Search CVE reports
51 – 60 of 1457 results
CVE-2019-9503
Medium prioritySome fixes available 51 of 57
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the...
79 affected packages
linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-6.8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-aws | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-aws-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release | Fixed |
| linux-azure | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-azure-edge | Not in release | Not in release | Not in release | Fixed | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-fips | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gcp-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-gke | Not affected | Not affected | Ignored | Not in release | Ignored |
| linux-gke-4.15 | Not in release | Not in release | Not in release | Fixed | Not in release |
| linux-gke-5.0 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | Not in release | Not affected | Not affected | Not in release | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Fixed | Fixed |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected | Fixed |
| linux-ibm | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iot-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-kvm | Not in release | Not affected | Not affected | Fixed | Fixed |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Fixed | Ignored |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oracle | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-raspi-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-raspi2 | Not in release | Not in release | Ignored | Fixed | Fixed |
| linux-realtime | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-snapdragon | Not in release | Not in release | Not in release | Fixed | Fixed |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release | Not in release |
CVE-2019-9500
Medium prioritySome fixes available 37 of 43
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be...
29 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Fixed | Not affected |
| linux-aws | — | — | — | Fixed | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Fixed |
| linux-azure | — | — | — | Fixed | Fixed |
| linux-azure-edge | — | — | — | Fixed | Fixed |
| linux-euclid | — | — | — | Not in release | Not affected |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Fixed | Fixed |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not in release | Ignored |
| linux-gke-4.15 | — | — | — | Fixed | Not in release |
| linux-gke-5.0 | — | — | — | Not affected | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Fixed |
| linux-hwe-edge | — | — | — | Not affected | Fixed |
| linux-kvm | — | — | — | Fixed | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Fixed | Ignored |
| linux-oracle | — | — | — | Fixed | Fixed |
| linux-raspi2 | — | — | — | Fixed | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2019-3837
Medium prioritySome fixes available 1 of 5
It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel...
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not affected | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2019-11191
Negligible prioritySome fixes available 34 of 40
** DISPUTED ** The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in...
79 affected packages
linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-6.8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-aws | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-aws-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release | Fixed |
| linux-azure | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-azure-edge | Not in release | Not in release | Not in release | Fixed | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-fips | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gcp-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-gke | Not affected | Not affected | Ignored | Not in release | Ignored |
| linux-gke-4.15 | Not in release | Not in release | Not in release | Fixed | Not in release |
| linux-gke-5.0 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | Not in release | Not affected | Not affected | Not in release | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Fixed | Fixed |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected | Fixed |
| linux-ibm | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iot-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-kvm | Not in release | Not affected | Not affected | Fixed | Fixed |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Fixed | Ignored |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oracle | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-raspi-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-raspi2 | Not in release | Not in release | Ignored | Fixed | Fixed |
| linux-realtime | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-snapdragon | Not in release | Not in release | Not in release | Fixed | Fixed |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release | Not in release |
CVE-2019-11190
Low prioritySome fixes available 6 of 12
The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has...
77 affected packages
linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-6.8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | Not affected | Not affected | Not affected | Not affected | Fixed |
| linux-aws | Not affected | Not affected | Not affected | Not affected | Fixed |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-aws-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-azure | Not affected | Not affected | Not affected | Not affected | Not affected |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-azure-edge | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-fips | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | Not affected | Not affected | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gcp-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-gke | Not affected | Not affected | Ignored | Not in release | Ignored |
| linux-gkeop | Not in release | Not affected | Not affected | Not in release | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Not affected | Not affected |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected | Not affected |
| linux-ibm | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iot-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-kvm | Not in release | Not affected | Not affected | Not affected | Fixed |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Not affected | Ignored |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oracle | Not affected | Not affected | Not affected | Not affected | Not affected |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-raspi-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-raspi2 | Not in release | Not in release | Ignored | Not affected | Fixed |
| linux-realtime | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-snapdragon | Not in release | Not in release | Not in release | Fixed | Fixed |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release | Not in release |
CVE-2019-3887
Medium prioritySome fixes available 17 of 23
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when...
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Fixed | Not affected |
| linux-azure-edge | — | — | — | Fixed | Not affected |
| linux-euclid | — | — | — | Not in release | Not affected |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not affected | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2018-20449
Negligible prioritySome fixes available 3 of 5
The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.
73 affected packages
linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-fips...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | Not affected | Not affected | Not affected | Not affected | Not affected |
| linux-aws | Not affected | Not affected | Not affected | Not affected | Not affected |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-aws-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-azure | Not affected | Not affected | Not affected | Not affected | Fixed |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-edge | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-fips | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | Not affected | Not affected | Not affected | Not affected | Fixed |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gcp-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-gke | Not affected | Not affected | Ignored | Not in release | Ignored |
| linux-gkeop | Not in release | Not affected | Not affected | Not in release | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Not affected | Fixed |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected | Not affected |
| linux-ibm | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iot-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-kvm | Not in release | Not affected | Not affected | Not affected | Not affected |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Not affected | Ignored |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oracle | Not affected | Not affected | Not affected | Not affected | Not affected |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-raspi-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-raspi2 | Not in release | Not in release | Ignored | Not affected | Not affected |
| linux-realtime | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-snapdragon | Not in release | Not in release | Not in release | Not affected | Not affected |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release | Not in release |
CVE-2019-10125
Medium priorityAn issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return...
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not affected | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2019-3874
Medium prioritySome fixes available 53 of 59
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
79 affected packages
linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-6.8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-aws | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-aws-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release | Fixed |
| linux-azure | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-azure-edge | Not in release | Not in release | Not in release | Fixed | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-fips | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gcp-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-gke | Not affected | Not affected | Ignored | Not in release | Ignored |
| linux-gke-4.15 | Not in release | Not in release | Not in release | Fixed | Not in release |
| linux-gke-5.0 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | Not in release | Not affected | Not affected | Not in release | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Fixed | Fixed |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected | Fixed |
| linux-ibm | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iot-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-kvm | Not in release | Not affected | Not affected | Fixed | Fixed |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Fixed | Ignored |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oracle | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-raspi-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-raspi2 | Not in release | Not in release | Ignored | Fixed | Fixed |
| linux-realtime | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-snapdragon | Not in release | Not in release | Not in release | Fixed | Fixed |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release | Not in release |
CVE-2019-9857
Medium priorityIn the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory...
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not affected | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |