Search CVE reports
11 – 20 of 748 results
CVE-2015-2877
Low priority** DISPUTED ** Kernel Samepage Merging (KSM) in the Linux kernel 2.6.32 through 4.x does not prevent use of a write-timing side channel, which allows guest OS users to defeat the ASLR protection mechanism on other guest OS...
36 affected packages
linux, linux-armadaxp, linux-aws, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Ignored | Ignored |
| linux-armadaxp | — | — | — | Not in release | Not in release |
| linux-aws | — | — | — | Ignored | Ignored |
| linux-azure | — | — | — | Ignored | Ignored |
| linux-azure-edge | — | — | — | Ignored | Ignored |
| linux-ec2 | — | — | — | Not in release | Not in release |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-fsl-imx51 | — | — | — | Not in release | Not in release |
| linux-gcp | — | — | — | Ignored | Ignored |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Ignored | Ignored |
| linux-hwe-edge | — | — | — | Ignored | Ignored |
| linux-kvm | — | — | — | Ignored | Ignored |
| linux-linaro-omap | — | — | — | Not in release | Not in release |
| linux-linaro-shared | — | — | — | Not in release | Not in release |
| linux-linaro-vexpress | — | — | — | Not in release | Not in release |
| linux-lts-quantal | — | — | — | Not in release | Not in release |
| linux-lts-raring | — | — | — | Not in release | Not in release |
| linux-lts-saucy | — | — | — | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-mvl-dove | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Ignored | Ignored |
| linux-qcm-msm | — | — | — | Not in release | Not in release |
| linux-raspi2 | — | — | — | Ignored | Ignored |
| linux-snapdragon | — | — | — | Ignored | Ignored |
| linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2016-0617
Low priorityUnspecified vulnerability in the kernel-uek component in Oracle Linux 6 allows local users to affect availability via unknown vectors.
28 affected packages
linux, linux-armadaxp, linux-aws, linux-flo, linux-fsl-imx51...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Not affected |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Not affected |
| linux-flo | — | — | — | — | Not affected |
| linux-fsl-imx51 | — | — | — | — | Not in release |
| linux-gke | — | — | — | — | Not affected |
| linux-goldfish | — | — | — | — | Not affected |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not affected |
| linux-manta | — | — | — | — | Not in release |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Not affected |
| linux-snapdragon | — | — | — | — | Not affected |
| linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2016-2070
Medium priorityThe tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via crafted TCP traffic.
29 affected packages
linux, linux-2.6, linux-armadaxp, linux-aws, linux-flo...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Not affected |
| linux-2.6 | — | — | — | — | Not in release |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Not affected |
| linux-flo | — | — | — | — | Not affected |
| linux-fsl-imx51 | — | — | — | — | Not in release |
| linux-gke | — | — | — | — | Not affected |
| linux-goldfish | — | — | — | — | Not affected |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not affected |
| linux-manta | — | — | — | — | Not in release |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Not affected |
| linux-snapdragon | — | — | — | — | Not affected |
| linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2016-2053
Medium prioritySome fixes available 7 of 15
The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by...
29 affected packages
linux, linux-2.6, linux-armadaxp, linux-aws, linux-flo...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Not affected |
| linux-2.6 | — | — | — | — | Not in release |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Not affected |
| linux-flo | — | — | — | — | Not affected |
| linux-fsl-imx51 | — | — | — | — | Not in release |
| linux-gke | — | — | — | — | Not affected |
| linux-goldfish | — | — | — | — | Not affected |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not affected |
| linux-manta | — | — | — | — | Not in release |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Not affected |
| linux-snapdragon | — | — | — | — | Not affected |
| linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2015-8746
Low prioritySome fixes available 5 of 12
fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and...
28 affected packages
linux, linux-armadaxp, linux-aws, linux-flo, linux-fsl-imx51...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Not affected |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Not affected |
| linux-flo | — | — | — | — | Not affected |
| linux-fsl-imx51 | — | — | — | — | Not in release |
| linux-gke | — | — | — | — | Not affected |
| linux-goldfish | — | — | — | — | Not affected |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not affected |
| linux-manta | — | — | — | — | Not in release |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Not affected |
| linux-snapdragon | — | — | — | — | Not affected |
| linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2015-8324
Low priorityThe ext4 implementation in the Linux kernel before 2.6.34 does not properly track the initialization of certain data structures, which allows physically proximate attackers to cause a denial of service (NULL pointer dereference...
31 affected packages
linux, linux-2.6, linux-armadaxp, linux-aws, linux-ec2...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Not affected |
| linux-2.6 | — | — | — | — | Not in release |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Not affected |
| linux-ec2 | — | — | — | — | Not in release |
| linux-flo | — | — | — | — | Not affected |
| linux-fsl-imx51 | — | — | — | — | Not in release |
| linux-gke | — | — | — | — | Not affected |
| linux-goldfish | — | — | — | — | Not affected |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not affected |
| linux-manta | — | — | — | — | Not in release |
| linux-mvl-dove | — | — | — | — | Not in release |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Not affected |
| linux-snapdragon | — | — | — | — | Not affected |
| linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2015-8019
Medium prioritySome fixes available 1 of 8
The skb_copy_and_csum_datagram_iovec function in net/core/datagram.c in the Linux kernel 3.14.54 and 3.18.22 does not accept a length argument, which allows local users to cause a denial of service (memory corruption) or possibly...
38 affected packages
linux, linux-armadaxp, linux-aws, linux-aws-hwe, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-armadaxp | — | — | — | Not in release | Not in release |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-ec2 | — | — | — | Not in release | Not in release |
| linux-euclid | — | — | — | Not in release | Not affected |
| linux-flo | — | — | — | Not in release | Not affected |
| linux-fsl-imx51 | — | — | — | Not in release | Not in release |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not in release | Not affected |
| linux-goldfish | — | — | — | Not in release | Not affected |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-linaro-omap | — | — | — | Not in release | Not in release |
| linux-linaro-shared | — | — | — | Not in release | Not in release |
| linux-linaro-vexpress | — | — | — | Not in release | Not in release |
| linux-lts-quantal | — | — | — | Not in release | Not in release |
| linux-lts-raring | — | — | — | Not in release | Not in release |
| linux-lts-saucy | — | — | — | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Not affected |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-mvl-dove | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-qcm-msm | — | — | — | Not in release | Not in release |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
| linux-ti-omap4 | — | — | — | Not in release | Not in release |
CVE-2015-4178
Medium priorityThe fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by...
31 affected packages
linux, linux-2.6, linux-armadaxp, linux-aws, linux-ec2...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Not affected |
| linux-2.6 | — | — | — | — | Not in release |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Not affected |
| linux-ec2 | — | — | — | — | Not in release |
| linux-flo | — | — | — | — | Not affected |
| linux-fsl-imx51 | — | — | — | — | Not in release |
| linux-gke | — | — | — | — | Not affected |
| linux-goldfish | — | — | — | — | Not affected |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not affected |
| linux-manta | — | — | — | — | Not in release |
| linux-mvl-dove | — | — | — | — | Not in release |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Not affected |
| linux-snapdragon | — | — | — | — | Not affected |
| linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2015-4177
Medium priorityThe collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly consider that it may execute after a path has been unmounted, which allows local users to cause a denial of service (system crash) by...
31 affected packages
linux, linux-2.6, linux-armadaxp, linux-aws, linux-ec2...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Not affected |
| linux-2.6 | — | — | — | — | Not in release |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Not affected |
| linux-ec2 | — | — | — | — | Not in release |
| linux-flo | — | — | — | — | Not affected |
| linux-fsl-imx51 | — | — | — | — | Not in release |
| linux-gke | — | — | — | — | Not affected |
| linux-goldfish | — | — | — | — | Not affected |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not affected |
| linux-manta | — | — | — | — | Not in release |
| linux-mvl-dove | — | — | — | — | Not in release |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Not affected |
| linux-snapdragon | — | — | — | — | Not affected |
| linux-ti-omap4 | — | — | — | — | Not in release |
CVE-2015-4176
Medium priorityfs/namespace.c in the Linux kernel before 4.0.2 does not properly support mount connectivity, which allows local users to read arbitrary files by leveraging user-namespace root access for deletion of a file or directory.
30 affected packages
linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | — | Not affected |
| linux-armadaxp | — | — | — | — | Not in release |
| linux-aws | — | — | — | — | Not affected |
| linux-ec2 | — | — | — | — | Not in release |
| linux-flo | — | — | — | — | Not affected |
| linux-fsl-imx51 | — | — | — | — | Not in release |
| linux-gke | — | — | — | — | Not affected |
| linux-goldfish | — | — | — | — | Not affected |
| linux-grouper | — | — | — | — | Not in release |
| linux-hwe | — | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | — | Not affected |
| linux-linaro-omap | — | — | — | — | Not in release |
| linux-linaro-shared | — | — | — | — | Not in release |
| linux-linaro-vexpress | — | — | — | — | Not in release |
| linux-lts-quantal | — | — | — | — | Not in release |
| linux-lts-raring | — | — | — | — | Not in release |
| linux-lts-saucy | — | — | — | — | Not in release |
| linux-lts-trusty | — | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | — | Not in release |
| linux-lts-wily | — | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | — | Not in release |
| linux-maguro | — | — | — | — | Not in release |
| linux-mako | — | — | — | — | Not affected |
| linux-manta | — | — | — | — | Not in release |
| linux-mvl-dove | — | — | — | — | Not in release |
| linux-qcm-msm | — | — | — | — | Not in release |
| linux-raspi2 | — | — | — | — | Not affected |
| linux-snapdragon | — | — | — | — | Not affected |
| linux-ti-omap4 | — | — | — | — | Not in release |