Search CVE reports
81 – 90 of 1529 results
Some fixes available 4 of 14
A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for...
92 affected packages
linux-aws, linux-azure, linux-aws-hwe, linux-euclid, linux-gke...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux-aws | Not affected | Not affected | Not affected | Not affected |
| linux-azure | Not affected | Not affected | Not affected | Not affected |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release |
| linux-euclid | — | — | — | Not in release |
| linux-gke | Not affected | Not affected | Ignored | Not in release |
| linux | Not affected | Not affected | Not affected | Not affected |
| linux-azure-edge | Not in release | Not in release | Not in release | Not affected |
| linux-flo | — | — | — | Not in release |
| linux-gcp | Not affected | Not affected | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Not affected |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected |
| linux-kvm | Not in release | Not affected | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Not affected |
| linux-oracle | Not affected | Not affected | Not affected | Not affected |
| linux-raspi2 | Not in release | Not in release | Ignored | Not affected |
| linux-snapdragon | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Ignored | Not in release |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release |
| linux-fips | Not in release | Not affected | Not affected | Not affected |
| linux-aws-fips | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-gkeop | Not affected | Not affected | Ignored | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Ignored | Not in release |
| linux-ibm | Not affected | Not affected | Not affected | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release |
| linux-intel-iot-realtime | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | Not affected | Not in release | Not in release | Not in release |
| linux-realtime | Not affected | Not affected | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release |
| linux-oem-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-6.11 | Ignored | Not in release | Not in release | Not in release |
| linux-hwe-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-aws-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-azure-6.11 | Ignored | Not in release | Not in release | Not in release |
| linux-azure-nvidia | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-6.11 | Ignored | Not in release | Not in release | Not in release |
| linux-gcp-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-ibm-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-6.11 | Ignored | Not in release | Not in release | Not in release |
| linux-nvidia-tegra | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-tegra-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-nvidia-tegra-igx | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-oem-6.14 | Not affected | Not in release | Not in release | Not in release |
| linux-riscv-6.14 | Not affected | Not in release | Not in release | Not in release |
Some fixes available 54 of 57
The Broadcom brcmfmac WiFi driver prior to commit a4176ec356c73a46c07c181c6d04039fafa34a9f is vulnerable to a frame validation bypass. If the brcmfmac driver receives a firmware event frame from a remote source, the...
89 affected packages
linux-aws, linux-flo, linux-aws-hwe, linux-azure, linux...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux-aws | Not affected | Not affected | Not affected | Fixed |
| linux-flo | — | — | — | Not in release |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release |
| linux-azure | Not affected | Not affected | Not affected | Fixed |
| linux | Not affected | Not affected | Not affected | Fixed |
| linux-azure-edge | Not in release | Not in release | Not in release | Fixed |
| linux-euclid | — | — | — | Not in release |
| linux-gcp | Not affected | Not affected | Not affected | Fixed |
| linux-gcp-edge | — | — | — | Fixed |
| linux-gke | Not affected | Not affected | Ignored | Not in release |
| linux-gke-4.15 | Not in release | Not in release | Not in release | Fixed |
| linux-gke-5.0 | Not in release | Not in release | Not in release | Not affected |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Fixed |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected |
| linux-kvm | Not in release | Not affected | Not affected | Fixed |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Fixed |
| linux-oracle | Not affected | Not affected | Not affected | Fixed |
| linux-raspi2 | Not in release | Not in release | Ignored | Fixed |
| linux-snapdragon | Not in release | Not in release | Not in release | Fixed |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release |
| linux-fips | Not in release | Not affected | Not affected | Not affected |
| linux-aws-fips | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | Not affected | Not affected | Not affected | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-ibm | Not affected | Not affected | Not affected | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release |
| linux-intel-iot-realtime | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | Not affected | Not in release | Not in release | Not in release |
| linux-realtime | Not affected | Not affected | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-azure-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-azure-nvidia | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-tegra | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-tegra-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-nvidia-tegra-igx | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.14 | Not affected | Not in release | Not in release | Not in release |
The Broadcom brcmfmac WiFi driver prior to commit 1b5e2423164b3670e8bc9174e4762d297990deff is vulnerable to a heap buffer overflow. If the Wake-up on Wireless LAN functionality is configured, a malicious event frame can be...
29 affected packages
linux, linux-goldfish, linux-aws, linux-flo, linux-aws-hwe...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux | — | — | — | Fixed |
| linux-goldfish | — | — | — | Not in release |
| linux-aws | — | — | — | Fixed |
| linux-flo | — | — | — | Not in release |
| linux-aws-hwe | — | — | — | Not in release |
| linux-azure | — | — | — | Fixed |
| linux-azure-edge | — | — | — | Fixed |
| linux-euclid | — | — | — | Not in release |
| linux-gcp | — | — | — | Fixed |
| linux-gcp-edge | — | — | — | Fixed |
| linux-gke | — | — | — | Not in release |
| linux-gke-4.15 | — | — | — | Fixed |
| linux-gke-5.0 | — | — | — | Not affected |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | — | — | — | Fixed |
| linux-hwe-edge | — | — | — | Not affected |
| linux-kvm | — | — | — | Fixed |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | — | — | — | Fixed |
| linux-oracle | — | — | — | Fixed |
| linux-raspi2 | — | — | — | Fixed |
| linux-snapdragon | — | — | — | Not affected |
It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel...
