignored |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Fixed | Fixed |
linux-kvm | — | — | — | Not affected | Fixed |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Fixed |
linux-raspi2 | — | — | — | Not affected | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
CVE-2018-1118
Low prioritySome fixes available 12 of 17
Linux kernel vhost since version 4.8 does not properly initialize memory in messages passed between virtual guests and the host operating system in the vhost/vhost.c:vhost_new_msg() function. This can allow local privileged users...
24 affected packages
linux, linux-aws, linux-azure, linux-azure-edge, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Fixed | Not affected |
linux-aws | — | — | — | Fixed | Not affected |
linux-azure | — | — | — | Fixed | Fixed |
linux-azure-edge | — | — | — | Not affected | Fixed |
linux-euclid | — | — | — | Not in release | Not affected |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Fixed | Fixed |
linux-gke | — | — | — | Not in release | Ignored |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Not affected | Fixed |
linux-kvm | — | — | — | Fixed | Not affected |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Fixed | Ignored |
linux-raspi2 | — | — | — | Fixed | Not affected |
linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2018-10940
Medium prioritySome fixes available 21 of 27
The cdrom_ioctl_media_changed function in drivers/cdrom/cdrom.c in the Linux kernel before 4.16.6 allows local attackers to use a incorrect bounds check in the CDROM driver CDROM_MEDIA_CHANGED ioctl to read out kernel memory.
24 affected packages
linux, linux-aws, linux-azure, linux-azure-edge, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Fixed | Fixed |
linux-aws | — | — | — | Fixed | Fixed |
linux-azure | — | — | — | Fixed | Fixed |
linux-azure-edge | — | — | — | Not affected | Fixed |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Fixed | Fixed |
linux-gke | — | — | — | Not in release | Ignored |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Not affected | Fixed |
linux-kvm | — | — | — | Fixed | Fixed |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Fixed | Ignored |
linux-raspi2 | — | — | — | Fixed | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
CVE-2018-8897
High prioritySome fixes available 14 of 17
A statement in the System Programming Guide of the Intel 64 and IA-32 Architectures Software Developer's Manual (SDM) was mishandled in the development of some or all operating-system kernels, resulting in unexpected behavior for...
23 affected packages
linux, linux-aws, linux-azure, linux-euclid, linux-flo...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Fixed |
linux-euclid | — | — | — | Not in release | Fixed |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Fixed |
linux-gke | — | — | — | Not in release | Ignored |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Fixed | Fixed |
linux-kvm | — | — | — | Not affected | Fixed |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Fixed |
linux-raspi2 | — | — | — | Not affected | Not affected |
linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2018-1087
High prioritySome fixes available 14 of 17
kernel KVM before versions kernel 4.16, kernel 4.16-rc7, kernel 4.17-rc1, kernel 4.17-rc2 and kernel 4.17-rc3 is vulnerable to a flaw in the way the Linux kernel's KVM hypervisor handled exceptions delivered after a stack switch...
23 affected packages
linux, linux-aws, linux-azure, linux-euclid, linux-flo...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Fixed |
linux-euclid | — | — | — | Not in release | Fixed |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Fixed |
linux-gke | — | — | — | Not in release | Ignored |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Fixed | Fixed |
linux-kvm | — | — | — | Not affected | Fixed |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Fixed |
linux-raspi2 | — | — | — | Not affected | Not affected |
linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2018-10675
Medium prioritySome fixes available 11 of 15
The do_get_mempolicy function in mm/mempolicy.c in the Linux kernel before 4.12.9 allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via crafted system calls.
24 affected packages
linux, linux-aws, linux-azure, linux-azure-edge, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Fixed |
linux-azure-edge | — | — | — | Not affected | Not affected |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Fixed |
linux-gke | — | — | — | Not in release | Ignored |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Not affected | Fixed |
linux-kvm | — | — | — | Not affected | Fixed |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Not affected |
linux-raspi2 | — | — | — | Not affected | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
CVE-2018-1000199
Medium prioritySome fixes available 18 of 21
The Linux Kernel version 3.18 contains a dangerous feature vulnerability in modify_user_hw_breakpoint() that can result in crash and possibly memory corruption. This attack appear to be exploitable via local code execution and the...
23 affected packages
linux, linux-aws, linux-azure, linux-euclid, linux-flo...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Fixed |
linux-euclid | — | — | — | Not in release | Fixed |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Fixed |
linux-gke | — | — | — | Not in release | Ignored |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Fixed | Fixed |
linux-kvm | — | — | — | Not affected | Fixed |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Fixed |
linux-raspi2 | — | — | — | Not affected | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
CVE-2018-10322
Low prioritySome fixes available 28 of 44
The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.
49 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-5.3, linux-aws-5.4...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | Not affected | Fixed | Fixed |
linux-aws | — | — | Not affected | Fixed | Fixed |
linux-aws-5.0 | — | — | Not in release | Not affected | Not in release |
linux-aws-5.3 | — | — | Not in release | Not affected | Not in release |
linux-aws-5.4 | — | — | Not in release | Not affected | Not in release |
linux-aws-hwe | — | — | Not in release | Not in release | Fixed |
linux-azure | — | — | Not affected | Fixed | Fixed |
linux-azure-4.15 | — | — | Not in release | Fixed | Not in release |
linux-azure-5.3 | — | — | Not in release | Not affected | Not in release |
linux-azure-5.4 | — | — | Not in release | Not affected | Not in release |
linux-azure-edge | — | — | Not in release | Fixed | Not in release |
linux-euclid | — | — | Not in release | Not in release | Ignored |
linux-flo | — | — | Not in release | Not in release | Ignored |
linux-gcp | — | — | Not affected | Fixed | Fixed |
linux-gcp-4.15 | — | — | Not in release | Fixed | Not in release |
linux-gcp-5.3 | — | — | Not in release | Not affected | Not in release |
linux-gcp-5.4 | — | — | Not in release | Not affected | Not in release |
linux-gcp-edge | — | — | Not in release | Fixed | Not in release |
linux-gke | — | — | Not affected | Not in release | Ignored |
linux-gke-4.15 | — | — | Not in release | Fixed | Not in release |
linux-gke-5.0 | — | — | Not in release | Not affected | Not in release |
linux-gke-5.3 | — | — | Not in release | Not affected | Not in release |
linux-goldfish | — | — | Not in release | Not in release | Ignored |
linux-grouper | — | — | Not in release | Not in release | Not in release |
linux-hwe | — | — | Not in release | Not affected | Fixed |
linux-hwe-5.4 | — | — | Not in release | Not affected | Not in release |
linux-hwe-edge | — | — | Not in release | Not affected | Ignored |
linux-kvm | — | — | Not affected | Fixed | Fixed |
linux-lts-trusty | — | — | Not in release | Not in release | Not in release |
linux-lts-utopic | — | — | Not in release | Not in release | Not in release |
linux-lts-vivid | — | — | Not in release | Not in release | Not in release |
linux-lts-wily | — | — | Not in release | Not in release | Not in release |
linux-lts-xenial | — | — | Not in release | Not in release | Not in release |
linux-maguro | — | — | Not in release | Not in release | Not in release |
linux-mako | — | — | Not in release | Not in release | Ignored |
linux-manta | — | — | Not in release | Not in release | Not in release |
linux-oem | — | — | Not in release | Fixed | Ignored |
linux-oem-5.6 | — | — | Not affected | Not in release | Not in release |
linux-oem-osp1 | — | — | Not in release | Not affected | Not in release |
linux-oracle | — | — | Not affected | Fixed | Fixed |
linux-oracle-5.0 | — | — | Not in release | Not affected | Not in release |
linux-oracle-5.3 | — | — | Not in release | Not affected | Not in release |
linux-oracle-5.4 | — | — | Not in release | Not affected | Not in release |
linux-raspi | — | — | Not affected | Not in release | Not in release |
linux-raspi-5.4 | — | — | Not in release | Not affected | Not in release |
linux-raspi2 | — | — | Not affected | Fixed | Fixed |
linux-raspi2-5.3 | — | — | Not in release | Not affected | Not in release |
linux-riscv | — | — | Not affected | Not in release | Not in release |
linux-snapdragon | — | — | Not in release | Fixed | Fixed |
CVE-2018-10323
Low prioritySome fixes available 22 of 32
The xfs_bmap_extents_to_btree function in fs/xfs/libxfs/xfs_bmap.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_bmapi_write NULL pointer dereference) via a crafted xfs image.
49 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-5.3, linux-aws-5.4...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | Not affected | Fixed | Fixed |
linux-aws | — | — | Not affected | Fixed | Fixed |
linux-aws-5.0 | — | — | Not in release | Not affected | Not in release |
linux-aws-5.3 | — | — | Not in release | Not affected | Not in release |
linux-aws-5.4 | — | — | Not in release | Not affected | Not in release |
linux-aws-hwe | — | — | Not in release | Not in release | Not affected |
linux-azure | — | — | Not affected | Fixed | Fixed |
linux-azure-4.15 | — | — | Not in release | Not affected | Not in release |
linux-azure-5.3 | — | — | Not in release | Not affected | Not in release |
linux-azure-5.4 | — | — | Not in release | Not affected | Not in release |
linux-azure-edge | — | — | Not in release | Fixed | Not in release |
linux-euclid | — | — | Not in release | Not in release | Ignored |
linux-flo | — | — | Not in release | Not in release | Ignored |
linux-gcp | — | — | Not affected | Fixed | Fixed |
linux-gcp-4.15 | — | — | Not in release | Not affected | Not in release |
linux-gcp-5.3 | — | — | Not in release | Not affected | Not in release |
linux-gcp-5.4 | — | — | Not in release | Not affected | Not in release |
linux-gcp-edge | — | — | Not in release | Fixed | Not in release |
linux-gke | — | — | Not affected | Not in release | Ignored |
linux-gke-4.15 | — | — | Not in release | Not affected | Not in release |
linux-gke-5.0 | — | — | Not in release | Not affected | Not in release |
linux-gke-5.3 | — | — | Not in release | Not affected | Not in release |
linux-goldfish | — | — | Not in release | Not in release | Ignored |
linux-grouper | — | — | Not in release | Not in release | Not in release |
linux-hwe | — | — | Not in release | Not affected | Fixed |
linux-hwe-5.4 | — | — | Not in release | Not affected | Not in release |
linux-hwe-edge | — | — | Not in release | Not affected | Fixed |
linux-kvm | — | — | Not affected | Fixed | Fixed |
linux-lts-trusty | — | — | Not in release | Not in release | Not in release |
linux-lts-utopic | — | — | Not in release | Not in release | Not in release |
linux-lts-vivid | — | — | Not in release | Not in release | Not in release |
linux-lts-wily | — | — | Not in release | Not in release | Not in release |
linux-lts-xenial | — | — | Not in release | Not in release | Not in release |
linux-maguro | — | — | Not in release | Not in release | Not in release |
linux-mako | — | — | Not in release | Not in release | Ignored |
linux-manta | — | — | Not in release | Not in release | Not in release |
linux-oem | — | — | Not in release | Fixed | Ignored |
linux-oem-5.6 | — | — | Not affected | Not in release | Not in release |
linux-oem-osp1 | — | — | Not in release | Not affected | Not in release |
linux-oracle | — | — | Not affected | Not affected | Not affected |
linux-oracle-5.0 | — | — | Not in release | Not affected | Not in release |
linux-oracle-5.3 | — | — | Not in release | Not affected | Not in release |
linux-oracle-5.4 | — | — | Not in release | Not affected | Not in release |
linux-raspi | — | — | Not affected | Not in release | Not in release |
linux-raspi-5.4 | — | — | Not in release | Not affected | Not in release |
linux-raspi2 | — | — | Not affected | Fixed | Fixed |
linux-raspi2-5.3 | — | — | Not in release | Not affected | Not in release |
linux-riscv | — | — | Not affected | Not in release | Not in release |
linux-snapdragon | — | — | Not in release | Fixed | Fixed |