Search CVE reports
101 – 110 of 1734 results
CVE-2019-9499
Medium priorityThe implementations of EAP-PWD in wpa_supplicant EAP Peer, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may...
2 affected packages
wpa, wpasupplicant
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| wpa | — | — | — | Fixed | Fixed |
| wpasupplicant | — | — | — | Not in release | Not in release |
CVE-2019-9498
Medium priorityThe implementations of EAP-PWD in hostapd EAP Server, when built against a crypto library missing explicit validation on imported elements, do not validate the scalar and element values in EAP-pwd-Commit. An attacker may be able...
2 affected packages
wpa, wpasupplicant
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| wpa | — | — | — | Fixed | Fixed |
| wpasupplicant | — | — | — | Not in release | Not in release |
CVE-2019-9497
Medium priorityThe implementations of EAP-PWD in hostapd EAP Server and wpa_supplicant EAP Peer do not validate the scalar and element values in EAP-pwd-Commit. This vulnerability may allow an attacker to complete EAP-PWD authentication without...
2 affected packages
wpa, wpasupplicant
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| wpa | — | — | — | Fixed | Fixed |
| wpasupplicant | — | — | — | Not in release | Not in release |
CVE-2019-9496
Medium priorityAn invalid authentication sequence could result in the hostapd process terminating due to missing state validation steps when processing the SAE confirm message when in hostapd/AP mode. All version of hostapd with SAE support are...
2 affected packages
wpa, wpasupplicant
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| wpa | — | — | — | Not affected | Not affected |
| wpasupplicant | — | — | — | Not in release | Not in release |
CVE-2019-9495
Medium priorityThe implementations of EAP-PWD in hostapd and wpa_supplicant are vulnerable to side-channel attacks as a result of cache access patterns. All versions of hostapd and wpa_supplicant with EAP-PWD support are vulnerable. The ability...
2 affected packages
wpa, wpasupplicant
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| wpa | — | — | — | Fixed | Fixed |
| wpasupplicant | — | — | — | Not in release | Not in release |
CVE-2019-9494
Medium priorityThe implementations of SAE in hostapd and wpa_supplicant are vulnerable to side channel attacks as a result of observable timing differences and cache access patterns. An attacker may be able to gain leaked information from a side...
2 affected packages
wpa, wpasupplicant
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| wpa | — | — | — | Not affected | Not affected |
| wpasupplicant | — | — | — | Not in release | Not in release |
CVE-2019-3887
Medium prioritySome fixes available 17 of 23
A flaw was found in the way KVM hypervisor handled x2APIC Machine Specific Rregister (MSR) access with nested(=1) virtualization enabled. In that, L1 guest could access L0's APIC register values via L2 guest, when...
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Fixed | Not affected |
| linux-azure-edge | — | — | — | Fixed | Not affected |
| linux-euclid | — | — | — | Not in release | Not affected |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gke | — | — | — | Not affected | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Fixed | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2018-20449
Negligible prioritySome fixes available 3 of 5
The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.
73 affected packages
linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-fips...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | Not affected | Not affected | Not affected | Not affected | Not affected |
| linux-aws | Not affected | Not affected | Not affected | Not affected | Not affected |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-aws-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release | Not affected |
| linux-azure | Not affected | Not affected | Not affected | Not affected | Fixed |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-edge | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-fips | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | Not affected | Not affected | Not affected | Not affected | Fixed |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gcp-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-gke | Not affected | Not affected | Ignored | Not in release | Ignored |
| linux-gkeop | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Not affected | Fixed |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected | Not affected |
| linux-ibm | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iot-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-kvm | Not in release | Not affected | Not affected | Not affected | Not affected |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Not affected | Ignored |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oracle | Not affected | Not affected | Not affected | Not affected | Not affected |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-raspi-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-raspi2 | Not in release | Not in release | Ignored | Not affected | Not affected |
| linux-realtime | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-snapdragon | Not in release | Not in release | Not in release | Not affected | Not affected |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release | Not in release |
CVE-2019-10125
Medium priorityAn issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return...
27 affected packages
linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-edge...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | — | — | — | Not affected | Not affected |
| linux-aws | — | — | — | Not affected | Not affected |
| linux-aws-hwe | — | — | — | Not in release | Not affected |
| linux-azure | — | — | — | Not affected | Not affected |
| linux-azure-edge | — | — | — | Not affected | Not affected |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | — | — | — | Not affected | Not affected |
| linux-gcp-edge | — | — | — | Not affected | Not in release |
| linux-gke | — | — | — | Not affected | Ignored |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | — | — | — | Not affected | Not affected |
| linux-hwe-edge | — | — | — | Not affected | Not affected |
| linux-kvm | — | — | — | Not affected | Not affected |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | — | — | — | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-oem | — | — | — | Not affected | Ignored |
| linux-oracle | — | — | — | Not affected | Not affected |
| linux-raspi2 | — | — | — | Not affected | Not affected |
| linux-snapdragon | — | — | — | Not affected | Not affected |
CVE-2019-3874
Medium prioritySome fixes available 53 of 59
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
80 affected packages
linux, linux-aws, linux-aws-5.15, linux-aws-5.4, linux-aws-6.8...
| Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
|---|---|---|---|---|---|
| linux | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-aws | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-aws-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-aws-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-aws-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-aws-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-aws-hwe | Not in release | Not in release | Not in release | Not in release | Fixed |
| linux-azure | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-azure-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-azure-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-azure-edge | Not in release | Not in release | Not in release | Fixed | Not in release |
| linux-azure-fde | Not in release | Not affected | Ignored | Not in release | Not in release |
| linux-azure-fde-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-azure-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-bluefield | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-euclid | — | — | — | Not in release | Ignored |
| linux-fips | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-flo | — | — | — | Not in release | Ignored |
| linux-gcp | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-gcp-4.15 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-gcp-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gcp-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-gcp-edge | — | — | — | Fixed | Not in release |
| linux-gcp-fips | Not in release | Not in release | Not in release | Not in release | Ignored |
| linux-gke | Not affected | Not affected | Ignored | Not in release | Ignored |
| linux-gke-4.15 | Not in release | Not in release | Not in release | Fixed | Not in release |
| linux-gke-5.0 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-gkeop | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-gkeop-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-goldfish | — | — | — | Not in release | Ignored |
| linux-grouper | — | — | — | Not in release | Not in release |
| linux-hwe | Not in release | Not in release | Not in release | Fixed | Fixed |
| linux-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-hwe-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-hwe-edge | Not in release | Not in release | Not in release | Not affected | Fixed |
| linux-ibm | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-ibm-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-ibm-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-intel | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iot-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-intel-iotg | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-intel-iotg-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-iot | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-kvm | Not in release | Not affected | Not affected | Fixed | Fixed |
| linux-lowlatency | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-lts-trusty | — | — | — | Not in release | Not in release |
| linux-lts-utopic | — | — | — | Not in release | Not in release |
| linux-lts-vivid | — | — | — | Not in release | Not in release |
| linux-lts-wily | — | — | — | Not in release | Not in release |
| linux-lts-xenial | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-maguro | — | — | — | Not in release | Not in release |
| linux-mako | — | — | — | Not in release | Ignored |
| linux-manta | — | — | — | Not in release | Not in release |
| linux-nvidia | Not affected | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.5 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-nvidia-lowlatency | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oem | Not in release | Not in release | Not in release | Fixed | Ignored |
| linux-oem-6.11 | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oem-6.8 | Not affected | Not in release | Not in release | Not in release | Not in release |
| linux-oracle | Not affected | Not affected | Not affected | Fixed | Fixed |
| linux-oracle-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-oracle-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-oracle-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-raspi | Not affected | Not affected | Not affected | Not in release | Not in release |
| linux-raspi-5.4 | Not in release | Not in release | Not in release | Not affected | Not in release |
| linux-raspi-realtime | Not in release | Not in release | Not in release | Not in release | Not in release |
| linux-raspi2 | Not in release | Not in release | Ignored | Fixed | Fixed |
| linux-realtime | Not in release | Ignored | Not in release | Not in release | Not in release |
| linux-riscv | Not affected | Ignored | Ignored | Not in release | Not in release |
| linux-riscv-5.15 | Not in release | Not in release | Not affected | Not in release | Not in release |
| linux-riscv-6.8 | Not in release | Not affected | Not in release | Not in release | Not in release |
| linux-snapdragon | Not in release | Not in release | Not in release | Fixed | Fixed |
| linux-xilinx-zynqmp | Not in release | Not affected | Not affected | Not in release | Not in release |