27 affected packages
linux, linux-flo, linux-goldfish, linux-grouper, linux-aws...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux | — | — | — | Not affected |
| linux-flo | — | — | — | Not in release |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-aws | — | — | — | Not affected |
| linux-azure | — | — | — | Not affected |
| linux-azure-edge | — | — | — | Not affected |
| linux-aws-hwe | — | — | — | Not in release |
| linux-euclid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-gcp | — | — | — | Not affected |
| linux-gcp-edge | — | — | — | Not affected |
| linux-gke | — | — | — | Not affected |
| linux-hwe | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | Not affected |
| linux-kvm | — | — | — | Not affected |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | — | — | — | Not affected |
| linux-oracle | — | — | — | Not affected |
| linux-raspi2 | — | — | — | Not affected |
| linux-snapdragon | — | — | — | Not affected |
Some fixes available 38 of 42
The Linux kernel through 5.0.7, when CONFIG_IA32_AOUT is enabled and ia32_aout is loaded, allows local users to bypass ASLR on setuid a.out programs (if any exist) because install_exec_creds() is called too late...
89 affected packages
linux-aws, linux-flo, linux-goldfish, linux-aws-hwe, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux-aws | Not affected | Not affected | Not affected | Fixed |
| linux-flo | — | — | — | Not in release |
| linux-goldfish | — | — | — | Not in release |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release |
| linux-azure | Not affected | Not affected | Not affected | Fixed |
| linux-oracle | Not affected | Not affected | Not affected | Fixed |
| linux | Not affected | Not affected | Not affected | Fixed |
| linux-azure-edge | Not in release | Not in release | Not in release | Fixed |
| linux-euclid | — | — | — | Not in release |
| linux-gcp | Not affected | Not affected | Not affected | Fixed |
| linux-gcp-edge | — | — | — | Fixed |
| linux-gke | Not affected | Not affected | Ignored | Not in release |
| linux-gke-4.15 | Not in release | Not in release | Not in release | Fixed |
| linux-gke-5.0 | Not in release | Not in release | Not in release | Not affected |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Fixed |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected |
| linux-kvm | Not in release | Not affected | Not affected | Fixed |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Fixed |
| linux-raspi2 | Not in release | Not in release | Ignored | Fixed |
| linux-snapdragon | Not in release | Not in release | Not in release | Fixed |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Ignored | Not in release |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release |
| linux-fips | Not in release | Not affected | Not affected | Not affected |
| linux-aws-fips | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | Not affected | Not affected | Not affected | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-ibm | Not affected | Not affected | Not affected | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release |
| linux-intel-iot-realtime | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | Not affected | Not in release | Not in release | Not in release |
| linux-realtime | Not affected | Not affected | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-azure-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-azure-nvidia | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-tegra | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-tegra-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-nvidia-tegra-igx | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.14 | Not affected | Not in release | Not in release | Not in release |
Some fixes available 9 of 13
The Linux kernel before 4.8 allows local users to bypass ASLR on setuid programs (such as /bin/su) because install_exec_creds() is called too late in load_elf_binary() in fs/binfmt_elf.c, and thus the ptrace_may_access() check has...
87 affected packages
linux-aws, linux-flo, linux-aws-hwe, linux-azure, linux...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux-aws | Not affected | Not affected | Not affected | Not affected |
| linux-flo | — | — | — | Not in release |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release |
| linux-azure | Not affected | Not affected | Not affected | Not affected |
| linux | Not affected | Not affected | Not affected | Not affected |
| linux-azure-edge | Not in release | Not in release | Not in release | Not affected |
| linux-euclid | — | — | — | Not in release |
| linux-gcp | Not affected | Not affected | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Not affected |
| linux-gke | Not affected | Not affected | Ignored | Not in release |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected |
| linux-kvm | Not in release | Not affected | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Not affected |
| linux-oracle | Not affected | Not affected | Not affected | Not affected |
| linux-raspi2 | Not in release | Not in release | Ignored | Not affected |
| linux-snapdragon | Not in release | Not in release | Not in release | Fixed |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Ignored | Not in release |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release |
| linux-fips | Not in release | Not affected | Not affected | Not affected |
| linux-aws-fips | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | Not affected | Not affected | Not affected | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-ibm | Not affected | Not affected | Not affected | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release |
| linux-intel-iot-realtime | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | Not affected | Not in release | Not in release | Not in release |
| linux-realtime | Not affected | Not affected | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-azure-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-azure-nvidia | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-6.11 | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-tegra | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-tegra-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-nvidia-tegra-igx | Not in release | Not affected | Not in release | Not in release |
| linux-oem-6.14 | Not affected | Not in release | Not in release | Not in release |
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when...
27 affected packages
linux-aws, linux-azure, linux-aws-hwe, linux-gcp-edge, linux...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux-aws | — | — | — | Not affected |
| linux-azure | — | — | — | Fixed |
| linux-aws-hwe | — | — | — | Not in release |
| linux-gcp-edge | — | — | — | Fixed |
| linux | — | — | — | Not affected |
| linux-azure-edge | — | — | — | Fixed |
| linux-euclid | — | — | — | Not in release |
| linux-flo | — | — | — | Not in release |
| linux-gcp | — | — | — | Not affected |
| linux-gke | — | — | — | Not affected |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | — | — | — | Fixed |
| linux-hwe-edge | — | — | — | Not affected |
| linux-kvm | — | — | — | Not affected |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | — | — | — | Not affected |
| linux-oracle | — | — | — | Not affected |
| linux-raspi2 | — | — | — | Not affected |
| linux-snapdragon | — | — | — | Not affected |
Some fixes available 3 of 5
The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.
73 affected packages
linux, linux-aws, linux-azure, linux-flo, linux-aws-hwe...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux | Not affected | Not affected | Not affected | Not affected |
| linux-aws | Not affected | Not affected | Not affected | Not affected |
| linux-azure | Not affected | Not affected | Not affected | Not affected |
| linux-flo | — | — | — | Not in release |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release |
| linux-azure-edge | Not in release | Not in release | Not in release | Not affected |
| linux-euclid | — | — | — | Not in release |
| linux-gcp | Not affected | Not affected | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Not affected |
| linux-gke | Not affected | Not affected | Ignored | Not in release |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected |
| linux-kvm | Not in release | Not affected | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Not affected |
| linux-oracle | Not affected | Not affected | Not affected | Not affected |
| linux-raspi2 | Not in release | Not in release | Ignored | Not affected |
| linux-snapdragon | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release |
| linux-fips | Not in release | Not affected | Not affected | Not affected |
| linux-aws-fips | Not in release | Not affected | Not affected | Not affected |
| linux-azure-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-fips | Not in release | Not affected | Not affected | Not affected |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | Not affected | Not affected | Not affected | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-ibm | Not affected | Not affected | Not affected | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release |
| linux-intel-iot-realtime | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected |
| linux-raspi-realtime | Not affected | Not in release | Not in release | Not in release |
| linux-realtime | Not affected | Not affected | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release |
An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return...
27 affected packages
linux-aws, linux-flo, linux-aws-hwe, linux, linux-azure...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux-aws | — | — | — | Not affected |
| linux-flo | — | — | — | Not in release |
| linux-aws-hwe | — | — | — | Not in release |
| linux | — | — | — | Not affected |
| linux-azure | — | — | — | Not affected |
| linux-azure-edge | — | — | — | Not affected |
| linux-euclid | — | — | — | Not in release |
| linux-gcp | — | — | — | Not affected |
| linux-gcp-edge | — | — | — | Not affected |
| linux-gke | — | — | — | Not affected |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | Not affected |
| linux-kvm | — | — | — | Not affected |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | — | — | — | Not affected |
| linux-oracle | — | — | — | Not affected |
| linux-raspi2 | — | — | — | Not affected |
| linux-snapdragon | — | — | — | Not affected |
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none
27 affected packages
linux-aws, linux, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS |
|---|---|---|---|---|
| linux-aws | — | — | — | Not affected |
| linux | — | — | — | Not affected |
| linux-aws-hwe | — | — | — | Not in release |
| linux-azure | — | — | — | Not affected |
| linux-azure-edge | — | — | — | Not affected |
| linux-euclid | — | — | — | Not in release |
| linux-flo | — | — | — | Not in release |
| linux-gcp | — | — | — | Not affected |
| linux-gcp-edge | — | — | — | Not affected |
| linux-gke | — | — | — | Ignored |
| linux-goldfish | — | — | — | Not in release |
| linux-grouper | — | — | — | Not in release |
| linux-hwe | — | — | — | Not affected |
| linux-hwe-edge | — | — | — | Not affected |
| linux-kvm | — | — | — | Not affected |
| linux-lts-trusty | — | — | — | Not in release |
| linux-lts-utopic | — | — | — | Not in release |
| linux-lts-vivid | — | — | — | Not in release |
| linux-lts-wily | — | — | — | Not in release |
| linux-lts-xenial | — | — | — | Not in release |
| linux-maguro | — | — | — | Not in release |
| linux-mako | — | — | — | Not in release |
| linux-manta | — | — | — | Not in release |
| linux-oem | — | — | — | Not affected |
| linux-oracle | — | — | — | Not affected |
| linux-raspi2 | — | — | — | Ignored |
| linux-snapdragon | — | — | — | Ignored |