Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 1056 results


CVE-2008-2544

Medium priority
Ignored

Mounting /proc filesystem via chroot command silently mounts it in read-write mode. The user could bypass the chroot environment and gain write access to files, he would never have otherwise.

23 affected packages

linux, linux-armadaxp, linux-flo, linux-goldfish, linux-grouper...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected
linux-armadaxp Not in release
linux-flo Not affected
linux-goldfish Not affected
linux-grouper Not in release
linux-linaro-omap Not in release
linux-linaro-shared Not in release
linux-linaro-vexpress Not in release
linux-lts-quantal Not in release
linux-lts-raring Not in release
linux-lts-saucy Not in release
linux-lts-trusty Not in release
linux-lts-utopic Not in release
linux-lts-vivid Not in release
linux-lts-wily Not in release
linux-lts-xenial Not in release
linux-maguro Not in release
linux-mako Not affected
linux-manta Not in release
linux-qcm-msm Not in release
linux-raspi2 Not affected
linux-snapdragon Not affected
linux-ti-omap4 Not in release
Show all 23 packages Show less packages

CVE-2002-2438

Low priority
Ignored

firewalls might let some TCP flags combinations pass (e.g. all with RST flag set) and the OS (e.g. Linux) stack would in turn accept a TCP session it might not have accepted otherwise.

13 affected packages

linux, linux-armadaxp, linux-ec2, linux-fsl-imx51, linux-linaro-omap...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-armadaxp
linux-ec2
linux-fsl-imx51
linux-linaro-omap
linux-linaro-shared
linux-linaro-vexpress
linux-lts-backport-maverick
linux-lts-backport-natty
linux-lts-backport-oneiric
linux-mvl-dove
linux-qcm-msm
linux-ti-omap4
Show all 13 packages Show less packages

CVE-2007-3732

Medium priority
Ignored

In Linux 2.6 before 2.6.23, the TRACE_IRQS_ON function in iret_exc calls a C function without ensuring that the segments are set properly. The kernel's %fs needs to be restored before the call in TRACE_IRQS_ON and before enabling...

22 affected packages

linux, linux-armadaxp, linux-flo, linux-goldfish, linux-grouper...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected
linux-armadaxp Not in release
linux-flo Not affected
linux-goldfish Not affected
linux-grouper Not in release
linux-linaro-omap Not in release
linux-linaro-shared Not in release
linux-linaro-vexpress Not in release
linux-lts-quantal Not in release
linux-lts-raring Not in release
linux-lts-saucy Not in release
linux-lts-trusty Not in release
linux-lts-utopic Not in release
linux-lts-vivid Not in release
linux-lts-wily Not in release
linux-lts-xenial Not in release
linux-maguro Not in release
linux-mako Not affected
linux-manta Not in release
linux-qcm-msm Not in release
linux-raspi2 Not affected
linux-ti-omap4 Not in release
Show all 22 packages Show less packages

CVE-2014-8181

Low priority
Ignored

The kernel in Red Hat Enterprise Linux 7 and MRG-2 does not clear garbage data for SG_IO buffer, which may leaking sensitive information to userspace.

27 affected packages

linux, linux-armadaxp, linux-aws, linux-flo, linux-gke...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected
linux-armadaxp Not in release
linux-aws Not affected
linux-flo Not affected
linux-gke Not affected
linux-goldfish Not affected
linux-grouper Not in release
linux-hwe Not affected
linux-hwe-edge Not affected
linux-linaro-omap Not in release
linux-linaro-shared Not in release
linux-linaro-vexpress Not in release
linux-lts-quantal Not in release
linux-lts-raring Not in release
linux-lts-saucy Not in release
linux-lts-trusty Not in release
linux-lts-utopic Not in release
linux-lts-vivid Not in release
linux-lts-wily Not in release
linux-lts-xenial Not in release
linux-maguro Not in release
linux-mako Not affected
linux-manta Not in release
linux-qcm-msm Not in release
linux-raspi2 Not affected
linux-snapdragon Not affected
linux-ti-omap4 Not in release
Show all 27 packages Show less packages

CVE-2017-2634

Medium priority
Ignored

It was found that the Linux kernel's Datagram Congestion Control Protocol (DCCP) implementation before 2.6.22.17 used the IPv4-only inet_sk_rebuild_header() function for both IPv4 and IPv6 DCCP connections, which could result in...

27 affected packages

linux, linux-armadaxp, linux-aws, linux-flo, linux-gke...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected
linux-armadaxp Not in release
linux-aws Not affected
linux-flo Not affected
linux-gke Not affected
linux-goldfish Not affected
linux-grouper Not in release
linux-hwe Not affected
linux-hwe-edge Not affected
linux-linaro-omap Not in release
linux-linaro-shared Not in release
linux-linaro-vexpress Not in release
linux-lts-quantal Not in release
linux-lts-raring Not in release
linux-lts-saucy Not in release
linux-lts-trusty Not in release
linux-lts-utopic Not in release
linux-lts-vivid Not in release
linux-lts-wily Not in release
linux-lts-xenial Not in release
linux-maguro Not in release
linux-mako Not affected
linux-manta Not in release
linux-qcm-msm Not in release
linux-raspi2 Not affected
linux-snapdragon Not affected
linux-ti-omap4 Not in release
Show all 27 packages Show less packages

CVE-2015-9016

Medium priority

Some fixes available 1 of 5

In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation...

32 affected packages

linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected
linux-armadaxp Not in release Not in release
linux-aws Not affected Not affected
linux-azure Not affected Not affected
linux-euclid Not in release Not affected
linux-flo Not in release Ignored
linux-gcp Not affected Not affected
linux-gke Not in release Not affected
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not affected Not affected
linux-hwe-edge Fixed Not affected
linux-kvm Not affected Not affected
linux-linaro-omap Not in release Not in release
linux-linaro-shared Not in release Not in release
linux-linaro-vexpress Not in release Not in release
linux-lts-quantal Not in release Not in release
linux-lts-raring Not in release Not in release
linux-lts-saucy Not in release Not in release
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Not affected Not affected
linux-qcm-msm Not in release Not in release
linux-raspi2 Not affected Not affected
linux-snapdragon Not affected Not affected
linux-ti-omap4 Not in release Not in release
Show all 32 packages Show less packages

CVE-2017-18224

Medium priority

Some fixes available 4 of 10

In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of...

33 affected packages

linux, linux-armadaxp, linux-aws, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected
linux-armadaxp Not in release Not in release
linux-aws Not affected Not affected
linux-azure Not affected Fixed
linux-azure-edge Not affected Not affected
linux-euclid Not in release Ignored
linux-flo Not in release Ignored
linux-gcp Not affected Fixed
linux-gke Not in release Not affected
linux-goldfish Not in release Not affected
linux-grouper Not in release Not in release
linux-hwe Not affected Fixed
linux-hwe-edge Not affected Fixed
linux-kvm Not affected Not affected
linux-linaro-omap Not in release Not in release
linux-linaro-shared Not in release Not in release
linux-linaro-vexpress Not in release Not in release
linux-lts-quantal Not in release Not in release
linux-lts-raring Not in release Not in release
linux-lts-saucy Not in release Not in release
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Not affected Ignored
linux-qcm-msm Not in release Not in release
linux-raspi2 Not affected Not affected
linux-snapdragon Not affected Not affected
linux-ti-omap4 Not in release Not in release
Show all 33 packages Show less packages

CVE-2017-6280

Medium priority

Some fixes available 1 of 6

NVIDIA driver contains a possible out-of-bounds read vulnerability due to a leak which may lead to information disclosure. This issue is rated as moderate. Android: A-63851980.

32 affected packages

linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected
linux-armadaxp Not in release Not in release
linux-aws Not affected Not affected
linux-azure Not affected Not affected
linux-euclid Not in release Ignored
linux-flo Not in release Ignored
linux-gcp Not affected Not affected
linux-gke Not in release Ignored
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not affected Not affected
linux-hwe-edge Fixed Not affected
linux-kvm Not affected Not affected
linux-linaro-omap Not in release Not in release
linux-linaro-shared Not in release Not in release
linux-linaro-vexpress Not in release Not in release
linux-lts-quantal Not in release Not in release
linux-lts-raring Not in release Not in release
linux-lts-saucy Not in release Not in release
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Not affected Not affected
linux-qcm-msm Not in release Not in release
linux-raspi2 Not affected Not affected
linux-snapdragon Not affected Not affected
linux-ti-omap4 Not in release Not in release
Show all 32 packages Show less packages

CVE-2017-18218

Medium priority

Some fixes available 2 of 5

In drivers/net/ethernet/hisilicon/hns/hns_enet.c in the Linux kernel before 4.13, local users can cause a denial of service (use-after-free and BUG) or possibly have unspecified other impact by leveraging differences in...

32 affected packages

linux, linux-armadaxp, linux-aws, linux-azure, linux-euclid...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected
linux-armadaxp Not in release
linux-aws Not affected
linux-azure Not affected
linux-euclid Not affected
linux-flo Ignored
linux-gcp Not affected
linux-gke Not affected
linux-goldfish Not affected
linux-grouper Not in release
linux-hwe Fixed
linux-hwe-edge Fixed
linux-kvm Not affected
linux-linaro-omap Not in release
linux-linaro-shared Not in release
linux-linaro-vexpress Not in release
linux-lts-quantal Not in release
linux-lts-raring Not in release
linux-lts-saucy Not in release
linux-lts-trusty Not in release
linux-lts-utopic Not in release
linux-lts-vivid Not in release
linux-lts-wily Not in release
linux-lts-xenial Not in release
linux-maguro Not in release
linux-mako Ignored
linux-manta Not in release
linux-oem Not affected
linux-qcm-msm Not in release
linux-raspi2 Not affected
linux-snapdragon Not affected
linux-ti-omap4 Not in release
Show all 32 packages Show less packages

CVE-2017-18202

Medium priority

Some fixes available 4 of 9

The __oom_reap_task_mm function in mm/oom_kill.c in the Linux kernel before 4.14.4 mishandles gather operations, which allows attackers to cause a denial of service (TLB entry leak or use-after-free) or possibly have unspecified...

33 affected packages

linux, linux-armadaxp, linux-aws, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected
linux-armadaxp Not in release Not in release
linux-aws Not affected Not affected
linux-azure Not affected Fixed
linux-azure-edge Not affected Not affected
linux-euclid Not in release Not affected
linux-flo Not in release Ignored
linux-gcp Not affected Fixed
linux-gke Not in release Not affected
linux-goldfish Not in release Not affected
linux-grouper Not in release Not in release
linux-hwe Not affected Fixed
linux-hwe-edge Not affected Fixed
linux-kvm Not affected Not affected
linux-linaro-omap Not in release Not in release
linux-linaro-shared Not in release Not in release
linux-linaro-vexpress Not in release Not in release
linux-lts-quantal Not in release Not in release
linux-lts-raring Not in release Not in release
linux-lts-saucy Not in release Not in release
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Not affected Ignored
linux-qcm-msm Not in release Not in release
linux-raspi2 Not affected Not affected
linux-snapdragon Not affected Not affected
linux-ti-omap4 Not in release Not in release
Show all 33 packages Show less packages