Search CVE reports

31 – 40 of 721 results

Detailed view

Sort by:

CVE-2016-2085

Low priority

Some fixes available 8 of 27

The evm_verify_hmac function in security/integrity/evm/evm_main.c in the Linux kernel before 4.5 does not properly copy data, which makes it easier for local users to forge MAC values via a timing side-channel attack.

28 affected packages

linux, linux-armadaxp, linux-aws, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-aws	—	—	—	—
linux-flo	—	—	—	—
linux-fsl-imx51	—	—	—	—
linux-gke	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—
linux-ti-omap4	—	—	—	—

CVE-2015-7566

Low priority

Some fixes available 10 of 30

The clie_5_attach function in drivers/usb/serial/visor.c in the Linux kernel through 4.4.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified...

28 affected packages

linux, linux-armadaxp, linux-aws, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-aws	—	—	—	—
linux-flo	—	—	—	—
linux-fsl-imx51	—	—	—	—
linux-gke	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—
linux-ti-omap4	—	—	—	—

CVE-2016-0728

High priority

Some fixes available 8 of 15

The join_session_keyring function in security/keys/process_keys.c in the Linux kernel before 4.4.1 mishandles object references in a certain error case, which allows local users to gain privileges or cause a denial of service...

28 affected packages

linux, linux-armadaxp, linux-aws, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-aws	—	—	—	—
linux-flo	—	—	—	—
linux-fsl-imx51	—	—	—	—
linux-gke	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—
linux-ti-omap4	—	—	—	—

CVE-2015-6646

Medium priority

Ignored

The System V IPC implementation in the kernel in Android before 6.0 2016-01-01 allows attackers to cause a denial of service (global kernel resource consumption) by leveraging improper interaction between IPC resource allocation...

34 affected packages

android, linux, linux-armadaxp, linux-aws, linux-azure...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
android	—	—	—	Not in release
linux	—	—	—	Not affected
linux-armadaxp	—	—	—	Not in release
linux-aws	—	—	—	Not affected
linux-azure	—	—	—	Not affected
linux-euclid	—	—	—	Not in release
linux-flo	—	—	—	Not in release
linux-fsl-imx51	—	—	—	Not in release
linux-gcp	—	—	—	Not affected
linux-gke	—	—	—	Not in release
linux-goldfish	—	—	—	Not in release
linux-grouper	—	—	—	Not in release
linux-hwe	—	—	—	Not affected
linux-hwe-edge	—	—	—	Not affected
linux-kvm	—	—	—	Not affected
linux-linaro-omap	—	—	—	Not in release
linux-linaro-shared	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	Not in release
linux-lts-quantal	—	—	—	Not in release
linux-lts-raring	—	—	—	Not in release
linux-lts-saucy	—	—	—	Not in release
linux-lts-trusty	—	—	—	Not in release
linux-lts-utopic	—	—	—	Not in release
linux-lts-vivid	—	—	—	Not in release
linux-lts-wily	—	—	—	Not in release
linux-lts-xenial	—	—	—	Not in release
linux-maguro	—	—	—	Not in release
linux-mako	—	—	—	Not in release
linux-manta	—	—	—	Not in release
linux-oem	—	—	—	Not affected
linux-qcm-msm	—	—	—	Not in release
linux-raspi2	—	—	—	Not affected
linux-snapdragon	—	—	—	Not affected
linux-ti-omap4	—	—	—	Not in release

CVE-2015-6642

Medium priority

Ignored

The kernel in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 allows attackers to obtain sensitive information, and consequently bypass an unspecified protection mechanism, via unknown vectors, as demonstrated by obtaining...

23 affected packages

linux, linux-armadaxp, linux-flo, linux-fsl-imx51, linux-goldfish...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-flo	—	—	—	—
linux-fsl-imx51	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-raspi2	—	—	—	—
linux-ti-omap4	—	—	—	—

CVE-2015-6640

Medium priority

Ignored

The prctl_set_vma_anon_name function in kernel/sys.c in Android before 5.1.1 LMY49F and 6.0 before 2016-01-01 does not ensure that only one vma is accessed in a certain update action, which allows attackers to gain privileges or...

