Search CVE reports
1 – 10 of 10 results
CVE-2019-14898
Medium priorityThe fix for CVE-2019-11599, affecting the Linux kernel before 5.0.10 was not complete. A local user could use this flaw to obtain sensitive information, cause a denial of service, or possibly have other unspecified impacts by...
24 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Not affected |
linux-aws | — | — | — | Not affected | Not affected |
linux-aws-5.0 | — | — | — | Not affected | Not in release |
linux-aws-hwe | — | — | — | Not in release | Not affected |
linux-azure | — | — | — | Not affected | Not affected |
linux-azure-edge | — | — | — | Not affected | Ignored |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gcp-5.3 | — | — | — | Not affected | Not in release |
linux-gcp-edge | — | — | — | Not affected | Not in release |
linux-gke-4.15 | — | — | — | Not affected | Not in release |
linux-gke-5.0 | — | — | — | Not affected | Not in release |
linux-hwe | — | — | — | Not affected | Not affected |
linux-hwe-edge | — | — | — | Ignored | Not affected |
linux-kvm | — | — | — | Not affected | Not affected |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Ignored |
linux-oem-5.4 | — | — | — | Not in release | Not in release |
linux-oem-osp1 | — | — | — | Not affected | Not in release |
linux-oracle | — | — | — | Not affected | Not affected |
linux-oracle-5.0 | — | — | — | Not affected | Not in release |
linux-raspi2 | — | — | — | Not affected | Not affected |
linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2020-8832
Medium prioritySome fixes available 13 of 20
The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 (“The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.”) was discovered to be incomplete, meaning...
27 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Fixed | Not affected |
linux-aws | — | — | — | Fixed | Not affected |
linux-aws-5.0 | — | — | — | Ignored | Not in release |
linux-aws-hwe | — | — | — | Not in release | Fixed |
linux-azure | — | — | — | Ignored | Fixed |
linux-azure-5.3 | — | — | — | Not affected | Not in release |
linux-azure-edge | — | — | — | Ignored | Ignored |
linux-gcp | — | — | — | Not affected | Fixed |
linux-gcp-5.3 | — | — | — | Not affected | Not in release |
linux-gcp-edge | — | — | — | Ignored | Not in release |
linux-gke-4.15 | — | — | — | Fixed | Not in release |
linux-gke-5.0 | — | — | — | Not affected | Not in release |
linux-gke-5.3 | — | — | — | Not affected | Not in release |
linux-hwe | — | — | — | Not affected | Fixed |
linux-hwe-edge | — | — | — | Ignored | Ignored |
linux-kvm | — | — | — | Fixed | Not affected |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Fixed | Ignored |
linux-oem-5.4 | — | — | — | Not in release | Not in release |
linux-oem-osp1 | — | — | — | Not affected | Not in release |
linux-oracle | — | — | — | Fixed | Fixed |
linux-oracle-5.0 | — | — | — | Not affected | Not in release |
linux-oracle-5.3 | — | — | — | Not affected | Not in release |
linux-raspi2 | — | — | — | Not affected | Not affected |
linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2020-0030
Medium priorityIn binder_thread_release of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...
26 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Not affected |
linux-aws | — | — | — | Not affected | Not affected |
linux-aws-5.0 | — | — | — | Not affected | Not in release |
linux-aws-hwe | — | — | — | Not in release | Not affected |
linux-azure | — | — | — | Not affected | Not affected |
linux-azure-5.3 | — | — | — | Not affected | Not in release |
linux-azure-edge | — | — | — | Ignored | Ignored |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gcp-5.3 | — | — | — | Not affected | Not in release |
linux-gcp-edge | — | — | — | Ignored | Not in release |
linux-gke-4.15 | — | — | — | Not affected | Not in release |
linux-gke-5.0 | — | — | — | Not affected | Not in release |
linux-gke-5.3 | — | — | — | Not affected | Not in release |
linux-hwe | — | — | — | Not affected | Not affected |
linux-hwe-edge | — | — | — | Ignored | Ignored |
linux-kvm | — | — | — | Not affected | Not affected |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Ignored |
linux-oem-5.4 | — | — | — | Not in release | Not in release |
linux-oem-osp1 | — | — | — | Not affected | Not in release |
linux-oracle | — | — | — | Not affected | Not affected |
linux-oracle-5.0 | — | — | — | Not affected | Not in release |
linux-raspi2 | — | — | — | Not affected | Not affected |
linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2019-20427
Low priorityIn the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic, and possibly remote code execution, due to the lack of validation for specific fields of packets sent by a client. Interaction between...
26 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Not affected |
linux-aws | — | — | — | Not affected | Not affected |
linux-aws-5.0 | — | — | — | Not affected | Not in release |
linux-aws-hwe | — | — | — | Not in release | Not affected |
linux-azure | — | — | — | Not affected | Not affected |
linux-azure-5.3 | — | — | — | Not affected | Not in release |
linux-azure-edge | — | — | — | Ignored | Ignored |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gcp-5.3 | — | — | — | Not affected | Not in release |
linux-gcp-edge | — | — | — | Ignored | Not in release |
linux-gke-4.15 | — | — | — | Not affected | Not in release |
linux-gke-5.0 | — | — | — | Not affected | Not in release |
linux-gke-5.3 | — | — | — | Not affected | Not in release |
linux-hwe | — | — | — | Not affected | Not affected |
linux-hwe-edge | — | — | — | Ignored | Ignored |
linux-kvm | — | — | — | Not affected | Not affected |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Ignored |
linux-oem-5.4 | — | — | — | Not in release | Not in release |
linux-oem-osp1 | — | — | — | Not affected | Not in release |
linux-oracle | — | — | — | Not affected | Not affected |
linux-oracle-5.0 | — | — | — | Not affected | Not in release |
linux-raspi2 | — | — | — | Not affected | Not affected |
linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2019-20426
Low priorityIn the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlm_cancel_hpreq_check, there is no...
26 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Not affected |
linux-aws | — | — | — | Not affected | Not affected |
linux-aws-5.0 | — | — | — | Not affected | Not in release |
linux-aws-hwe | — | — | — | Not in release | Not affected |
linux-azure | — | — | — | Not affected | Not affected |
linux-azure-5.3 | — | — | — | Not affected | Not in release |
linux-azure-edge | — | — | — | Ignored | Ignored |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gcp-5.3 | — | — | — | Not affected | Not in release |
linux-gcp-edge | — | — | — | Ignored | Not in release |
linux-gke-4.15 | — | — | — | Not affected | Not in release |
linux-gke-5.0 | — | — | — | Not affected | Not in release |
linux-gke-5.3 | — | — | — | Not affected | Not in release |
linux-hwe | — | — | — | Not affected | Not affected |
linux-hwe-edge | — | — | — | Ignored | Ignored |
linux-kvm | — | — | — | Not affected | Not affected |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Ignored |
linux-oem-5.4 | — | — | — | Not in release | Not in release |
linux-oem-osp1 | — | — | — | Not affected | Not in release |
linux-oracle | — | — | — | Not affected | Not affected |
linux-oracle-5.0 | — | — | — | Not affected | Not in release |
linux-raspi2 | — | — | — | Not affected | Not affected |
linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2019-20423
Medium priorityIn the Lustre file system before 2.12.3, the ptlrpc module has a buffer overflow and panic due to the lack of validation for specific fields of packets sent by a client. The function target_handle_connect() mishandles a certain...
26 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Not affected |
linux-aws | — | — | — | Not affected | Not affected |
linux-aws-5.0 | — | — | — | Not affected | Not in release |
linux-aws-hwe | — | — | — | Not in release | Not affected |
linux-azure | — | — | — | Not affected | Not affected |
linux-azure-5.3 | — | — | — | Not affected | Not in release |
linux-azure-edge | — | — | — | Ignored | Ignored |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gcp-5.3 | — | — | — | Not affected | Not in release |
linux-gcp-edge | — | — | — | Ignored | Not in release |
linux-gke-4.15 | — | — | — | Not affected | Not in release |
linux-gke-5.0 | — | — | — | Not affected | Not in release |
linux-gke-5.3 | — | — | — | Not affected | Not in release |
linux-hwe | — | — | — | Not affected | Not affected |
linux-hwe-edge | — | — | — | Ignored | Ignored |
linux-kvm | — | — | — | Not affected | Not affected |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Ignored |
linux-oem-5.4 | — | — | — | Not in release | Not in release |
linux-oem-osp1 | — | — | — | Not affected | Not in release |
linux-oracle | — | — | — | Not affected | Not affected |
linux-oracle-5.0 | — | — | — | Not affected | Not in release |
linux-raspi2 | — | — | — | Not affected | Not affected |
linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2019-19070
Low priority** DISPUTED ** A memory leak in the spi_gpio_probe() function in drivers/spi/spi-gpio.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering devm_add_action_or_reset()...
26 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Not affected |
linux-aws | — | — | — | Not affected | Not affected |
linux-aws-5.0 | — | — | — | Not affected | Not in release |
linux-aws-hwe | — | — | — | Not in release | Not affected |
linux-azure | — | — | — | Not affected | Not affected |
linux-azure-5.3 | — | — | — | Not affected | Not in release |
linux-azure-edge | — | — | — | Ignored | Ignored |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gcp-5.3 | — | — | — | Not affected | Not in release |
linux-gcp-edge | — | — | — | Ignored | Not in release |
linux-gke-4.15 | — | — | — | Not affected | Not in release |
linux-gke-5.0 | — | — | — | Not affected | Not in release |
linux-gke-5.3 | — | — | — | Not affected | Not in release |
linux-hwe | — | — | — | Not affected | Not affected |
linux-hwe-edge | — | — | — | Not affected | Ignored |
linux-kvm | — | — | — | Not affected | Not affected |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Ignored |
linux-oem-5.4 | — | — | — | Not in release | Not in release |
linux-oem-osp1 | — | — | — | Not affected | Not in release |
linux-oracle | — | — | — | Not affected | Not affected |
linux-oracle-5.0 | — | — | — | Not affected | Not in release |
linux-raspi2 | — | — | — | Not affected | Not affected |
linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2019-18814
Medium prioritySome fixes available 2 of 9
An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in security/apparmor/audit.c.
26 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Not affected |
linux-aws | — | — | — | Not affected | Not affected |
linux-aws-5.0 | — | — | — | Not affected | Not in release |
linux-aws-hwe | — | — | — | Not in release | Not affected |
linux-azure | — | — | — | Fixed | Not affected |
linux-azure-5.3 | — | — | — | Not affected | Not in release |
linux-azure-edge | — | — | — | Ignored | Ignored |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gcp-5.3 | — | — | — | Not affected | Not in release |
linux-gcp-edge | — | — | — | Ignored | Not in release |
linux-gke-4.15 | — | — | — | Not affected | Not in release |
linux-gke-5.0 | — | — | — | Not affected | Not in release |
linux-gke-5.3 | — | — | — | Not affected | Not in release |
linux-hwe | — | — | — | Fixed | Not affected |
linux-hwe-edge | — | — | — | Not affected | Ignored |
linux-kvm | — | — | — | Not affected | Not affected |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Ignored |
linux-oem-5.4 | — | — | — | Not in release | Not in release |
linux-oem-osp1 | — | — | — | Not affected | Not in release |
linux-oracle | — | — | — | Not affected | Not affected |
linux-oracle-5.0 | — | — | — | Not affected | Not in release |
linux-raspi2 | — | — | — | Not affected | Not affected |
linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2019-15920
Medium prioritySome fixes available 10 of 14
An issue was discovered in the Linux kernel before 5.0.10. SMB2_read in fs/cifs/smb2pdu.c has a use-after-free. NOTE: this was not fixed correctly in 5.0.10; see the 5.0.11 ChangeLog, which documents a memory leak.
25 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Not affected |
linux-aws | — | — | — | Not affected | Not affected |
linux-aws-5.0 | — | — | — | Not affected | Not in release |
linux-aws-hwe | — | — | — | Not in release | Not affected |
linux-azure | — | — | — | Fixed | Not affected |
linux-azure-5.3 | — | — | — | Not affected | Not in release |
linux-azure-edge | — | — | — | Fixed | Not affected |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gcp-5.3 | — | — | — | Not affected | Not in release |
linux-gcp-edge | — | — | — | Not affected | Not in release |
linux-gke-4.15 | — | — | — | Not affected | Not in release |
linux-gke-5.0 | — | — | — | Not affected | Not in release |
linux-hwe | — | — | — | Fixed | Not affected |
linux-hwe-edge | — | — | — | Ignored | Not affected |
linux-kvm | — | — | — | Not affected | Not affected |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Ignored |
linux-oem-5.4 | — | — | — | Not in release | Not in release |
linux-oem-osp1 | — | — | — | Fixed | Not in release |
linux-oracle | — | — | — | Not affected | Not affected |
linux-oracle-5.0 | — | — | — | Not affected | Not in release |
linux-raspi2 | — | — | — | Not affected | Not affected |
linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2019-15919
Medium prioritySome fixes available 10 of 14
An issue was discovered in the Linux kernel before 5.0.10. SMB2_write in fs/cifs/smb2pdu.c has a use-after-free.
25 affected packages
linux, linux-aws, linux-aws-5.0, linux-aws-hwe, linux-azure...
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
linux | — | — | — | Not affected | Not affected |
linux-aws | — | — | — | Not affected | Not affected |
linux-aws-5.0 | — | — | — | Not affected | Not in release |
linux-aws-hwe | — | — | — | Not in release | Not affected |
linux-azure | — | — | — | Fixed | Not affected |
linux-azure-5.3 | — | — | — | Not affected | Not in release |
linux-azure-edge | — | — | — | Fixed | Not affected |
linux-gcp | — | — | — | Not affected | Not affected |
linux-gcp-5.3 | — | — | — | Not affected | Not in release |
linux-gcp-edge | — | — | — | Not affected | Not in release |
linux-gke-4.15 | — | — | — | Not affected | Not in release |
linux-gke-5.0 | — | — | — | Not affected | Not in release |
linux-hwe | — | — | — | Fixed | Not affected |
linux-hwe-edge | — | — | — | Ignored | Not affected |
linux-kvm | — | — | — | Not affected | Not affected |
linux-lts-trusty | — | — | — | Not in release | Not in release |
linux-lts-xenial | — | — | — | Not in release | Not in release |
linux-oem | — | — | — | Not affected | Ignored |
linux-oem-5.4 | — | — | — | Not in release | Not in release |
linux-oem-osp1 | — | — | — | Fixed | Not in release |
linux-oracle | — | — | — | Not affected | Not affected |
linux-oracle-5.0 | — | — | — | Not affected | Not in release |
linux-raspi2 | — | — | — | Not affected | Not affected |
linux-raspi2-5.3 | — | — | — | Not affected | Not in release |
linux-snapdragon | — | — | — | Not affected | Not affected |