Search CVE reports

61 – 70 of 421 results

Detailed view

Sort by:

CVE-2013-2636

Low priority

Ignored

net/bridge/br_mdb.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel memory via a crafted application.

13 affected packages

linux, linux-armadaxp, linux-ec2, linux-fsl-imx51, linux-linaro-omap...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-armadaxp	—	—	—	—	—
linux-ec2	—	—	—	—	—
linux-fsl-imx51	—	—	—	—	—
linux-linaro-omap	—	—	—	—	—
linux-linaro-shared	—	—	—	—	—
linux-linaro-vexpress	—	—	—	—	—
linux-lts-backport-maverick	—	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—	—
linux-lts-quantal	—	—	—	—	—
linux-mvl-dove	—	—	—	—	—
linux-qcm-msm	—	—	—	—	—
linux-ti-omap4	—	—	—	—	—

The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the Linux kernel before 3.8.4 does not validate a size value before proceeding to a copy_from_user operation, which allows local users to gain privileges via...

13 affected packages

linux, linux-armadaxp, linux-ec2, linux-fsl-imx51, linux-linaro-omap...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-armadaxp	—	—	—	—	—
linux-ec2	—	—	—	—	—
linux-fsl-imx51	—	—	—	—	—
linux-linaro-omap	—	—	—	—	—
linux-linaro-shared	—	—	—	—	—
linux-linaro-vexpress	—	—	—	—	—
linux-lts-backport-maverick	—	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—	—
linux-lts-quantal	—	—	—	—	—
linux-mvl-dove	—	—	—	—	—
linux-qcm-msm	—	—	—	—	—
linux-ti-omap4	—	—	—	—	—

CVE-2013-2635

Low priority

Some fixes available 7 of 45

The rtnl_fill_ifinfo function in net/core/rtnetlink.c in the Linux kernel before 3.8.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel stack memory via a crafted...

31 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-ec2	—	—	—	—	Not in release
linux-flo	—	—	—	—	Ignored
linux-fsl-imx51	—	—	—	—	Not in release
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-backport-maverick	—	—	—	—	Not in release
linux-lts-backport-oneiric	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-raring	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Ignored
linux-manta	—	—	—	—	Not in release
linux-mvl-dove	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2013-2634

Low priority

Some fixes available 9 of 47

net/dcb/dcbnl.c in the Linux kernel before 3.8.4 does not initialize certain structures, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

31 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-ec2	—	—	—	—	Not in release
linux-flo	—	—	—	—	Ignored
linux-fsl-imx51	—	—	—	—	Not in release
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-backport-maverick	—	—	—	—	Not in release
linux-lts-backport-oneiric	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-raring	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Ignored
linux-manta	—	—	—	—	Not in release
linux-mvl-dove	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2013-1860

Medium priority

Some fixes available 9 of 48

Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute...

31 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-ec2	—	—	—	—	Not in release
linux-flo	—	—	—	—	Ignored
linux-fsl-imx51	—	—	—	—	Not in release
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-backport-maverick	—	—	—	—	Not in release
linux-lts-backport-oneiric	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-raring	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Ignored
linux-manta	—	—	—	—	Not in release
linux-mvl-dove	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2013-1848

Medium priority

Some fixes available 7 of 45

fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a...

31 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-ec2	—	—	—	—	Not in release
linux-flo	—	—	—	—	Ignored
linux-fsl-imx51	—	—	—	—	Not in release
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-backport-maverick	—	—	—	—	Not in release
linux-lts-backport-oneiric	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-raring	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Ignored
linux-manta	—	—	—	—	Not in release
linux-mvl-dove	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2013-1792

Medium priority

Some fixes available 11 of 47

Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl...

31 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-ec2	—	—	—	—	Not in release
linux-flo	—	—	—	—	Ignored
linux-fsl-imx51	—	—	—	—	Not in release
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-backport-maverick	—	—	—	—	Not in release
linux-lts-backport-oneiric	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-raring	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Ignored
linux-manta	—	—	—	—	Not in release
linux-mvl-dove	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2013-0914

Medium priority

Some fixes available 11 of 48

The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection...

31 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-ec2	—	—	—	—	Not in release
linux-flo	—	—	—	—	Ignored
linux-fsl-imx51	—	—	—	—	Not in release
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-backport-maverick	—	—	—	—	Not in release
linux-lts-backport-oneiric	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-raring	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Ignored
linux-manta	—	—	—	—	Not in release
linux-mvl-dove	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2013-1798

Medium priority

Some fixes available 5 of 47

The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to...

31 affected packages

linux, linux-armadaxp, linux-aws, linux-ec2, linux-flo...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	Not affected
linux-armadaxp	—	—	—	—	Not in release
linux-aws	—	—	—	—	Not affected
linux-ec2	—	—	—	—	Not in release
linux-flo	—	—	—	—	Ignored
linux-fsl-imx51	—	—	—	—	Not in release
linux-gke	—	—	—	—	Not affected
linux-goldfish	—	—	—	—	Not affected
linux-grouper	—	—	—	—	Not in release
linux-hwe	—	—	—	—	Not affected
linux-hwe-edge	—	—	—	—	Not affected
linux-linaro-omap	—	—	—	—	Not in release
linux-linaro-shared	—	—	—	—	Not in release
linux-linaro-vexpress	—	—	—	—	Not in release
linux-lts-backport-maverick	—	—	—	—	Not in release
linux-lts-backport-oneiric	—	—	—	—	Not in release
linux-lts-quantal	—	—	—	—	Not in release
linux-lts-raring	—	—	—	—	Not in release
linux-lts-trusty	—	—	—	—	Not in release
linux-lts-utopic	—	—	—	—	Not in release
linux-lts-vivid	—	—	—	—	Not in release
linux-lts-wily	—	—	—	—	Not in release
linux-lts-xenial	—	—	—	—	Not in release
linux-maguro	—	—	—	—	Not in release
linux-mako	—	—	—	—	Ignored
linux-manta	—	—	—	—	Not in release
linux-mvl-dove	—	—	—	—	Not in release
linux-qcm-msm	—	—	—	—	Not in release
linux-raspi2	—	—	—	—	Not affected
linux-snapdragon	—	—	—	—	Not affected
linux-ti-omap4	—	—	—	—	Not in release

CVE-2013-1797

Medium priority

Some fixes available 5 of 33

Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a...

25 affected packages

linux, linux-armadaxp, linux-ec2, linux-flo, linux-fsl-imx51...

Package	24.04 LTS	22.04 LTS	20.04 LTS	18.04 LTS	16.04 LTS
linux	—	—	—	—	—
linux-armadaxp	—	—	—	—	—
linux-ec2	—	—	—	—	—
linux-flo	—	—	—	—	—
linux-fsl-imx51	—	—	—	—	—
linux-goldfish	—	—	—	—	—
linux-grouper	—	—	—	—	—
linux-linaro-omap	—	—	—	—	—
linux-linaro-shared	—	—	—	—	—
linux-linaro-vexpress	—	—	—	—	—
linux-lts-backport-maverick	—	—	—	—	—
linux-lts-backport-oneiric	—	—	—	—	—
linux-lts-quantal	—	—	—	—	—
linux-lts-raring	—	—	—	—	—
linux-lts-saucy	—	—	—	—	—
linux-lts-trusty	—	—	—	—	—
linux-lts-utopic	—	—	—	—	—
linux-lts-vivid	—	—	—	—	—
linux-maguro	—	—	—	—	—
linux-mako	—	—	—	—	—
linux-manta	—	—	—	—	—
linux-mvl-dove	—	—	—	—	—
linux-qcm-msm	—	—	—	—	—
linux-raspi2	—	—	—	—	—
linux-ti-omap4	—	—	—	—	—

Export to JSON

Results by page: