Search CVE reports

11 – 20 of 252 results

Detailed view

Sort by:

CVE-2012-4508

Medium priority

Some fixes available 12 of 54

Race condition in fs/ext4/extents.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from a deleted file by reading an extent that was not properly marked as uninitialized.

32 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-ec2	—	—	—	—	Not in release
linux-flo	—	—	—	—	Ignored
linux-fsl-imx51	—	—	—	—	Not in release
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-backport-maverick	—	—	—	—	Not in release
linux-lts-backport-natty	—	—	—	—	Not in release
linux-lts-backport-oneiric	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-raring	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Ignored
linux-manta	—	—	—	—	Not in release
linux-mvl-dove	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2012-4461

Medium priority

Some fixes available 5 of 46

The KVM subsystem in the Linux kernel before 3.6.9, when running on hosts that use qemu userspace without XSAVE, allows local users to cause a denial of service (kernel OOPS) by using the KVM_SET_SREGS ioctl to set...

31 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-ec2	—	—	—	—	Not in release
linux-flo	—	—	—	—	Ignored
linux-fsl-imx51	—	—	—	—	Not in release
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-backport-maverick	—	—	—	—	Not in release
linux-lts-backport-natty	—	—	—	—	Not in release
linux-lts-backport-oneiric	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Ignored
linux-manta	—	—	—	—	Not in release
linux-mvl-dove	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2012-4530

Low priority

Some fixes available 12 of 53

The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

32 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-ec2	—	—	—	—	Not in release
linux-flo	—	—	—	—	Ignored
linux-fsl-imx51	—	—	—	—	Not in release
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-backport-maverick	—	—	—	—	Not in release
linux-lts-backport-natty	—	—	—	—	Not in release
linux-lts-backport-oneiric	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-raring	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Ignored
linux-manta	—	—	—	—	Not in release
linux-mvl-dove	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2012-4467

Medium priority

Ignored

The (1) do_siocgstamp and (2) do_siocgstampns functions in net/socket.c in the Linux kernel before 3.5.4 use an incorrect argument order, which allows local users to obtain sensitive information from kernel memory or cause...

13 affected packages

linux, linux-armadaxp, linux-ec2, linux-fsl-imx51, linux-linaro-omap...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-armadaxp	—	—	—	—	—
linux-ec2	—	—	—	—	—
linux-fsl-imx51	—	—	—	—	—
linux-linaro-omap	—	—	—	—	—
linux-linaro-shared	—	—	—	—	—
linux-linaro-vexpress	—	—	—	—	—
linux-lts-backport-maverick	—	—	—	—	—
linux-lts-backport-natty	—	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—	—
linux-mvl-dove	—	—	—	—	—
linux-qcm-msm	—	—	—	—	—
linux-ti-omap4	—	—	—	—	—

CVE-2012-0957

Low priority

Some fixes available 10 of 38

The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality.

31 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-ec2	—	—	—	—	Not in release
linux-flo	—	—	—	—	Not affected
linux-fsl-imx51	—	—	—	—	Not in release
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-backport-maverick	—	—	—	—	Not in release
linux-lts-backport-natty	—	—	—	—	Not in release
linux-lts-backport-oneiric	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Not affected
linux-manta	—	—	—	—	Not in release
linux-mvl-dove	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2012-3552

Medium priority

Ignored

Race condition in the IP implementation in the Linux kernel before 3.0 might allow remote attackers to cause a denial of service (slab corruption and system crash) by sending packets to an application that sets socket options...

19 affected packages

linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-armadaxp	—	—	—	—	—
linux-ec2	—	—	—	—	—
linux-flo	—	—	—	—	—
linux-fsl-imx51	—	—	—	—	—
linux-goldfish	—	—	—	—	—
linux-grouper	—	—	—	—	—
linux-linaro-omap	—	—	—	—	—
linux-linaro-shared	—	—	—	—	—
linux-linaro-vexpress	—	—	—	—	—
linux-lts-backport-maverick	—	—	—	—	—
linux-lts-backport-natty	—	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—	—
linux-maguro	—	—	—	—	—
linux-mako	—	—	—	—	—
linux-manta	—	—	—	—	—
linux-mvl-dove	—	—	—	—	—
linux-qcm-msm	—	—	—	—	—
linux-ti-omap4	—	—	—	—	—

CVE-2012-3510

Low priority

Ignored

Use-after-free vulnerability in the xacct_add_tsk function in kernel/tsacct.c in the Linux kernel before 2.6.19 allows local users to obtain potentially sensitive information from kernel memory or cause a denial of service (system...

13 affected packages

linux, linux-armadaxp, linux-ec2, linux-fsl-imx51, linux-linaro-omap...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-armadaxp	—	—	—	—	—
linux-ec2	—	—	—	—	—
linux-fsl-imx51	—	—	—	—	—
linux-linaro-omap	—	—	—	—	—
linux-linaro-shared	—	—	—	—	—
linux-linaro-vexpress	—	—	—	—	—
linux-lts-backport-maverick	—	—	—	—	—
linux-lts-backport-natty	—	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—	—
linux-mvl-dove	—	—	—	—	—
linux-qcm-msm	—	—	—	—	—
linux-ti-omap4	—	—	—	—	—

CVE-2012-3520

High priority

Some fixes available 3 of 30

The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by...

31 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-ec2	—	—	—	—	Not in release
linux-flo	—	—	—	—	Not affected
linux-fsl-imx51	—	—	—	—	Not in release
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-backport-maverick	—	—	—	—	Not in release
linux-lts-backport-natty	—	—	—	—	Not in release
linux-lts-backport-oneiric	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Not affected
linux-manta	—	—	—	—	Not in release
linux-mvl-dove	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2012-4398

Medium priority

Some fixes available 7 of 34

The __request_module function in kernel/kmod.c in the Linux kernel before 3.4 does not set a certain killable attribute, which allows local users to cause a denial of service (memory consumption) via a crafted application.

32 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-ec2	—	—	—	—	Not in release
linux-flo	—	—	—	—	Not affected
linux-fsl-imx51	—	—	—	—	Not in release
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-backport-maverick	—	—	—	—	Not in release
linux-lts-backport-natty	—	—	—	—	Not in release
linux-lts-backport-oneiric	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-raring	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Not affected
linux-manta	—	—	—	—	Not in release
linux-mvl-dove	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2012-3511

Low priority

Some fixes available 11 of 37

Multiple race conditions in the madvise_remove function in mm/madvise.c in the Linux kernel before 3.4.5 allow local users to cause a denial of service (use-after-free and system crash) via vectors involving a (1) munmap or (2)...

30 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-ec2	—	—	—	—	Not in release
linux-flo	—	—	—	—	Not affected
linux-fsl-imx51	—	—	—	—	Not in release
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-backport-maverick	—	—	—	—	Not in release
linux-lts-backport-natty	—	—	—	—	Not in release
linux-lts-backport-oneiric	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Not affected
linux-manta	—	—	—	—	Not in release
linux-mvl-dove	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

Export to JSON

Results by page: