Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

71 – 80 of 595 results


CVE-2019-11487

Low priority

Some fixes available 37 of 54

The Linux kernel before 5.1-rc5 allows page->_refcount reference count overflow, with resultant use-after-free issues, if about 140 GiB of RAM exists. This is related to fs/fuse/dev.c, fs/pipe.c, fs/splice.c, include/linux/mm.h,...

85 affected packages

linux, linux-aws, linux-aws-5.0, linux-aws-5.15, linux-aws-5.4...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected Not affected Fixed Fixed
linux-aws Not affected Not affected Not affected Fixed Fixed
linux-aws-5.0 Not in release Not in release Not in release Not affected Not in release
linux-aws-5.15 Not in release Not in release Not affected Not in release Not in release
linux-aws-5.4 Not in release Not in release Not in release Not affected Not in release
linux-aws-6.8 Not in release Not affected Not in release Not in release Not in release
linux-aws-fips Not in release Not in release Not in release Not in release Ignored
linux-aws-hwe Not in release Not in release Not in release Not in release Fixed
linux-azure Not affected Not affected Not affected Fixed Fixed
linux-azure-4.15 Not in release Not in release Not in release Not affected Not in release
linux-azure-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-5.3 Not in release Not in release Not in release Not affected Not in release
linux-azure-5.4 Not in release Not in release Not in release Not affected Not in release
linux-azure-6.8 Not in release Not affected Not in release Not in release Not in release
linux-azure-edge Not in release Not in release Not in release Fixed Not in release
linux-azure-fde Not in release Not affected Ignored Not in release Not in release
linux-azure-fde-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-fips Not in release Not in release Not in release Not in release Ignored
linux-bluefield Not in release Not in release Not affected Not in release Not in release
linux-euclid Not in release Not in release Ignored
linux-fips Not in release Not in release Not in release Not in release Not in release
linux-flo Not in release Not in release Ignored
linux-gcp Not affected Not affected Not affected Fixed Fixed
linux-gcp-4.15 Not in release Not in release Not in release Not affected Not in release
linux-gcp-5.15 Not in release Not in release Not affected Not in release Not in release
linux-gcp-5.3 Not in release Not in release Not in release Not affected Not in release
linux-gcp-5.4 Not in release Not in release Not in release Not affected Not in release
linux-gcp-6.8 Not in release Not affected Not in release Not in release Not in release
linux-gcp-edge Not in release Fixed Not in release
linux-gcp-fips Not in release Not in release Not in release Not in release Ignored
linux-gke Not affected Not affected Ignored Not in release Ignored
linux-gke-4.15 Not in release Not in release Not in release Fixed Not in release
linux-gke-5.0 Not in release Not in release Not in release Not affected Not in release
linux-gkeop Not affected Not affected Not affected Not in release Not in release
linux-gkeop-5.15 Not in release Not in release Not affected Not in release Not in release
linux-goldfish Not in release Not in release Ignored
linux-grouper Not in release Not in release Not in release
linux-hwe Not in release Not in release Not in release Fixed Fixed
linux-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-hwe-5.4 Not in release Not in release Not in release Not affected Not in release
linux-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-hwe-edge Not in release Not in release Not in release Ignored Fixed
linux-ibm Not affected Not affected Not affected Not in release Not in release
linux-ibm-5.15 Not in release Not in release Not affected Not in release Not in release
linux-ibm-5.4 Not in release Not in release Not in release Not affected Not in release
linux-intel Not affected Not in release Not in release Not in release Not in release
linux-intel-iot-realtime Not in release Not in release Not in release Not in release Not in release
linux-intel-iotg Not in release Not affected Not in release Not in release Not in release
linux-intel-iotg-5.15 Not in release Not in release Not affected Not in release Not in release
linux-iot Not in release Not in release Not affected Not in release Not in release
linux-kvm Not in release Not affected Not affected Fixed Fixed
linux-lowlatency Not affected Not affected Not in release Not in release Not in release
linux-lowlatency-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-lowlatency-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-lts-trusty Not in release Not in release Not in release
linux-lts-utopic Not in release Not in release Not in release
linux-lts-vivid Not in release Not in release Not in release
linux-lts-wily Not in release Not in release Not in release
linux-lts-xenial Not in release Not in release Not in release Not in release Not in release
linux-maguro Not in release Not in release Not in release
linux-mako Not in release Not in release Ignored
linux-manta Not in release Not in release Not in release
linux-nvidia Not affected Not affected Not in release Not in release Not in release
linux-nvidia-6.5 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-6.8 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-lowlatency Not affected Not in release Not in release Not in release Not in release
linux-oem Not in release Not in release Not in release Fixed Ignored
linux-oem-6.8 Not affected Not in release Not in release Not in release Not in release
linux-oem-osp1 Not in release Not in release Not in release Fixed Not in release
linux-oracle Not affected Not affected Not affected Fixed Fixed
linux-oracle-5.0 Not in release Not in release Not in release Not affected Not in release
linux-oracle-5.15 Not in release Not in release Not affected Not in release Not in release
linux-oracle-5.4 Not in release Not in release Not in release Not affected Not in release
linux-oracle-6.8 Not in release Not affected Not in release Not in release Not in release
linux-raspi Not affected Not affected Not affected Not in release Not in release
linux-raspi-5.4 Not in release Not in release Not in release Not affected Not in release
linux-raspi-realtime Not in release Not in release Not in release Not in release Not in release
linux-raspi2 Not in release Not in release Not affected Fixed Fixed
linux-raspi2-5.3 Not in release Not in release Not in release Not affected Not in release
linux-realtime Not in release Ignored Not in release Not in release Not in release
linux-riscv Not affected Ignored Ignored Not in release Not in release
linux-riscv-5.15 Not in release Not in release Not affected Not in release Not in release
linux-riscv-6.8 Not in release Not affected Not in release Not in release Not in release
linux-snapdragon Not in release Not in release Not in release Fixed Fixed
linux-xilinx-zynqmp Not in release Not affected Not affected Not in release Not in release
Show all 85 packages Show less packages

CVE-2019-3901

Medium priority

Some fixes available 4 of 14

A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for...

76 affected packages

linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-6.8...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected Not affected Not affected Fixed
linux-aws Not affected Not affected Not affected Not affected Not affected
linux-aws-5.15 Not in release Not in release Not affected Not in release Not in release
linux-aws-5.4 Not in release Not in release Not in release Not affected Not in release
linux-aws-6.8 Not in release Not affected Not in release Not in release Not in release
linux-aws-fips Not in release Not in release Not in release Not in release Ignored
linux-aws-hwe Not in release Not in release Not in release Not in release Not affected
linux-azure Not affected Not affected Not affected Not affected Not affected
linux-azure-4.15 Not in release Not in release Not in release Not affected Not in release
linux-azure-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-5.4 Not in release Not in release Not in release Not affected Not in release
linux-azure-6.8 Not in release Not affected Not in release Not in release Not in release
linux-azure-edge Not in release Not in release Not in release Not affected Not in release
linux-azure-fde Not in release Needs evaluation Ignored Not in release Not in release
linux-azure-fde-5.15 Not in release Not in release Needs evaluation Not in release Not in release
linux-azure-fips Not in release Not in release Not in release Not in release Ignored
linux-bluefield Not in release Not in release Not affected Not in release Not in release
linux-euclid Not in release Not affected
linux-fips Not in release Not in release Not in release Not in release Not in release
linux-flo Not in release Ignored
linux-gcp Not affected Not affected Not affected Not affected Not affected
linux-gcp-4.15 Not in release Not in release Not in release Not affected Not in release
linux-gcp-5.15 Not in release Not in release Not affected Not in release Not in release
linux-gcp-5.4 Not in release Not in release Not in release Not affected Not in release
linux-gcp-6.8 Not in release Not affected Not in release Not in release Not in release
linux-gcp-edge Not affected Not in release
linux-gcp-fips Not in release Not in release Not in release Not in release Ignored
linux-gke Not affected Not affected Ignored Not in release Ignored
linux-gkeop Not affected Not affected Ignored Not in release Not in release
linux-gkeop-5.15 Not in release Not in release Ignored Not in release Not in release
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not in release Not in release Not in release Not affected Not affected
linux-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-hwe-5.4 Not in release Not in release Not in release Not affected Not in release
linux-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-hwe-edge Not in release Not in release Not in release Not affected Not affected
linux-ibm Not affected Not affected Not affected Not in release Not in release
linux-ibm-5.15 Not in release Not in release Not affected Not in release Not in release
linux-ibm-5.4 Not in release Not in release Not in release Not affected Not in release
linux-intel Not affected Not in release Not in release Not in release Not in release
linux-intel-iot-realtime Not in release Not in release Not in release Not in release Not in release
linux-intel-iotg Not in release Not affected Not in release Not in release Not in release
linux-intel-iotg-5.15 Not in release Not in release Not affected Not in release Not in release
linux-iot Not in release Not in release Not affected Not in release Not in release
linux-kvm Not in release Not affected Not affected Not affected Not affected
linux-lowlatency Not affected Not affected Not in release Not in release Not in release
linux-lowlatency-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-lowlatency-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release Not in release Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-nvidia Not affected Not affected Not in release Not in release Not in release
linux-nvidia-6.8 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-lowlatency Not affected Not in release Not in release Not in release Not in release
linux-oem Not in release Not in release Not in release Not affected Ignored
linux-oem-6.8 Not affected Not in release Not in release Not in release Not in release
linux-oracle Not affected Not affected Not affected Not affected Not affected
linux-oracle-5.15 Not in release Not in release Not affected Not in release Not in release
linux-oracle-5.4 Not in release Not in release Not in release Not affected Not in release
linux-oracle-6.8 Not in release Not affected Not in release Not in release Not in release
linux-raspi Not affected Not affected Not affected Not in release Not in release
linux-raspi-5.4 Not in release Not in release Not in release Not affected Not in release
linux-raspi-realtime Not in release Not in release Not in release Not in release Not in release
linux-raspi2 Not in release Not in release Ignored Not affected Fixed
linux-realtime Not in release Ignored Not in release Not in release Not in release
linux-riscv Not affected Ignored Ignored Not in release Not in release
linux-riscv-5.15 Not in release Not in release Not affected Not in release Not in release
linux-riscv-6.8 Not in release Not affected Not in release Not in release Not in release
linux-snapdragon Not in release Not in release Not in release Not affected Fixed
linux-xilinx-zynqmp Not in release Not affected Not affected Not in release Not in release
Show all 76 packages Show less packages

CVE-2019-9503

Medium priority

Some fixes available 51 of 57

The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the...

79 affected packages

linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-6.8...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected Not affected Fixed Fixed
linux-aws Not affected Not affected Not affected Fixed Fixed
linux-aws-5.15 Not in release Not in release Not affected Not in release Not in release
linux-aws-5.4 Not in release Not in release Not in release Not affected Not in release
linux-aws-6.8 Not in release Not affected Not in release Not in release Not in release
linux-aws-fips Not in release Not in release Not in release Not in release Ignored
linux-aws-hwe Not in release Not in release Not in release Not in release Fixed
linux-azure Not affected Not affected Not affected Fixed Fixed
linux-azure-4.15 Not in release Not in release Not in release Not affected Not in release
linux-azure-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-5.4 Not in release Not in release Not in release Not affected Not in release
linux-azure-6.8 Not in release Not affected Not in release Not in release Not in release
linux-azure-edge Not in release Not in release Not in release Fixed Not in release
linux-azure-fde Not in release Not affected Ignored Not in release Not in release
linux-azure-fde-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-fips Not in release Not in release Not in release Not in release Ignored
linux-bluefield Not in release Not in release Not affected Not in release Not in release
linux-euclid Not in release Ignored
linux-fips Not in release Not in release Not in release Not in release Not in release
linux-flo Not in release Ignored
linux-gcp Not affected Not affected Not affected Fixed Fixed
linux-gcp-4.15 Not in release Not in release Not in release Not affected Not in release
linux-gcp-5.15 Not in release Not in release Not affected Not in release Not in release
linux-gcp-5.4 Not in release Not in release Not in release Not affected Not in release
linux-gcp-6.8 Not in release Not affected Not in release Not in release Not in release
linux-gcp-edge Fixed Not in release
linux-gcp-fips Not in release Not in release Not in release Not in release Ignored
linux-gke Not affected Not affected Ignored Not in release Ignored
linux-gke-4.15 Not in release Not in release Not in release Fixed Not in release
linux-gke-5.0 Not in release Not in release Not in release Not affected Not in release
linux-gkeop Not affected Not affected Not affected Not in release Not in release
linux-gkeop-5.15 Not in release Not in release Not affected Not in release Not in release
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not in release Not in release Not in release Fixed Fixed
linux-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-hwe-5.4 Not in release Not in release Not in release Not affected Not in release
linux-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-hwe-edge Not in release Not in release Not in release Not affected Fixed
linux-ibm Not affected Not affected Not affected Not in release Not in release
linux-ibm-5.15 Not in release Not in release Not affected Not in release Not in release
linux-ibm-5.4 Not in release Not in release Not in release Not affected Not in release
linux-intel Not affected Not in release Not in release Not in release Not in release
linux-intel-iot-realtime Not in release Not in release Not in release Not in release Not in release
linux-intel-iotg Not in release Not affected Not in release Not in release Not in release
linux-intel-iotg-5.15 Not in release Not in release Not affected Not in release Not in release
linux-iot Not in release Not in release Not affected Not in release Not in release
linux-kvm Not in release Not affected Not affected Fixed Fixed
linux-lowlatency Not affected Not affected Not in release Not in release Not in release
linux-lowlatency-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-lowlatency-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release Not in release Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-nvidia Not affected Not affected Not in release Not in release Not in release
linux-nvidia-6.5 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-6.8 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-lowlatency Not affected Not in release Not in release Not in release Not in release
linux-oem Not in release Not in release Not in release Fixed Ignored
linux-oem-6.8 Not affected Not in release Not in release Not in release Not in release
linux-oracle Not affected Not affected Not affected Fixed Fixed
linux-oracle-5.15 Not in release Not in release Not affected Not in release Not in release
linux-oracle-5.4 Not in release Not in release Not in release Not affected Not in release
linux-oracle-6.8 Not in release Not affected Not in release Not in release Not in release
linux-raspi Not affected Not affected Not affected Not in release Not in release
linux-raspi-5.4 Not in release Not in release Not in release Not affected Not in release
linux-raspi-realtime Not in release Not in release Not in release Not in release Not in release
linux-raspi2 Not in release Not in release Ignored Fixed Fixed
linux-realtime Not in release Ignored Not in release Not in release Not in release
linux-riscv Not affected Ignored Ignored Not in release Not in release
linux-riscv-5.15 Not in release Not in release Not affected Not in release Not in release
linux-riscv-6.8 Not in release Not affected Not in release Not in release Not in release
linux-snapdragon Not in release Not in release Not in release Fixed Fixed
linux-xilinx-zynqmp Not in release Not affected Not affected Not in release Not in release
Show all 79 packages Show less packages

CVE-2019-9500

Medium priority

Some fixes available 37 of 43

The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be...

29 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Fixed Not affected
linux-aws Fixed Not affected
linux-aws-hwe Not in release Fixed
linux-azure Fixed Fixed
linux-azure-edge Fixed Fixed
linux-euclid Not in release Not affected
linux-flo Not in release Ignored
linux-gcp Fixed Fixed
linux-gcp-edge Fixed Not in release
linux-gke Not in release Ignored
linux-gke-4.15 Fixed Not in release
linux-gke-5.0 Not affected Not in release
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Fixed Fixed
linux-hwe-edge Not affected Fixed
linux-kvm Fixed Not affected
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Fixed Ignored
linux-oracle Fixed Fixed
linux-raspi2 Fixed Not affected
linux-snapdragon Not affected Not affected
Show all 29 packages Show less packages

CVE-2019-3837

Medium priority

Some fixes available 1 of 5

It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel...

