Search CVE reports
91 – 100 of 1754 results
CVE-2019-12381
Low priority** DISPUTED ** An issue was discovered in ip_ra_control in net/ipv4/ip_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL pointer...
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Ignored | Ignored |
| linux-aws | — | — | — | Ignored | Ignored |
| linux-aws-hwe | — | — | — | Not in release | Ignored |
| linux-azure | — | — | — | Ignored | Ignored |
| linux-azure-edge | — | — | — | Ignored | Ignored |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Ignored | Ignored |
| linux-gcp-edge | — | — | — | Ignored | Not in release |
| linux-gke | — | — | — | Ignored | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Ignored | Ignored |
| linux-hwe-edge | — | — | — | Ignored | Ignored |
| linux-kvm | — | — | — | Ignored | Ignored |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Ignored | Ignored |
| linux-oracle | — | — | — | Ignored | Ignored |
| linux-raspi2 | — | — | — | Ignored | Ignored |
| linux-snapdragon | — | — | — | Ignored | Ignored |
CVE-2019-12380
Negligible prioritySome fixes available 26 of 59
**DISPUTED** An issue was discovered in the efi subsystem in the Linux kernel through 5.1.5. phys_efi_set_virtual_address_map in arch/x86/platform/efi/efi.c and efi_call_phys_prolog in arch/x86/platform/efi/efi_64.c mishandle...
46 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-5.3, linux-aws-hwe...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | Not affected | Fixed | Fixed |
| linux-aws | — | — | Not affected | Fixed | Fixed |
| linux-aws-5.0 | — | — | Not in release | Ignored | Not in release |
| linux-aws-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-aws-hwe | — | — | Not in release | Not in release | Fixed |
| linux-azure | — | — | Not affected | Ignored | Fixed |
| linux-azure-4.15 | — | — | Not in release | Fixed | Not in release |
| linux-azure-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-azure-5.4 | — | — | Not in release | Not affected | Not in release |
| linux-azure-edge | — | — | Not in release | Ignored | Not in release |
| linux-euclid | — | — | Not in release | Not in release | Ignored |
| linux-flo | — | — | Not in release | Not in release | Ignored |
| linux-gcp | — | — | Not affected | Ignored | Fixed |
| linux-gcp-4.15 | — | — | Not in release | Fixed | Not in release |
| linux-gcp-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-gcp-edge | — | — | Not in release | Ignored | Not in release |
| linux-gke | — | — | Not affected | Not in release | Ignored |
| linux-gke-4.15 | — | — | Not in release | Fixed | Not in release |
| linux-gke-5.0 | — | — | Not in release | Fixed | Not in release |
| linux-gke-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-goldfish | — | — | Not in release | Not in release | Ignored |
| linux-grouper | — | — | Not in release | Not in release | Not in release |
| linux-hwe | — | — | Not in release | Fixed | Fixed |
| linux-hwe-5.4 | — | — | Not in release | Not affected | Not in release |
| linux-hwe-edge | — | — | Not in release | Ignored | Ignored |
| linux-kvm | — | — | Not affected | Fixed | Fixed |
| linux-lts-trusty | — | — | Not in release | Not in release | Not in release |
| linux-lts-utopic | — | — | Not in release | Not in release | Not in release |
| linux-lts-vivid | — | — | Not in release | Not in release | Not in release |
| linux-lts-wily | — | — | Not in release | Not in release | Not in release |
| linux-lts-xenial | — | — | Not in release | Not in release | Not in release |
| linux-maguro | — | — | Not in release | Not in release | Not in release |
| linux-mako | — | — | Not in release | Not in release | Ignored |
| linux-manta | — | — | Not in release | Not in release | Not in release |
| linux-oem | — | — | Not in release | Fixed | Ignored |
| linux-oem-5.6 | — | — | Not affected | Not in release | Not in release |
| linux-oem-osp1 | — | — | Not in release | Fixed | Not in release |
| linux-oracle | — | — | Not affected | Fixed | Fixed |
| linux-oracle-5.0 | — | — | Not in release | Ignored | Not in release |
| linux-oracle-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-raspi | — | — | Not affected | Not in release | Not in release |
| linux-raspi-5.4 | — | — | Not in release | Not affected | Not in release |
| linux-raspi2 | — | — | Not affected | Fixed | Fixed |
| linux-raspi2-5.3 | — | — | Not in release | Not affected | Not in release |
| linux-riscv | — | — | Not affected | Not in release | Not in release |
| linux-snapdragon | — | — | Not in release | Fixed | Fixed |
CVE-2019-12379
Low priority** DISPUTED ** An issue was discovered in con_insert_unipair in drivers/tty/vt/consolemap.c in the Linux kernel through 5.1.5. There is a memory leak in a certain case of an ENOMEM outcome of kmalloc. NOTE: This id is disputed as...
29 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Ignored | Ignored |
| linux-aws | — | — | — | Ignored | Ignored |
| linux-aws-hwe | — | — | — | Not in release | Ignored |
| linux-azure | — | — | — | Ignored | Ignored |
| linux-azure-edge | — | — | — | Ignored | Ignored |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Ignored | Ignored |
| linux-gcp-edge | — | — | — | Ignored | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Ignored | Not in release |
| linux-gke-5.0 | — | — | — | Ignored | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Ignored | Ignored |
| linux-hwe-edge | — | — | — | Ignored | Ignored |
| linux-kvm | — | — | — | Ignored | Ignored |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Ignored | Ignored |
| linux-oracle | — | — | — | Ignored | Ignored |
| linux-raspi2 | — | — | — | Ignored | Ignored |
| linux-snapdragon | — | — | — | Ignored | Ignored |
CVE-2019-12378
Medium priority** DISPUTED ** An issue was discovered in ip6_ra_control in net/ipv6/ipv6_sockglue.c in the Linux kernel through 5.1.5. There is an unchecked kmalloc of new_ra, which might allow an attacker to cause a denial of service (NULL...
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Ignored | Ignored |
| linux-aws | — | — | — | Ignored | Ignored |
| linux-aws-hwe | — | — | — | Not in release | Ignored |
| linux-azure | — | — | — | Ignored | Ignored |
| linux-azure-edge | — | — | — | Ignored | Ignored |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Ignored | Ignored |
| linux-gcp-edge | — | — | — | Ignored | Not in release |
| linux-gke | — | — | — | Ignored | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Ignored | Ignored |
| linux-hwe-edge | — | — | — | Ignored | Ignored |
| linux-kvm | — | — | — | Ignored | Ignored |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Ignored | Ignored |
| linux-oracle | — | — | — | Ignored | Ignored |
| linux-raspi2 | — | — | — | Ignored | Ignored |
| linux-snapdragon | — | — | — | Ignored | Ignored |
CVE-2016-10245
Medium prioritySome fixes available 1 of 15
Insufficient sanitization of the query parameter in templates/html/search_opensearch.php could lead to reflected cross-site scripting or iframe injection.
2 affected packages
doxygen, quantlib-refman-html
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| doxygen | Not affected | Not affected | Not affected | Not affected | Fixed |
| quantlib-refman-html | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2019-10142
Negligible prioritySome fixes available 1 of 9
A flaw was found in the Linux kernel's freescale hypervisor manager implementation, kernel versions 5.0.x up to, excluding 5.0.17. A parameter passed to an ioctl was incorrectly validated and used in size calculations for the page...
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Fixed |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not affected | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2018-7191
Medium prioritySome fixes available 13 of 18
In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF)...
28 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Fixed |
| linux-aws | — | — | — | Not affected | Fixed |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Fixed |
| linux-azure-edge | — | — | — | Not affected | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Fixed |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Not affected | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Fixed |
| linux-snapdragon | — | — | — | Fixed | Fixed |
CVE-2019-11085
Medium prioritySome fixes available 22 of 35
Insufficient input validation in Kernel Mode Driver in Intel(R) i915 Graphics for Linux before version 5.0 may allow an authenticated user to potentially enable escalation of privilege via local access.
29 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Not affected |
| linux-aws | — | — | — | Fixed | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Fixed | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Fixed | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-raspi2 | — | — | — | Fixed | Not affected |
| linux-snapdragon | — | — | — | Fixed | Not affected |
CVE-2019-11833
Medium prioritySome fixes available 39 of 55
fs/ext4/extents.c in the Linux kernel through 5.1.2 does not zero out the unused memory region in the extent tree block, which might allow local users to obtain sensitive information by reading uninitialized data in the filesystem.
36 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-aws-5.0 | — | — | — | Not affected | Not in release |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-5.3 | — | — | — | Not affected | Not in release |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-5.3 | — | — | — | Not affected | Not in release |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Fixed | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Ignored | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oem-5.4 | — | — | — | Not in release | Not in release |
| linux-oem-osp1 | — | — | — | Fixed | Not in release |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-oracle-5.0 | — | — | — | Not affected | Not in release |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
| linux-snapdragon | — | — | — | Fixed | Fixed |
CVE-2019-11884
Medium prioritySome fixes available 37 of 55
The do_hidp_sock_ioctl function in net/bluetooth/hidp/sock.c in the Linux kernel before 5.0.15 allows a local user to obtain potentially sensitive information from kernel stack memory via a HIDPCONNADD command, because a name...
36 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Fixed |
| linux-aws | — | — | — | Fixed | Fixed |
| linux-aws-5.0 | — | — | — | Not affected | Not in release |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-5.3 | — | — | — | Not affected | Not in release |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-5.3 | — | — | — | Not affected | Not in release |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Fixed | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Ignored | Fixed |
| linux-kvm | — | — | — | Fixed | Fixed |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oem-5.4 | — | — | — | Not in release | Not in release |
| linux-oem-osp1 | — | — | — | Fixed | Not in release |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-oracle-5.0 | — | — | — | Not affected | Not in release |
| linux-raspi2 | — | — | — | Fixed | Fixed |
| linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
| linux-snapdragon | — | — | — | Fixed | Fixed |