Search CVE reports
401 – 410 of 595 results
CVE-2017-15299
Medium prioritySome fixes available 18 of 26
The KEYS subsystem in the Linux kernel through 4.13.7 mishandles use of add_key for a key that already exists but is uninstantiated, which allows local users to cause a denial of service (NULL pointer dereference and system crash)...
33 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-azure-edge...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-armadaxp | — | — | — | Not in release | Not in release |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Fixed |
linux-azure-edge | — | — | — | Not affected | Not affected |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Fixed |
linux-gke | — | — | — | Not in release | Fixed |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Not affected | Fixed |
linux-kvm | — | — | — | Not affected | Fixed |
linux-linaro-omap | — | — | — | Not in release | Not in release |
linux-linaro-shared | — | — | — | Not in release | Not in release |
linux-linaro-vexpress | — | — | — | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Fixed |
linux-qcm-msm | — | — | — | Not in release | Not in release |
linux-raspi2 | — | — | — | Not affected | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2017-5123
High prioritySome fixes available 2 of 4
Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Not affected |
linux-armadaxp | — | — | — | — | Not in release |
linux-aws | — | — | — | — | Not affected |
linux-azure | — | — | — | — | Not affected |
linux-euclid | — | — | — | — | Not affected |
linux-flo | — | — | — | — | Ignored |
linux-gcp | — | — | — | — | Not affected |
linux-gke | — | — | — | — | Not affected |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-hwe | — | — | — | — | Not affected |
linux-hwe-edge | — | — | — | — | Not affected |
linux-kvm | — | — | — | — | Not affected |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Ignored |
linux-manta | — | — | — | — | Not in release |
linux-oem | — | — | — | — | Not affected |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Not affected |
linux-snapdragon | — | — | — | — | Not affected |
linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2017-12190
Medium prioritySome fixes available 16 of 25
The bio_map_user_iov and bio_unmap_user functions in block/bio.c in the Linux kernel before 4.13.8 do unbalanced refcounting when a SCSI I/O vector has small consecutive buffers belonging to the same page. The bio_add_pc_page...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-armadaxp | — | — | — | Not in release | Not in release |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Fixed |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Fixed |
linux-gke | — | — | — | Not in release | Ignored |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Fixed | Fixed |
linux-kvm | — | — | — | Not affected | Fixed |
linux-linaro-omap | — | — | — | Not in release | Not in release |
linux-linaro-shared | — | — | — | Not in release | Not in release |
linux-linaro-vexpress | — | — | — | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Not affected |
linux-qcm-msm | — | — | — | Not in release | Not in release |
linux-raspi2 | — | — | — | Not affected | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2017-15274
Medium prioritySome fixes available 12 of 20
security/keys/keyctl.c in the Linux kernel before 4.11.5 does not consider the case of a NULL payload in conjunction with a nonzero length value, which allows local users to cause a denial of service (NULL pointer dereference and...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-armadaxp | — | — | — | Not in release | Not in release |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Not affected |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Fixed |
linux-gke | — | — | — | Not in release | Fixed |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Fixed | Fixed |
linux-kvm | — | — | — | Not affected | Not affected |
linux-linaro-omap | — | — | — | Not in release | Not in release |
linux-linaro-shared | — | — | — | Not in release | Not in release |
linux-linaro-vexpress | — | — | — | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Not affected |
linux-qcm-msm | — | — | — | Not in release | Not in release |
linux-raspi2 | — | — | — | Not affected | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2017-12192
Medium prioritySome fixes available 16 of 22
The keyctl_read_key function in security/keys/keyctl.c in the Key Management subcomponent in the Linux kernel before 4.13.5 does not properly consider that a key may be possessed but negatively instantiated, which allows local...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Fixed |
linux-armadaxp | — | — | — | — | Not in release |
linux-aws | — | — | — | — | Fixed |
linux-azure | — | — | — | — | Fixed |
linux-euclid | — | — | — | — | Ignored |
linux-flo | — | — | — | — | Ignored |
linux-gcp | — | — | — | — | Fixed |
linux-gke | — | — | — | — | Fixed |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-hwe | — | — | — | — | Fixed |
linux-hwe-edge | — | — | — | — | Fixed |
linux-kvm | — | — | — | — | Fixed |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Ignored |
linux-manta | — | — | — | — | Not in release |
linux-oem | — | — | — | — | Not affected |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Fixed |
linux-snapdragon | — | — | — | — | Fixed |
linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2017-12188
High prioritySome fixes available 8 of 11
arch/x86/kvm/mmu.c in the Linux kernel through 4.13.5, when nested virtualisation is used, does not properly traverse guest pagetable entries to resolve a guest virtual address, which allows L1 guest OS users to execute arbitrary...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Not affected |
linux-armadaxp | — | — | — | — | Not in release |
linux-aws | — | — | — | — | Not affected |
linux-azure | — | — | — | — | Fixed |
linux-euclid | — | — | — | — | Not affected |
linux-flo | — | — | — | — | Ignored |
linux-gcp | — | — | — | — | Fixed |
linux-gke | — | — | — | — | Not affected |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-hwe | — | — | — | — | Fixed |
linux-hwe-edge | — | — | — | — | Fixed |
linux-kvm | — | — | — | — | Not affected |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Ignored |
linux-manta | — | — | — | — | Not in release |
linux-oem | — | — | — | — | Not affected |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Not affected |
linux-snapdragon | — | — | — | — | Not affected |
linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2017-1000255
High prioritySome fixes available 4 of 6
On Linux running on PowerPC hardware (Power8 or later) a user process can craft a signal frame and then do a sigreturn so that the kernel will take an exception (interrupt), and use the r1 value *from the signal frame* as the...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Not affected |
linux-armadaxp | — | — | — | — | Not in release |
linux-aws | — | — | — | — | Not affected |
linux-azure | — | — | — | — | Not affected |
linux-euclid | — | — | — | — | Not affected |
linux-flo | — | — | — | — | Ignored |
linux-gcp | — | — | — | — | Not affected |
linux-gke | — | — | — | — | Not affected |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-hwe | — | — | — | — | Fixed |
linux-hwe-edge | — | — | — | — | Fixed |
linux-kvm | — | — | — | — | Not affected |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Ignored |
linux-manta | — | — | — | — | Not in release |
linux-oem | — | — | — | — | Not affected |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Not affected |
linux-snapdragon | — | — | — | — | Not affected |
linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2017-14991
Low prioritySome fixes available 14 of 22
The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0.
33 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-azure-edge...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-armadaxp | — | — | — | Not in release | Not in release |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Fixed |
linux-azure-edge | — | — | — | Not affected | Not affected |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Fixed |
linux-gke | — | — | — | Not in release | Fixed |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Not affected | Fixed |
linux-kvm | — | — | — | Not affected | Fixed |
linux-linaro-omap | — | — | — | Not in release | Not in release |
linux-linaro-shared | — | — | — | Not in release | Not in release |
linux-linaro-vexpress | — | — | — | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Not affected |
linux-qcm-msm | — | — | — | Not in release | Not in release |
linux-raspi2 | — | — | — | Not affected | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2017-14954
Low prioritySome fixes available 2 of 5
The waitid implementation in kernel/exit.c in the Linux kernel through 4.13.4 accesses rusage data structures in unintended cases, which allows local users to obtain sensitive information, and bypass the KASLR protection...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Not affected |
linux-armadaxp | — | — | — | — | Not in release |
linux-aws | — | — | — | — | Not affected |
linux-azure | — | — | — | — | Not affected |
linux-euclid | — | — | — | — | Not affected |
linux-flo | — | — | — | — | Ignored |
linux-gcp | — | — | — | — | Not affected |
linux-gke | — | — | — | — | Not affected |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-hwe | — | — | — | — | Not affected |
linux-hwe-edge | — | — | — | — | Not affected |
linux-kvm | — | — | — | — | Not affected |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Ignored |
linux-manta | — | — | — | — | Not in release |
linux-oem | — | — | — | — | Not affected |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Not affected |
linux-snapdragon | — | — | — | — | Not affected |
linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2017-12154
Medium prioritySome fixes available 17 of 25
The prepare_vmcs02 function in arch/x86/kvm/vmx.c in the Linux kernel through 4.13.3 does not ensure that the "CR8-load exiting" and "CR8-store exiting" L0 vmcs02 controls exist in cases where L1 omits the "use TPR shadow" vmcs12...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Fixed |
linux-armadaxp | — | — | — | Not in release | Not in release |
linux-aws | — | — | — | Not affected | Fixed |
linux-azure | — | — | — | Not affected | Fixed |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-gcp | — | — | — | Not affected | Fixed |
linux-gke | — | — | — | Not in release | Fixed |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Fixed | Fixed |
linux-kvm | — | — | — | Not affected | Fixed |
linux-linaro-omap | — | — | — | Not in release | Not in release |
linux-linaro-shared | — | — | — | Not in release | Not in release |
linux-linaro-vexpress | — | — | — | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Not affected |
linux-qcm-msm | — | — | — | Not in release | Not in release |
linux-raspi2 | — | — | — | Not affected | Fixed |
linux-snapdragon | — | — | — | Not affected | Fixed |
linux-ti-omap4 | — | — | — | Not in release | Not in release |