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected
linux-aws Not affected Not affected
linux-aws-hwe Not in release Not affected
linux-azure Not affected Not affected
linux-azure-edge Not affected Not affected
linux-euclid Not in release Ignored
linux-flo Not in release Ignored
linux-gcp Not affected Not affected
linux-gcp-edge Not affected Not in release
linux-gke Not affected Ignored
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not affected Not affected
linux-hwe-edge Not affected Not affected
linux-kvm Not affected Not affected
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Not affected Ignored
linux-oracle Not affected Not affected
linux-raspi2 Not affected Not affected
linux-snapdragon Not affected Not affected
Show all 27 packages Show less packages

CVE-2019-11191

Negligible priority

Some fixes available 34 of 40

** DISPUTED ** The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late in...

79 affected packages

linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-6.8...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected Not affected Fixed Fixed
linux-aws Not affected Not affected Not affected Fixed Fixed
linux-aws-5.15 Not in release Not in release Not affected Not in release Not in release
linux-aws-5.4 Not in release Not in release Not in release Not affected Not in release
linux-aws-6.8 Not in release Not affected Not in release Not in release Not in release
linux-aws-fips Not in release Not in release Not in release Not in release Ignored
linux-aws-hwe Not in release Not in release Not in release Not in release Fixed
linux-azure Not affected Not affected Not affected Fixed Fixed
linux-azure-4.15 Not in release Not in release Not in release Not affected Not in release
linux-azure-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-5.4 Not in release Not in release Not in release Not affected Not in release
linux-azure-6.8 Not in release Not affected Not in release Not in release Not in release
linux-azure-edge Not in release Not in release Not in release Fixed Not in release
linux-azure-fde Not in release Not affected Ignored Not in release Not in release
linux-azure-fde-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-fips Not in release Not in release Not in release Not in release Ignored
linux-bluefield Not in release Not in release Not affected Not in release Not in release
linux-euclid Not in release Ignored
linux-fips Not in release Not in release Not in release Not in release Not in release
linux-flo Not in release Ignored
linux-gcp Not affected Not affected Not affected Fixed Fixed
linux-gcp-4.15 Not in release Not in release Not in release Not affected Not in release
linux-gcp-5.15 Not in release Not in release Not affected Not in release Not in release
linux-gcp-5.4 Not in release Not in release Not in release Not affected Not in release
linux-gcp-6.8 Not in release Not affected Not in release Not in release Not in release
linux-gcp-edge Fixed Not in release
linux-gcp-fips Not in release Not in release Not in release Not in release Ignored
linux-gke Not affected Not affected Ignored Not in release Ignored
linux-gke-4.15 Not in release Not in release Not in release Fixed Not in release
linux-gke-5.0 Not in release Not in release Not in release Not affected Not in release
linux-gkeop Not affected Not affected Not affected Not in release Not in release
linux-gkeop-5.15 Not in release Not in release Not affected Not in release Not in release
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not in release Not in release Not in release Fixed Fixed
linux-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-hwe-5.4 Not in release Not in release Not in release Not affected Not in release
linux-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-hwe-edge Not in release Not in release Not in release Not affected Fixed
linux-ibm Not affected Not affected Not affected Not in release Not in release
linux-ibm-5.15 Not in release Not in release Not affected Not in release Not in release
linux-ibm-5.4 Not in release Not in release Not in release Not affected Not in release
linux-intel Not affected Not in release Not in release Not in release Not in release
linux-intel-iot-realtime Not in release Not in release Not in release Not in release Not in release
linux-intel-iotg Not in release Not affected Not in release Not in release Not in release
linux-intel-iotg-5.15 Not in release Not in release Not affected Not in release Not in release
linux-iot Not in release Not in release Not affected Not in release Not in release
linux-kvm Not in release Not affected Not affected Fixed Fixed
linux-lowlatency Not affected Not affected Not in release Not in release Not in release
linux-lowlatency-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-lowlatency-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release Not in release Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-nvidia Not affected Not affected Not in release Not in release Not in release
linux-nvidia-6.5 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-6.8 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-lowlatency Not affected Not in release Not in release Not in release Not in release
linux-oem Not in release Not in release Not in release Fixed Ignored
linux-oem-6.8 Not affected Not in release Not in release Not in release Not in release
linux-oracle Not affected Not affected Not affected Fixed Fixed
linux-oracle-5.15 Not in release Not in release Not affected Not in release Not in release
linux-oracle-5.4 Not in release Not in release Not in release Not affected Not in release
linux-oracle-6.8 Not in release Not affected Not in release Not in release Not in release
linux-raspi Not affected Not affected Not affected Not in release Not in release
linux-raspi-5.4 Not in release Not in release Not in release Not affected Not in release
linux-raspi-realtime Not in release Not in release Not in release Not in release Not in release
linux-raspi2 Not in release Not in release Ignored Fixed Fixed
linux-realtime Not in release Ignored Not in release Not in release Not in release
linux-riscv Not affected Ignored Ignored Not in release Not in release
linux-riscv-5.15 Not in release Not in release Not affected Not in release Not in release
linux-riscv-6.8 Not in release Not affected Not in release Not in release Not in release
linux-snapdragon Not in release Not in release Not in release Fixed Fixed
linux-xilinx-zynqmp Not in release Not affected Not affected Not in release Not in release
Show all 79 packages Show less packages

CVE-2019-11190

Low priority

Some fixes available 6 of 12

The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has...

77 affected packages

linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-6.8...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected Not affected Not affected Fixed
linux-aws Not affected Not affected Not affected Not affected Fixed
linux-aws-5.15 Not in release Not in release Not affected Not in release Not in release
linux-aws-5.4 Not in release Not in release Not in release Not affected Not in release
linux-aws-6.8 Not in release Not affected Not in release Not in release Not in release
linux-aws-fips Not in release Not in release Not in release Not in release Ignored
linux-aws-hwe Not in release Not in release Not in release Not in release Not affected
linux-azure Not affected Not affected Not affected Not affected Not affected
linux-azure-4.15 Not in release Not in release Not in release Not affected Not in release
linux-azure-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-5.4 Not in release Not in release Not in release Not affected Not in release
linux-azure-6.8 Not in release Not affected Not in release Not in release Not in release
linux-azure-edge Not in release Not in release Not in release Not affected Not in release
linux-azure-fde Not in release Not affected Ignored Not in release Not in release
linux-azure-fde-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-fips Not in release Not in release Not in release Not in release Ignored
linux-bluefield Not in release Not in release Not affected Not in release Not in release
linux-euclid Not in release Ignored
linux-fips Not in release Not in release Not in release Not in release Not in release
linux-flo Not in release Ignored
linux-gcp Not affected Not affected Not affected Not affected Not affected
linux-gcp-4.15 Not in release Not in release Not in release Not affected Not in release
linux-gcp-5.15 Not in release Not in release Not affected Not in release Not in release
linux-gcp-5.4 Not in release Not in release Not in release Not affected Not in release
linux-gcp-6.8 Not in release Not affected Not in release Not in release Not in release
linux-gcp-edge Not affected Not in release
linux-gcp-fips Not in release Not in release Not in release Not in release Ignored
linux-gke Not affected Not affected Ignored Not in release Ignored
linux-gkeop Not affected Not affected Not affected Not in release Not in release
linux-gkeop-5.15 Not in release Not in release Not affected Not in release Not in release
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not in release Not in release Not in release Not affected Not affected
linux-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-hwe-5.4 Not in release Not in release Not in release Not affected Not in release
linux-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-hwe-edge Not in release Not in release Not in release Not affected Not affected
linux-ibm Not affected Not affected Not affected Not in release Not in release
linux-ibm-5.15 Not in release Not in release Not affected Not in release Not in release
linux-ibm-5.4 Not in release Not in release Not in release Not affected Not in release
linux-intel Not affected Not in release Not in release Not in release Not in release
linux-intel-iot-realtime Not in release Not in release Not in release Not in release Not in release
linux-intel-iotg Not in release Not affected Not in release Not in release Not in release
linux-intel-iotg-5.15 Not in release Not in release Not affected Not in release Not in release
linux-iot Not in release Not in release Not affected Not in release Not in release
linux-kvm Not in release Not affected Not affected Not affected Fixed
linux-lowlatency Not affected Not affected Not in release Not in release Not in release
linux-lowlatency-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-lowlatency-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release Not in release Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-nvidia Not affected Not affected Not in release Not in release Not in release
linux-nvidia-6.5 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-6.8 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-lowlatency Not affected Not in release Not in release Not in release Not in release
linux-oem Not in release Not in release Not in release Not affected Ignored
linux-oem-6.8 Not affected Not in release Not in release Not in release Not in release
linux-oracle Not affected Not affected Not affected Not affected Not affected
linux-oracle-5.15 Not in release Not in release Not affected Not in release Not in release
linux-oracle-5.4 Not in release Not in release Not in release Not affected Not in release
linux-oracle-6.8 Not in release Not affected Not in release Not in release Not in release
linux-raspi Not affected Not affected Not affected Not in release Not in release
linux-raspi-5.4 Not in release Not in release Not in release Not affected Not in release
linux-raspi-realtime Not in release Not in release Not in release Not in release Not in release
linux-raspi2 Not in release Not in release Ignored Not affected Fixed
linux-realtime Not in release Ignored Not in release Not in release Not in release
linux-riscv Not affected Ignored Ignored Not in release Not in release
linux-riscv-5.15 Not in release Not in release Not affected Not in release Not in release
linux-riscv-6.8 Not in release Not affected Not in release Not in release Not in release
linux-snapdragon Not in release Not in release Not in release Fixed Fixed
linux-xilinx-zynqmp Not in release Not affected Not affected Not in release Not in release
Show all 77 packages Show less packages

CVE-2019-3887

Medium priority

Some fixes available 17 of 23

A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when...

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected
linux-aws Not affected Not affected
linux-aws-hwe Not in release Not affected
linux-azure Fixed Not affected
linux-azure-edge Fixed Not affected
linux-euclid Not in release Not affected
linux-flo Not in release Ignored
linux-gcp Not affected Not affected
linux-gcp-edge Fixed Not in release
linux-gke Not affected Ignored
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Fixed Not affected
linux-hwe-edge Not affected Not affected
linux-kvm Not affected Not affected
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Not affected Ignored
linux-oracle Not affected Not affected
linux-raspi2 Not affected Not affected
linux-snapdragon Not affected Not affected
Show all 27 packages Show less packages

CVE-2018-20449

Negligible priority

Some fixes available 3 of 6

The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.

73 affected packages

linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-fips...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected Not affected Not affected Not affected
linux-aws Not affected Not affected Not affected Not affected Not affected
linux-aws-5.15 Not in release Not in release Not affected Not in release Not in release
linux-aws-5.4 Not in release Not in release Not in release Not affected Not in release
linux-aws-fips Not in release Not in release Not in release Not in release Ignored
linux-aws-hwe Not in release Not in release Not in release Not in release Not affected
linux-azure Not affected Not affected Not affected Not affected Fixed
linux-azure-4.15 Not in release Not in release Not in release Not affected Not in release
linux-azure-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-5.4 Not in release Not in release Not in release Not affected Not in release
linux-azure-edge Not in release Not in release Not in release Not affected Not in release
linux-azure-fde Not in release Not affected Ignored Not in release Not in release
linux-azure-fde-5.15 Not in release Not in release Not affected Not in release Not in release
linux-azure-fips Not in release Not in release Not in release Not in release Ignored
linux-bluefield Not in release Not in release Not affected Not in release Not in release
linux-euclid Not in release Ignored
linux-fips Not in release Not in release Not in release Not in release Not in release
linux-flo Not in release Ignored
linux-gcp Not affected Not affected Not affected Not affected Fixed
linux-gcp-4.15 Not in release Not in release Not in release Not affected Not in release
linux-gcp-5.15 Not in release Not in release Not affected Not in release Not in release
linux-gcp-5.4 Not in release Not in release Not in release Not affected Not in release
linux-gcp-edge Not affected Not in release
linux-gcp-fips Not in release Not in release Not in release Not in release Ignored
linux-gke Not affected Not affected Ignored Not in release Ignored
linux-gkeop Needs evaluation Not affected Not affected Not in release Not in release
linux-gkeop-5.15 Not in release Not in release Not affected Not in release Not in release
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not in release Not in release Not in release Not affected Fixed
linux-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-hwe-5.4 Not in release Not in release Not in release Not affected Not in release
linux-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-hwe-edge Not in release Not in release Not in release Not affected Not affected
linux-ibm Not affected Not affected Not affected Not in release Not in release
linux-ibm-5.15 Not in release Not in release Not affected Not in release Not in release
linux-ibm-5.4 Not in release Not in release Not in release Not affected Not in release
linux-intel Not affected Not in release Not in release Not in release Not in release
linux-intel-iot-realtime Not in release Not in release Not in release Not in release Not in release
linux-intel-iotg Not in release Not affected Not in release Not in release Not in release
linux-intel-iotg-5.15 Not in release Not in release Not affected Not in release Not in release
linux-iot Not in release Not in release Not affected Not in release Not in release
linux-kvm Not in release Not affected Not affected Not affected Not affected
linux-lowlatency Not affected Not affected Not in release Not in release Not in release
linux-lowlatency-hwe-5.15 Not in release Not in release Not affected Not in release Not in release
linux-lowlatency-hwe-6.8 Not in release Not affected Not in release Not in release Not in release
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release Not in release Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-nvidia Not affected Not affected Not in release Not in release Not in release
linux-nvidia-6.5 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-6.8 Not in release Not affected Not in release Not in release Not in release
linux-nvidia-lowlatency Not affected Not in release Not in release Not in release Not in release
linux-oem Not in release Not in release Not in release Not affected Ignored
linux-oem-6.8 Not affected Not in release Not in release Not in release Not in release
linux-oracle Not affected Not affected Not affected Not affected Not affected
linux-oracle-5.15 Not in release Not in release Not affected Not in release Not in release
linux-oracle-5.4 Not in release Not in release Not in release Not affected Not in release
linux-raspi Not affected Not affected Not affected Not in release Not in release
linux-raspi-5.4 Not in release Not in release Not in release Not affected Not in release
linux-raspi-realtime Not in release Not in release Not in release Not in release Not in release
linux-raspi2 Not in release Not in release Ignored Not affected Not affected
linux-realtime Not in release Ignored Not in release Not in release Not in release
linux-riscv Not affected Ignored Ignored Not in release Not in release
linux-riscv-5.15 Not in release Not in release Not affected Not in release Not in release
linux-riscv-6.8 Not in release Not affected Not in release Not in release Not in release
linux-snapdragon Not in release Not in release Not in release Not affected Not affected
linux-xilinx-zynqmp Not in release Not affected Not affected Not in release Not in release
Show all 73 packages Show less packages

CVE-2019-10125

Medium priority
Ignored

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return...

27 affected packages

linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux Not affected Not affected
linux-aws Not affected Not affected
linux-aws-hwe Not in release Not affected
linux-azure Not affected Not affected
linux-azure-edge Not affected Not affected
linux-euclid Not in release Ignored
linux-flo Not in release Ignored
linux-gcp Not affected Not affected
linux-gcp-edge Not affected Not in release
linux-gke Not affected Ignored
linux-goldfish Not in release Ignored
linux-grouper Not in release Not in release
linux-hwe Not affected Not affected
linux-hwe-edge Not affected Not affected
linux-kvm Not affected Not affected
linux-lts-trusty Not in release Not in release
linux-lts-utopic Not in release Not in release
linux-lts-vivid Not in release Not in release
linux-lts-wily Not in release Not in release
linux-lts-xenial Not in release Not in release
linux-maguro Not in release Not in release
linux-mako Not in release Ignored
linux-manta Not in release Not in release
linux-oem Not affected Ignored
linux-oracle Not affected Not affected
linux-raspi2 Not affected Not affected
linux-snapdragon Not affected Not affected
Show all 27 packages Show less packages