Search CVE reports
11 – 20 of 726 results
CVE-2015-2877
Low priority** DISPUTED ** Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS...
36 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-azure-edge...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Ignored | Ignored |
linux-armadaxp | — | — | — | Not in release | Not in release |
linux-aws | — | — | — | Ignored | Ignored |
linux-azure | — | — | — | Ignored | Ignored |
linux-azure-edge | — | — | — | Ignored | Ignored |
linux-ec2 | — | — | — | Not in release | Not in release |
linux-euclid | — | — | — | Not in release | Ignored |
linux-flo | — | — | — | Not in release | Ignored |
linux-fsl-imx51 | — | — | — | Not in release | Not in release |
linux-gcp | — | — | — | Ignored | Ignored |
linux-gke | — | — | — | Not in release | Ignored |
linux-goldfish | — | — | — | Not in release | Ignored |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Ignored | Ignored |
linux-hwe-edge | — | — | — | Ignored | Ignored |
linux-kvm | — | — | — | Ignored | Ignored |
linux-linaro-omap | — | — | — | Not in release | Not in release |
linux-linaro-shared | — | — | — | Not in release | Not in release |
linux-linaro-vexpress | — | — | — | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Ignored |
linux-manta | — | — | — | Not in release | Not in release |
linux-mvl-dove | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Ignored | Ignored |
linux-qcm-msm | — | — | — | Not in release | Not in release |
linux-raspi2 | — | — | — | Ignored | Ignored |
linux-snapdragon | — | — | — | Ignored | Ignored |
linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2015-8324
Low priorityThe ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference...
31 affected packages
linux, linux-2.6, linux-armadaxp, linux-aws, linux-ec2...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Not affected |
linux-2.6 | — | — | — | — | Not in release |
linux-armadaxp | — | — | — | — | Not in release |
linux-aws | — | — | — | — | Not affected |
linux-ec2 | — | — | — | — | Not in release |
linux-flo | — | — | — | — | Not affected |
linux-fsl-imx51 | — | — | — | — | Not in release |
linux-gke | — | — | — | — | Not affected |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-hwe | — | — | — | — | Not affected |
linux-hwe-edge | — | — | — | — | Not affected |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Not affected |
linux-manta | — | — | — | — | Not in release |
linux-mvl-dove | — | — | — | — | Not in release |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Not affected |
linux-snapdragon | — | — | — | — | Not affected |
linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2015-8019
Medium prioritySome fixes available 1 of 8
The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly...
38 affected packages
linux, linux-armadaxp, linux-aws, linux-aws-hwe, linux-azure...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Not affected |
linux-armadaxp | — | — | — | Not in release | Not in release |
linux-aws | — | — | — | Not affected | Not affected |
linux-aws-hwe | — | — | — | Not in release | Not affected |
linux-azure | — | — | — | Not affected | Not affected |
linux-azure-edge | — | — | — | Not affected | Not affected |
linux-ec2 | — | — | — | Not in release | Not in release |
linux-euclid | — | — | — | Not in release | Not affected |
linux-flo | — | — | — | Not in release | Not affected |
linux-fsl-imx51 | — | — | — | Not in release | Not in release |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gcp-edge | — | — | — | Not affected | Not in release |
linux-gke | — | — | — | Not in release | Not affected |
linux-goldfish | — | — | — | Not in release | Not affected |
linux-grouper | — | — | — | Not in release | Not in release |
linux-hwe | — | — | — | Not affected | Not affected |
linux-hwe-edge | — | — | — | Not affected | Not affected |
linux-kvm | — | — | — | Not affected | Not affected |
linux-linaro-omap | — | — | — | Not in release | Not in release |
linux-linaro-shared | — | — | — | Not in release | Not in release |
linux-linaro-vexpress | — | — | — | Not in release | Not in release |
linux-lts-quantal | — | — | — | Not in release | Not in release |
linux-lts-raring | — | — | — | Not in release | Not in release |
linux-lts-saucy | — | — | — | Not in release | Not in release |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-utopic | — | — | — | Not in release | Not in release |
linux-lts-vivid | — | — | — | Not in release | Not in release |
linux-lts-wily | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-maguro | — | — | — | Not in release | Not in release |
linux-mako | — | — | — | Not in release | Not affected |
linux-manta | — | — | — | Not in release | Not in release |
linux-mvl-dove | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Ignored |
linux-qcm-msm | — | — | — | Not in release | Not in release |
linux-raspi2 | — | — | — | Not affected | Not affected |
linux-snapdragon | — | — | — | Not affected | Not affected |
linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2015-4178
Medium priorityThe fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by...