34 affected packages

android, linux, linux-armadaxp, linux-aws, linux-azure...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
android	—	—	—	Not in release
linux	—	—	—	Not affected
linux-armadaxp	—	—	—	Not in release
linux-aws	—	—	—	Not affected
linux-azure	—	—	—	Not affected
linux-euclid	—	—	—	Not in release
linux-flo	—	—	—	Not in release
linux-fsl-imx51	—	—	—	Not in release
linux-gcp	—	—	—	Not affected
linux-gke	—	—	—	Not in release
linux-goldfish	—	—	—	Not in release
linux-grouper	—	—	—	Not in release
linux-hwe	—	—	—	Not affected
linux-hwe-edge	—	—	—	Not affected
linux-kvm	—	—	—	Not affected
linux-linaro-omap	—	—	—	Not in release
linux-linaro-shared	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	Not in release
linux-lts-quantal	—	—	—	Not in release
linux-lts-raring	—	—	—	Not in release
linux-lts-saucy	—	—	—	Not in release
linux-lts-trusty	—	—	—	Not in release
linux-lts-utopic	—	—	—	Not in release
linux-lts-vivid	—	—	—	Not in release
linux-lts-wily	—	—	—	Not in release
linux-lts-xenial	—	—	—	Not in release
linux-maguro	—	—	—	Not in release
linux-mako	—	—	—	Not in release
linux-manta	—	—	—	Not in release
linux-oem	—	—	—	Not affected
linux-qcm-msm	—	—	—	Not in release
linux-raspi2	—	—	—	Not affected
linux-snapdragon	—	—	—	Not affected
linux-ti-omap4	—	—	—	Not in release

CVE-2015-8812

Medium priority

Some fixes available 11 of 30

drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets.

28 affected packages

linux, linux-armadaxp, linux-aws, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-aws	—	—	—	—
linux-flo	—	—	—	—
linux-fsl-imx51	—	—	—	—
linux-gke	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—
linux-ti-omap4	—	—	—	—

CVE-2015-8787

Medium priority

Some fixes available 5 of 12

The nf_nat_redirect_ipv4 function in net/netfilter/nf_nat_redirect.c in the Linux kernel before 4.4 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified...

29 affected packages

linux-2.6, linux-aws, linux-flo, linux-gke, linux-goldfish...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux-2.6	—	—	—	—
linux-aws	—	—	—	—
linux-flo	—	—	—	—
linux-gke	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—
linux-ti-omap4	—	—	—	—
linux	—	—	—	—
linux-fsl-imx51	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-armadaxp	—	—	—	—

CVE-2015-8785

Medium priority

Some fixes available 11 of 30

The fuse_fill_write_pages function in fs/fuse/file.c in the Linux kernel before 4.4 allows local users to cause a denial of service (infinite loop) via a writev system call that triggers a zero length for the first segment of an iov.

29 affected packages

linux, linux-2.6, linux-armadaxp, linux-aws, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-2.6	—	—	—	—
linux-armadaxp	—	—	—	—
linux-aws	—	—	—	—
linux-flo	—	—	—	—
linux-fsl-imx51	—	—	—	—
linux-gke	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—
linux-ti-omap4	—	—	—	—

CVE-2015-7509

Low priority

Some fixes available 3 of 22

fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015.

28 affected packages

linux, linux-armadaxp, linux-aws, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS
linux	—	—	—	—
linux-armadaxp	—	—	—	—
linux-aws	—	—	—	—
linux-flo	—	—	—	—
linux-fsl-imx51	—	—	—	—
linux-gke	—	—	—	—
linux-goldfish	—	—	—	—
linux-grouper	—	—	—	—
linux-hwe	—	—	—	—
linux-hwe-edge	—	—	—	—
linux-linaro-omap	—	—	—	—
linux-linaro-shared	—	—	—	—
linux-linaro-vexpress	—	—	—	—
linux-lts-quantal	—	—	—	—
linux-lts-raring	—	—	—	—
linux-lts-saucy	—	—	—	—
linux-lts-trusty	—	—	—	—
linux-lts-utopic	—	—	—	—
linux-lts-vivid	—	—	—	—
linux-lts-wily	—	—	—	—
linux-lts-xenial	—	—	—	—
linux-maguro	—	—	—	—
linux-mako	—	—	—	—
linux-manta	—	—	—	—
linux-qcm-msm	—	—	—	—
linux-raspi2	—	—	—	—
linux-snapdragon	—	—	—	—
linux-ti-omap4	—	—	—	—

Export to JSON

Results by page: