Search CVE reports
41481 – 41490 of 68840 results
libxml2, as used in Red Hat JBoss Core Services, allows context-dependent attackers to cause a denial of service (out-of-bounds read and application crash) via a crafted XML document. NOTE: this vulnerability exists because of a...
1 affected package
libxml2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libxml2 | — | — | — | — | — |
libxml2, as used in Red Hat JBoss Core Services and when in recovery mode, allows context-dependent attackers to cause a denial of service (stack consumption) via a crafted XML document. NOTE: this vulnerability exists because of...
1 affected package
libxml2
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libxml2 | — | — | — | — | — |
Some fixes available 16 of 17
When reading a specially crafted ZIP archive, the read method of Apache Commons Compress 1.7 to 1.17's ZipArchiveInputStream can fail to return the correct EOF indication after the end of the stream has been reached. When combined...
1 affected package
libcommons-compress-java
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libcommons-compress-java | Fixed | Fixed | Fixed | Fixed | Vulnerable |
Some fixes available 2 of 4
An out-of-bounds read issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `_ykpiv_fetch_object()`: {% highlight c %} if(sw == SW_SUCCESS) { size_t outlen;...
1 affected package
yubico-piv-tool
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| yubico-piv-tool | — | — | Not affected | Not affected | Fixed |
Some fixes available 2 of 4
A buffer overflow issue was discovered in the Yubico-Piv 1.5.0 smartcard driver. The file lib/ykpiv.c contains the following code in the function `ykpiv_transfer_data()`: {% highlight c %} if(*out_len + recv_len - 2 > max_out) {...
1 affected package
yubico-piv-tool
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| yubico-piv-tool | — | — | Not affected | Not affected | Fixed |
An issue was discovered in evaluate_auto_mountpoint in btrfsmaintenance-functions in btrfsmaintenance through 0.4.1. Code execution as root can occur via a specially crafted filesystem label if btrfs-{scrub,balance,trim} are set...
1 affected package
btrfsmaintenance
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| btrfsmaintenance | Needs evaluation | Needs evaluation | Needs evaluation | Ignored | Not in release |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
1 affected package
zabbix
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| zabbix | — | — | — | — | Not affected |
Some fixes available 3 of 5
libcgroup up to and including 0.41 creates /var/log/cgred with mode 0666 regardless of the configured umask, leading to disclosure of information.
1 affected package
libcgroup
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| libcgroup | — | — | Not affected | Not affected | Fixed |
Some fixes available 21 of 23
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via...
79 affected packages
linux-aws, linux-flo, linux-goldfish, linux-grouper, linux-hwe...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| linux-aws | — | Not affected | Not affected | Not affected | Fixed |
| linux-flo | — | — | — | — | Not in release |
| linux-goldfish | — | — | — | — | Not in release |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | Not in release | Not in release | Not in release | Not affected |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-aws-hwe | — | Not in release | Not in release | Not in release | Not in release |
| linux-azure | — | Not affected | Not affected | Not affected | Fixed |
| linux-azure-edge | — | Not in release | Not in release | Not in release | Fixed |
| linux-euclid | — | — | — | — | Not in release |
| linux-gcp | — | Not affected | Not affected | Not affected | Fixed |
| linux-gcp-edge | — | — | — | — | Not affected |
| linux-gke | — | Not affected | Not affected | Ignored | Not in release |
| linux-hwe-edge | — | Not in release | Not in release | Not in release | Not affected |
| linux-kvm | — | Not in release | Not affected | Not affected | Fixed |
| linux-oem | — | Not in release | Not in release | Not in release | Fixed |
| linux-oracle | — | Not affected | Not affected | Not affected | Not affected |
| intel-microcode | — | Not affected | Not affected | Not affected | Fixed |
| linux | — | Not affected | Not affected | Not affected | Fixed |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not in release |
| linux-manta | — | — | — | — | Not in release |
| linux-raspi2 | — | Not in release | Not in release | Ignored | Not affected |
| linux-snapdragon | — | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-aws-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-azure-4.15 | — | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | — | Not affected | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-bluefield | — | Not in release | Not in release | Not affected | Not in release |
| linux-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-aws-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | — | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | — | Not affected | Not affected | Not affected | Not in release |
| linux-gkeop-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-ibm | — | Not affected | Not affected | Not affected | Not in release |
