Search CVE reports
481 – 490 of 595 results
CVE-2017-8064
Medium prioritySome fixes available 2 of 20
drivers/media/usb/dvb-usb-v2/dvb_usb_core.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory...
31 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Not affected |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Not affected |
| linux-azure | — | — | — | — | Not affected |
| linux-euclid | — | — | — | — | Not affected |
| linux-flo | — | — | — | — | Ignored |
| linux-gcp | — | — | — | — | Not affected |
| linux-gke | — | — | — | — | Not affected |
| linux-goldfish | — | — | — | — | Ignored |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | — | Not affected |
| linux-kvm | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Ignored |
| linux-manta | — | — | — | — | Not in release |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Not affected |
| linux-snapdragon | — | — | — | — | Not affected |
| linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2017-8063
Medium prioritySome fixes available 2 of 20
drivers/media/usb/dvb-usb/cxusb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash) or possibly have...
31 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Not affected |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Not affected |
| linux-azure | — | — | — | — | Not affected |
| linux-euclid | — | — | — | — | Not affected |
| linux-flo | — | — | — | — | Ignored |
| linux-gcp | — | — | — | — | Not affected |
| linux-gke | — | — | — | — | Not affected |
| linux-goldfish | — | — | — | — | Ignored |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | — | Not affected |
| linux-kvm | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Ignored |
| linux-manta | — | — | — | — | Not in release |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Not affected |
| linux-snapdragon | — | — | — | — | Not affected |
| linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2017-7979
Medium prioritySome fixes available 2 of 13
The cookie feature in the packet action API implementation in net/sched/act_api.c in the Linux kernel 4.11.x through 4.11-rc7 mishandles the tb nlattr array, which allows local users to cause a denial of service (uninitialized...
31 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Not affected |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Not affected |
| linux-azure | — | — | — | — | Not affected |
| linux-euclid | — | — | — | — | Not affected |
| linux-flo | — | — | — | — | Not affected |
| linux-gcp | — | — | — | — | Not affected |
| linux-gke | — | — | — | — | Not affected |
| linux-goldfish | — | — | — | — | Not affected |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | — | Not affected |
| linux-kvm | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not affected |
| linux-manta | — | — | — | — | Not in release |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Not affected |
| linux-snapdragon | — | — | — | — | Not affected |
| linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2017-7645
Medium prioritySome fixes available 13 of 35
The NFSv2/NFSv3 server in the nfsd subsystem in the Linux kernel through 4.10.11 allows remote attackers to cause a denial of service (system crash) via a long RPC reply, related to net/sunrpc/svc.c, fs/nfsd/nfs3xdr.c,...
33 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Fixed |
| linux-armadaxp | — | — | — | Not in release | Not in release |
| linux-aws | — | — | — | Not affected | Fixed |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gke | — | — | — | Not in release | Fixed |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-linaro-omap | — | — | — | Not in release | Not in release |
| linux-linaro-shared | — | — | — | Not in release | Not in release |
| linux-linaro-vexpress | — | — | — | Not in release | Not in release |
| linux-lts-quantal | — | — | — | Not in release | Not in release |
| linux-lts-raring | — | — | — | Not in release | Not in release |
| linux-lts-saucy | — | — | — | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Not affected |
| linux-qcm-msm | — | — | — | Not in release | Not in release |
| linux-raspi2 | — | — | — | Not affected | Fixed |
| linux-snapdragon | — | — | — | Not affected | Fixed |
| linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2017-7889
Medium prioritySome fixes available 13 of 35
The mm subsystem in the Linux kernel through 3.2 does not properly enforce the CONFIG_STRICT_DEVMEM protection mechanism, which allows local users to read or write to kernel memory locations in the first megabyte (and...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Fixed |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Fixed |
| linux-azure | — | — | — | — | Not affected |
| linux-euclid | — | — | — | — | Ignored |
| linux-flo | — | — | — | — | Ignored |
| linux-gcp | — | — | — | — | Not affected |
| linux-gke | — | — | — | — | Fixed |
| linux-goldfish | — | — | — | — | Ignored |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Fixed |
| linux-hwe-edge | — | — | — | — | Fixed |
| linux-kvm | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Ignored |
| linux-manta | — | — | — | — | Not in release |
| linux-oem | — | — | — | — | Not affected |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Fixed |
| linux-snapdragon | — | — | — | — | Fixed |
| linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2017-7618
Medium prioritySome fixes available 12 of 27
crypto/ahash.c in the Linux kernel through 4.10.9 allows attackers to cause a denial of service (API operation calling its own callback, and infinite recursion) by triggering EBUSY on a full queue.