31 affected packages
linux, linux-2.6, linux-armadaxp, linux-aws, linux-ec2...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Not affected |
linux-2.6 | — | — | — | — | Not in release |
linux-armadaxp | — | — | — | — | Not in release |
linux-aws | — | — | — | — | Not affected |
linux-ec2 | — | — | — | — | Not in release |
linux-flo | — | — | — | — | Not affected |
linux-fsl-imx51 | — | — | — | — | Not in release |
linux-gke | — | — | — | — | Not affected |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-hwe | — | — | — | — | Not affected |
linux-hwe-edge | — | — | — | — | Not affected |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Not affected |
linux-manta | — | — | — | — | Not in release |
linux-mvl-dove | — | — | — | — | Not in release |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Not affected |
linux-snapdragon | — | — | — | — | Not affected |
linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2015-4177
Medium priorityThe collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly consider that it may execute after a path has been unmounted, which allows local users to cause a denial of service (system crash) by...
31 affected packages
linux, linux-2.6, linux-armadaxp, linux-aws, linux-ec2...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Not affected |
linux-2.6 | — | — | — | — | Not in release |
linux-armadaxp | — | — | — | — | Not in release |
linux-aws | — | — | — | — | Not affected |
linux-ec2 | — | — | — | — | Not in release |
linux-flo | — | — | — | — | Not affected |
linux-fsl-imx51 | — | — | — | — | Not in release |
linux-gke | — | — | — | — | Not affected |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-hwe | — | — | — | — | Not affected |
linux-hwe-edge | — | — | — | — | Not affected |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Not affected |
linux-manta | — | — | — | — | Not in release |
linux-mvl-dove | — | — | — | — | Not in release |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Not affected |
linux-snapdragon | — | — | — | — | Not affected |
linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2015-4176
Medium priorityfs/namespace.c in the Linux kernel before 4.0.2 does not properly support mount connectivity, which allows local users to read arbitrary files by leveraging user-namespace root access for deletion of a file or directory.
30 affected packages
linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Not affected |
linux-armadaxp | — | — | — | — | Not in release |
linux-aws | — | — | — | — | Not affected |
linux-ec2 | — | — | — | — | Not in release |
linux-flo | — | — | — | — | Not affected |
linux-fsl-imx51 | — | — | — | — | Not in release |
linux-gke | — | — | — | — | Not affected |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-hwe | — | — | — | — | Not affected |
linux-hwe-edge | — | — | — | — | Not affected |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Not affected |
linux-manta | — | — | — | — | Not in release |
linux-mvl-dove | — | — | — | — | Not in release |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Not affected |
linux-snapdragon | — | — | — | — | Not affected |
linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2015-4170
Medium priorityRace condition in the ldsem_cmpxchg function in drivers/tty/tty_ldsem.c in the Linux kernel before 3.13-rc4-next-20131218 allows local users to cause a denial of service (ldsem_down_read and ldsem_down_write deadlock)...
31 affected packages
linux, linux-2.6, linux-armadaxp, linux-aws, linux-ec2...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | Not affected |
linux-2.6 | — | — | — | — | Not in release |
linux-armadaxp | — | — | — | — | Not in release |
linux-aws | — | — | — | — | Not affected |
linux-ec2 | — | — | — | — | Not in release |
linux-flo | — | — | — | — | Not affected |
linux-fsl-imx51 | — | — | — | — | Not in release |
linux-gke | — | — | — | — | Not affected |
linux-goldfish | — | — | — | — | Not affected |
linux-grouper | — | — | — | — | Not in release |
linux-hwe | — | — | — | — | Not affected |
linux-hwe-edge | — | — | — | — | Not affected |
linux-linaro-omap | — | — | — | — | Not in release |
linux-linaro-shared | — | — | — | — | Not in release |
linux-linaro-vexpress | — | — | — | — | Not in release |
linux-lts-quantal | — | — | — | — | Not in release |
linux-lts-raring | — | — | — | — | Not in release |
linux-lts-saucy | — | — | — | — | Not in release |
linux-lts-trusty | — | — | — | — | Not in release |
linux-lts-utopic | — | — | — | — | Not in release |
linux-lts-vivid | — | — | — | — | Not in release |
linux-lts-wily | — | — | — | — | Not in release |
linux-lts-xenial | — | — | — | — | Not in release |
linux-maguro | — | — | — | — | Not in release |
linux-mako | — | — | — | — | Not affected |
linux-manta | — | — | — | — | Not in release |
linux-mvl-dove | — | — | — | — | Not in release |
linux-qcm-msm | — | — | — | — | Not in release |
linux-raspi2 | — | — | — | — | Not affected |
linux-snapdragon | — | — | — | — | Not affected |
linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2015-2686
Medium prioritynet/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for (1) sendto and (2) recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the...
23 affected packages
linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | — |
linux-armadaxp | — | — | — | — | — |
linux-ec2 | — | — | — | — | — |
linux-flo | — | — | — | — | — |
linux-fsl-imx51 | — | — | — | — | — |
linux-goldfish | — | — | — | — | — |
linux-grouper | — | — | — | — | — |
linux-linaro-omap | — | — | — | — | — |
linux-linaro-shared | — | — | — | — | — |
linux-linaro-vexpress | — | — | — | — | — |
linux-lts-quantal | — | — | — | — | — |
linux-lts-raring | — | — | — | — | — |
linux-lts-saucy | — | — | — | — | — |
linux-lts-trusty | — | — | — | — | — |
linux-lts-utopic | — | — | — | — | — |
linux-lts-vivid | — | — | — | — | — |
linux-maguro | — | — | — | — | — |
linux-mako | — | — | — | — | — |
linux-manta | — | — | — | — | — |
linux-mvl-dove | — | — | — | — | — |
linux-qcm-msm | — | — | — | — | — |
linux-raspi2 | — | — | — | — | — |
linux-ti-omap4 | — | — | — | — | — |
CVE-2015-2672
Medium priorityThe xsave/xrstor implementation in arch/x86/include/asm/xsave.h in the Linux kernel before 3.19.2 creates certain .altinstr_replacement pointers and consequently does not provide any protection against instruction faulting, which...
23 affected packages
linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | — |
linux-armadaxp | — | — | — | — | — |
linux-ec2 | — | — | — | — | — |
linux-flo | — | — | — | — | — |
linux-fsl-imx51 | — | — | — | — | — |
linux-goldfish | — | — | — | — | — |
linux-grouper | — | — | — | — | — |
linux-linaro-omap | — | — | — | — | — |
linux-linaro-shared | — | — | — | — | — |
linux-linaro-vexpress | — | — | — | — | — |
linux-lts-quantal | — | — | — | — | — |
linux-lts-raring | — | — | — | — | — |
linux-lts-saucy | — | — | — | — | — |
linux-lts-trusty | — | — | — | — | — |
linux-lts-utopic | — | — | — | — | — |
linux-lts-vivid | — | — | — | — | — |
linux-maguro | — | — | — | — | — |
linux-mako | — | — | — | — | — |
linux-manta | — | — | — | — | — |
linux-mvl-dove | — | — | — | — | — |
linux-qcm-msm | — | — | — | — | — |
linux-raspi2 | — | — | — | — | — |
linux-ti-omap4 | — | — | — | — | — |
CVE-2015-1573
Medium priorityThe nft_flush_table function in net/netfilter/nf_tables_api.c in the Linux kernel before 3.18.5 mishandles the interaction between cross-chain jumps and ruleset flushes, which allows local users to cause a denial of...
24 affected packages
linux, linux-2.6, linux-armadaxp, linux-ec2, linux-flo...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | — | — |
linux-2.6 | — | — | — | — | — |
linux-armadaxp | — | — | — | — | — |
linux-ec2 | — | — | — | — | — |
linux-flo | — | — | — | — | — |
linux-fsl-imx51 | — | — | — | — | — |
linux-goldfish | — | — | — | — | — |
linux-grouper | — | — | — | — | — |
linux-linaro-omap | — | — | — | — | — |
linux-linaro-shared | — | — | — | — | — |
linux-linaro-vexpress | — | — | — | — | — |
linux-lts-quantal | — | — | — | — | — |
linux-lts-raring | — | — | — | — | — |
linux-lts-saucy | — | — | — | — | — |
linux-lts-trusty | — | — | — | — | — |
linux-lts-utopic | — | — | — | — | — |
linux-lts-vivid | — | — | — | — | — |
linux-maguro | — | — | — | — | — |
linux-mako | — | — | — | — | — |
linux-manta | — | — | — | — | — |
linux-mvl-dove | — | — | — | — | — |
linux-qcm-msm | — | — | — | — | — |
linux-raspi2 | — | — | — | — | — |
linux-ti-omap4 | — | — | — | — | — |