| linux-ibm-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-intel | — | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg | — | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-iot | — | Not in release | Not in release | Not affected | Not in release |
| linux-intel-iot-realtime | — | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency | — | Not affected | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia | — | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-6.5 | — | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-lowlatency | — | Not affected | Not in release | Not in release | Not in release |
| linux-oracle-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-oem-6.8 | — | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | — | Not affected | Not affected | Not affected | Not in release |
| linux-raspi-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | — | Not affected | Not in release | Not in release | Not in release |
| linux-realtime | — | Not affected | Not affected | Not in release | Not in release |
| linux-riscv | — | Not affected | Ignored | Ignored | Not in release |
| linux-riscv-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-xilinx-zynqmp | — | Not in release | Not affected | Not affected | Not in release |
| linux-aws-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-azure-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.11 | — | Not affected | Not in release | Not in release | Not in release |
Some fixes available 18 of 20
Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault...
78 affected packages
linux, linux-flo, linux-aws, linux-aws-hwe, linux-azure...
| Package | 26.04 LTS | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|---|
| linux | — | Not affected | Not affected | Not affected | Fixed |
| linux-flo | — | — | — | — | Not in release |
| linux-aws | — | Not affected | Not affected | Not affected | Fixed |
| linux-aws-hwe | — | Not in release | Not in release | Not in release | Not in release |
| linux-azure | — | Not affected | Not affected | Not affected | Fixed |
| linux-azure-edge | — | Not in release | Not in release | Not in release | Fixed |
| linux-euclid | — | — | — | — | Not in release |
| linux-gcp | — | Not affected | Not affected | Not affected | Fixed |
| linux-gke | — | Not affected | Not affected | Ignored | Not in release |
| linux-gcp-edge | — | — | — | — | Not affected |
| linux-goldfish | — | — | — | — | Not in release |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-edge | — | Not in release | Not in release | Not in release | Not affected |
| linux-kvm | — | Not in release | Not affected | Not affected | Fixed |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not in release |
| linux-manta | — | — | — | — | Not in release |
| linux-oem | — | Not in release | Not in release | Not in release | Fixed |
| linux-oracle | — | Not affected | Not affected | Not affected | Not affected |
| linux-raspi2 | — | Not in release | Not in release | Ignored | Not affected |
| linux-snapdragon | — | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-aws-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-azure-4.15 | — | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | — | Not affected | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-bluefield | — | Not in release | Not in release | Not affected | Not in release |
| linux-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-aws-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-fips | — | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | — | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | — | Not affected | Not affected | Not affected | Not in release |
| linux-gkeop-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-ibm | — | Not affected | Not affected | Not affected | Not in release |
| linux-ibm-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-intel | — | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg | — | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-iot | — | Not in release | Not in release | Not affected | Not in release |
| linux-intel-iot-realtime | — | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency | — | Not affected | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia | — | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-6.5 | — | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-lowlatency | — | Not affected | Not in release | Not in release | Not in release |
| linux-oracle-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-oem-6.8 | — | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | — | Not affected | Not affected | Not affected | Not in release |
| linux-raspi-5.4 | — | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | — | Not affected | Not in release | Not in release | Not in release |
| linux-realtime | — | Not affected | Not affected | Not in release | Not in release |
| linux-riscv | — | Not affected | Ignored | Ignored | Not in release |
| linux-riscv-5.15 | — | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-xilinx-zynqmp | — | Not in release | Not affected | Not affected | Not in release |
| linux-aws-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-azure-6.8 | — | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.11 | — | Not affected | Not in release | Not in release | Not in release |