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Fixed |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Fixed |
| linux-azure | — | — | — | — | Not affected |
| linux-euclid | — | — | — | — | Ignored |
| linux-flo | — | — | — | — | Not affected |
| linux-gcp | — | — | — | — | Not affected |
| linux-gke | — | — | — | — | Fixed |
| linux-goldfish | — | — | — | — | Not affected |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Fixed |
| linux-hwe-edge | — | — | — | — | Fixed |
| linux-kvm | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not affected |
| linux-manta | — | — | — | — | Not in release |
| linux-oem | — | — | — | — | Not affected |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Fixed |
| linux-snapdragon | — | — | — | — | Fixed |
| linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2017-7616
Medium prioritySome fixes available 13 of 35
Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Fixed |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Fixed |
| linux-azure | — | — | — | — | Not affected |
| linux-euclid | — | — | — | — | Ignored |
| linux-flo | — | — | — | — | Ignored |
| linux-gcp | — | — | — | — | Not affected |
| linux-gke | — | — | — | — | Fixed |
| linux-goldfish | — | — | — | — | Ignored |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Fixed |
| linux-hwe-edge | — | — | — | — | Fixed |
| linux-kvm | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Ignored |
| linux-manta | — | — | — | — | Not in release |
| linux-oem | — | — | — | — | Not affected |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Fixed |
| linux-snapdragon | — | — | — | — | Fixed |
| linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2017-2671
Negligible prioritySome fixes available 13 of 35
The ping_unhash function in net/ipv4/ping.c in the Linux kernel through 4.10.8 is too late in obtaining a certain lock and consequently cannot ensure that disconnect function calls are safe, which allows local users to cause a...
33 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Fixed |
| linux-armadaxp | — | — | — | Not in release | Not in release |
| linux-aws | — | — | — | Not affected | Fixed |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gke | — | — | — | Not in release | Fixed |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-linaro-omap | — | — | — | Not in release | Not in release |
| linux-linaro-shared | — | — | — | Not in release | Not in release |
| linux-linaro-vexpress | — | — | — | Not in release | Not in release |
| linux-lts-quantal | — | — | — | Not in release | Not in release |
| linux-lts-raring | — | — | — | Not in release | Not in release |
| linux-lts-saucy | — | — | — | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Not affected |
| linux-qcm-msm | — | — | — | Not in release | Not in release |
| linux-raspi2 | — | — | — | Not affected | Fixed |
| linux-snapdragon | — | — | — | Not affected | Fixed |
| linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2014-9922
Medium priorityThe eCryptfs subsystem in the Linux kernel before 3.18 allows local users to gain privileges via a large filesystem stack that includes an overlayfs layer, related to fs/ecryptfs/main.c and fs/overlayfs/super.c.
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Not affected |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Not affected |
| linux-azure | — | — | — | — | Not affected |
| linux-euclid | — | — | — | — | Not affected |
| linux-flo | — | — | — | — | Ignored |
| linux-gcp | — | — | — | — | Not affected |
| linux-gke | — | — | — | — | Not affected |
| linux-goldfish | — | — | — | — | Ignored |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | — | Not affected |
| linux-kvm | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Ignored |
| linux-manta | — | — | — | — | Not in release |
| linux-oem | — | — | — | — | Not affected |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Not affected |
| linux-snapdragon | — | — | — | — | Not affected |
| linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2017-7374
High prioritySome fixes available 12 of 19
Use-after-free vulnerability in fs/crypto/ in the Linux kernel before 4.10.7 allows local users to cause a denial of service (NULL pointer dereference) or possibly gain privileges by revoking keyring keys being used for ext4,...
32 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Fixed |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Fixed |
| linux-azure | — | — | — | — | Not affected |
| linux-euclid | — | — | — | — | Not affected |
| linux-flo | — | — | — | — | Not affected |
| linux-gcp | — | — | — | — | Not affected |
| linux-gke | — | — | — | — | Fixed |
| linux-goldfish | — | — | — | — | Not affected |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Fixed |
| linux-hwe-edge | — | — | — | — | Fixed |
| linux-kvm | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not affected |
| linux-manta | — | — | — | — | Not in release |
| linux-oem | — | — | — | — | Not affected |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Fixed |
| linux-snapdragon | — | — | — | — | Fixed |
| linux-ti-omap4 | — | — | — | — | Not in release |