Search CVE reports

1 – 10 of 1315 results

Detailed view

Sort by:

CVE-2018-7273

Negligible priority

Some fixes available 5 of 14

In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. An attacker can read...

64 affected packages

linux-ti-omap4, linux-armadaxp, linux, linux-riscv, linux-raspi...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux-ti-omap4	—	—	Not in release	Not in release
linux-armadaxp	—	—	Not in release	Not in release
linux	—	—	Not affected	Not affected
linux-riscv	—	—	Not affected	Not in release
linux-raspi	—	—	Not affected	Not in release
linux-gke-5.4	—	—	Not in release	Not affected
linux-hwe-5.8	—	—	Not affected	Not in release
linux-gkeop-5.4	—	—	Not in release	Not affected
linux-azure	—	—	Not affected	Not affected
linux-aws	—	—	Not affected	Not affected
linux-dell300x	—	—	Not in release	Not affected
linux-gkeop	—	—	Not affected	Not in release
linux-oem-5.10	—	—	Not affected	Not in release
linux-hwe-5.4	—	—	Not in release	Not affected
linux-raspi-5.4	—	—	Not in release	Not affected
linux-linaro-omap	—	—	Not in release	Not in release
linux-linaro-shared	—	—	Not in release	Not in release
linux-flo	—	—	Not in release	Not in release
linux-aws-5.4	—	—	Not in release	Not affected
linux-aws-5.0	—	—	Not in release	Not affected
linux-aws-5.3	—	—	Not in release	Not affected
linux-aws-hwe	—	—	Not in release	Not in release
linux-azure-4.15	—	—	Not in release	Not affected
linux-azure-5.3	—	—	Not in release	Not affected
linux-azure-5.4	—	—	Not in release	Not affected
linux-azure-edge	—	—	Not in release	Not affected
linux-euclid	—	—	Not in release	Not in release
linux-gcp	—	—	Not affected	Not affected
linux-gcp-4.15	—	—	Not in release	Not affected
linux-gcp-5.3	—	—	Not in release	Not affected
linux-gcp-5.4	—	—	Not in release	Not affected
linux-gcp-edge	—	—	Not in release	Not affected
linux-gke	—	—	Not affected	Not in release
linux-gke-4.15	—	—	Not in release	Not affected
linux-gke-5.0	—	—	Not in release	Not affected
linux-gke-5.3	—	—	Not in release	Not affected
linux-goldfish	—	—	Not in release	Not in release
linux-grouper	—	—	Not in release	Not in release
linux-hwe	—	—	Not in release	Not affected
linux-hwe-edge	—	—	Not in release	Not affected
linux-kvm	—	—	Not affected	Not affected
linux-linaro-vexpress	—	—	Not in release	Not in release
linux-lts-quantal	—	—	Not in release	Not in release
linux-lts-raring	—	—	Not in release	Not in release
linux-lts-saucy	—	—	Not in release	Not in release
linux-lts-trusty	—	—	Not in release	Not in release
linux-lts-utopic	—	—	Not in release	Not in release
linux-lts-vivid	—	—	Not in release	Not in release
linux-lts-wily	—	—	Not in release	Not in release
linux-lts-xenial	—	—	Not in release	Not in release
linux-maguro	—	—	Not in release	Not in release
linux-mako	—	—	Not in release	Not in release
linux-manta	—	—	Not in release	Not in release
linux-oem	—	—	Not in release	Not affected
linux-oem-5.6	—	—	Not affected	Not in release
linux-oem-osp1	—	—	Not in release	Not affected
linux-oracle	—	—	Not affected	Not affected
linux-oracle-5.0	—	—	Not in release	Not affected
linux-oracle-5.3	—	—	Not in release	Not affected
linux-oracle-5.4	—	—	Not in release	Not affected
linux-qcm-msm	—	—	Not in release	Not in release
linux-raspi2	—	—	Ignored	Not affected
linux-raspi2-5.3	—	—	Not in release	Not affected
linux-snapdragon	—	—	Not in release	Fixed

CVE-2018-5703

Medium priority

Some fixes available 4 of 6

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via vectors involving TLS.

33 affected packages

linux, linux-armadaxp, linux-aws, linux-flo, linux-goldfish...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	Not affected
linux-armadaxp	—	—	—	Not in release
linux-aws	—	—	—	Not affected
linux-flo	—	—	—	Not in release
linux-goldfish	—	—	—	Not in release
linux-azure	—	—	—	Not affected
linux-azure-edge	—	—	—	Not affected
linux-euclid	—	—	—	Not in release
linux-gcp	—	—	—	Not affected
linux-gke	—	—	—	Not in release
linux-hwe	—	—	—	Not affected
linux-hwe-edge	—	—	—	Not affected
linux-linaro-omap	—	—	—	Not in release
linux-linaro-shared	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	Not in release
linux-qcm-msm	—	—	—	Not in release
linux-ti-omap4	—	—	—	Not in release
linux-grouper	—	—	—	Not in release
linux-kvm	—	—	—	Not affected
linux-lts-quantal	—	—	—	Not in release
linux-lts-raring	—	—	—	Not in release
linux-lts-saucy	—	—	—	Not in release
linux-lts-trusty	—	—	—	Not in release
linux-lts-utopic	—	—	—	Not in release
linux-lts-vivid	—	—	—	Not in release
linux-lts-wily	—	—	—	Not in release
linux-lts-xenial	—	—	—	Not in release
linux-maguro	—	—	—	Not in release
linux-mako	—	—	—	Not in release
linux-manta	—	—	—	Not in release
linux-oem	—	—	—	Not affected
linux-raspi2	—	—	—	Not affected
linux-snapdragon	—	—	—	Not affected

CVE-2018-1000028

Medium priority

Not affected

Linux kernel version after commit bdcf0a423ea1 - 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+ contains a Incorrect Access Control vulnerability in NFS server (nfsd) that can result in remote users reading or writing files they should not...

32 affected packages

linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-aws	—	—	—	—
linux-azure	—	—	—	—
linux-euclid	—	—	—	—
linux-flo	—	—	—	—
linux-gcp	—	—	—	—
linux-gke	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-kvm	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-oem	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—
linux-ti-omap4	—	—	—	—

CVE-2017-9712

Medium priority

Not affected

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, if userspace provides a too-large IE length in wlan_hdd_cfg80211_set_ie, a buffer over-read occurs.

32 affected packages

linux, linux-linaro-omap, linux-linaro-shared, linux-linaro-vexpress, linux-qcm-msm...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-ti-omap4	—	—	—	—
linux-armadaxp	—	—	—	—
linux-aws	—	—	—	—
linux-azure	—	—	—	—
linux-euclid	—	—	—	—
linux-flo	—	—	—	—
linux-gcp	—	—	—	—
linux-gke	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-kvm	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-oem	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—

CVE-2017-9689

Medium priority

Not affected

In Android for MSM, Firefox OS for MSM, QRD Android, with all Android releases from CAF using the Linux kernel, a specially-crafted HDMI CEC message can be used to cause stack memory corruption.

32 affected packages

linux-aws, linux-azure, linux-flo, linux-gcp, linux-gke...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux-aws	—	—	—	—
linux-azure	—	—	—	—
linux-flo	—	—	—	—
linux-gcp	—	—	—	—
linux-gke	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—
linux-euclid	—	—	—	—
linux-kvm	—	—	—	—
linux-oem	—	—	—	—
linux	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-ti-omap4	—	—	—	—
linux-armadaxp	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—

CVE-2017-8831

Low priority

Some fixes available 13 of 35

The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by...

86 affected packages

linux, linux-armadaxp, linux-goldfish, linux-grouper, linux-linaro-omap...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	Not affected	Not affected	Not affected	Not affected
linux-armadaxp	—	—	—	Not in release
linux-goldfish	—	—	—	Not in release
linux-grouper	—	—	—	Not in release
linux-linaro-omap	—	—	—	Not in release
linux-linaro-shared	—	—	—	Not in release
linux-aws	Not affected	Not affected	Not affected	Not affected
linux-azure	Not affected	Not affected	Not affected	Not affected
linux-azure-edge	Not in release	Not in release	Not in release	Not affected
linux-euclid	—	—	—	Not in release
linux-flo	—	—	—	Not in release
linux-gcp	Not affected	Not affected	Not affected	Not affected
linux-gke	Not affected	Not affected	Ignored	Not in release
linux-hwe	Not in release	Not in release	Not in release	Not affected
linux-kvm	Not in release	Not affected	Not affected	Not affected
linux-lts-utopic	—	—	—	Not in release
linux-lts-vivid	—	—	—	Not in release
linux-lts-wily	—	—	—	Not in release
linux-hwe-edge	Not in release	Not in release	Not in release	Not affected
linux-linaro-vexpress	—	—	—	Not in release
linux-lts-quantal	—	—	—	Not in release
linux-lts-raring	—	—	—	Not in release
linux-lts-saucy	—	—	—	Not in release
linux-lts-trusty	—	—	—	Not in release
linux-lts-xenial	Not in release	Not in release	Not in release	Not in release
linux-maguro	—	—	—	Not in release
linux-mako	—	—	—	Not in release
linux-manta	—	—	—	Not in release
linux-oem	Not in release	Not in release	Not in release	Not affected
linux-qcm-msm	—	—	—	Not in release
linux-raspi2	Not in release	Not in release	Ignored	Not affected
linux-snapdragon	Not in release	Not in release	Not in release	Not affected
linux-ti-omap4	—	—	—	Not in release
linux-hwe-5.4	Not in release	Not in release	Not in release	Not affected
linux-hwe-5.15	Not in release	Not in release	Not affected	Not in release
linux-hwe-6.8	Not in release	Not affected	Not in release	Not in release
linux-aws-5.4	Not in release	Not in release	Not in release	Not affected
linux-aws-5.15	Not in release	Not in release	Not affected	Not in release
linux-aws-hwe	Not in release	Not in release	Not in release	Not in release
linux-azure-4.15	Not in release	Not in release	Not in release	Not affected
linux-azure-5.4	Not in release	Not in release	Not in release	Not affected
linux-azure-5.15	Not in release	Not in release	Not affected	Not in release
linux-azure-fde	Not in release	Not affected	Ignored	Not in release
linux-azure-fde-5.15	Not in release	Not in release	Not affected	Not in release
linux-bluefield	Not in release	Not in release	Not affected	Not in release
linux-fips	Not in release	Not affected	Not affected	Not affected
linux-aws-fips	Not in release	Not affected	Not affected	Not affected
linux-azure-fips	Not in release	Not affected	Not affected	Not affected
linux-gcp-fips	Not in release	Not affected	Not affected	Not affected
linux-gcp-4.15	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.4	Not in release	Not in release	Not in release	Not affected
linux-gcp-5.15	Not in release	Not in release	Not affected	Not in release
linux-gkeop	Not affected	Not affected	Not affected	Not in release
linux-gkeop-5.15	Not in release	Not in release	Not affected	Not in release
linux-ibm	Not affected	Not affected	Not affected	Not in release
linux-ibm-5.4	Not in release	Not in release	Not in release	Not affected
linux-ibm-5.15	Not in release	Not in release	Not affected	Not in release
linux-intel	Not affected	Not in release	Not in release	Not in release
linux-intel-iotg	Not in release	Not affected	Not in release	Not in release
linux-intel-iotg-5.15	Not in release	Not in release	Not affected	Not in release
linux-iot	Not in release	Not in release	Not affected	Not in release
linux-intel-iot-realtime	Not in release	Not affected	Not in release	Not in release
linux-lowlatency	Not affected	Not affected	Not in release	Not in release
linux-lowlatency-hwe-5.15	Not in release	Not in release	Not affected	Not in release
linux-lowlatency-hwe-6.8	Not in release	Not affected	Not in release	Not in release
linux-nvidia	Not affected	Not affected	Not in release	Not in release
linux-nvidia-6.5	Not in release	Not affected	Not in release	Not in release
linux-nvidia-6.8	Not in release	Not affected	Not in release	Not in release
linux-nvidia-lowlatency	Not affected	Not in release	Not in release	Not in release
linux-oracle	Not affected	Not affected	Not affected	Not affected
linux-oracle-5.4	Not in release	Not in release	Not in release	Not affected
linux-oracle-5.15	Not in release	Not in release	Not affected	Not in release
linux-oem-6.8	Not affected	Not in release	Not in release	Not in release
linux-raspi	Not affected	Not affected	Not affected	Not in release
linux-raspi-5.4	Not in release	Not in release	Not in release	Not affected
linux-raspi-realtime	Not affected	Not in release	Not in release	Not in release
linux-realtime	Not affected	Not affected	Not in release	Not in release
linux-riscv	Not affected	Ignored	Ignored	Not in release
linux-riscv-5.15	Not in release	Not in release	Not affected	Not in release
linux-riscv-6.8	Not in release	Not affected	Not in release	Not in release
linux-xilinx-zynqmp	Not in release	Not affected	Not affected	Not in release
linux-aws-6.8	Not in release	Not affected	Not in release	Not in release
linux-gcp-6.8	Not in release	Not affected	Not in release	Not in release
linux-oracle-6.8	Not in release	Not affected	Not in release	Not in release
linux-azure-6.8	Not in release	Not affected	Not in release	Not in release
linux-oem-6.11	Not affected	Not in release	Not in release	Not in release

CVE-2017-8241

Low priority

Ignored

In all Android releases from CAF using the Linux kernel, a buffer overflow vulnerability exists in a WLAN function due to an incorrect message length.

29 affected packages

linux, linux-armadaxp, linux-aws, linux-azure, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-aws	—	—	—	—
linux-azure	—	—	—	—
linux-flo	—	—	—	—
linux-gke	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—
linux-ti-omap4	—	—	—	—
linux-joule	—	—	—	—

CVE-2017-8106

Medium priority

Some fixes available 1 of 16

The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT...

32 affected packages

linux, linux-armadaxp, linux-flo, linux-goldfish, linux-grouper...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-flo	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-aws	—	—	—	—
linux-azure	—	—	—	—
linux-euclid	—	—	—	—
linux-gcp	—	—	—	—
linux-gke	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-kvm	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-oem	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-ti-omap4	—	—	—	—

CVE-2017-8072

Medium priority

Ignored

The cp2112_gpio_direction_input function in drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 does not have the expected EIO error status for a zero-length report, which allows local users to have an...

27 affected packages

linux, linux-armadaxp, linux-flo, linux-goldfish, linux-grouper...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-flo	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-raspi2	—	—	—	—
linux-ti-omap4	—	—	—	—
linux-aws	—	—	—	—
linux-gke	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-snapdragon	—	—	—	—

CVE-2017-8071

Medium priority

Ignored

drivers/hid/hid-cp2112.c in the Linux kernel 4.9.x before 4.9.9 uses a spinlock without considering that sleeping is possible in a USB HID request callback, which allows local users to cause a denial of service (deadlock) via...

27 affected packages

linux, linux-armadaxp, linux-goldfish, linux-grouper, linux-linaro-omap...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-ti-omap4	—	—	—	—
linux-aws	—	—	—	—
linux-flo	—	—	—	—
linux-gke	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—

Export to JSON

Results by page: