224 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-15793
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group id...
UBUNTU-CVE-2025-38088
In the Linux kernel, the following vulnerability has been resolved: powerpc/powernv/memtrace: Fix out of bounds issue in memtrace mmap memtrace mmap issue has an out of bounds issue. This patch fixes the by checking that the requested mapping region size should stay within the allocated region si...
UBUNTU-CVE-2022-50163
In the Linux kernel, the following vulnerability has been resolved: ax25: fix incorrect devtracker usage While investigating a separate rose issue 1, and enabling CONFIGNETDEVREFCNTTRACKER=y, Bernard reported an orthogonal ax25 issue 2 An ax25dev can be used by one or many struct ax25cb. We thus...
UBUNTU-CVE-2022-50227
In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Initialize Xen timer only once Add a check for existing xen timers before initializing a new one. Currently kvmxeninittimer is called on every KVMXENVCPUATTRTYPETIMER, which is causing the following ODEBUG crash whe...
UBUNTU-CVE-2022-49943
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix obscure lockdep violation for udcmutex A recent commit expanding the scope of the udclock mutex in the gadget core managed to cause an obscure and slightly bizarre lockdep violation. In abbreviated form:...
UBUNTU-CVE-2025-37995
In the Linux kernel, the following vulnerability has been resolved: module: ensure that kobjectput is safe for module type kobjects In 'lookuporcreatemodulekobject', an internal kobject is created using 'modulektype'. So call to 'kobjectput' on error handling path causes an attempt to use an...
UBUNTU-CVE-2025-37827
In the Linux kernel, the following vulnerability has been resolved: btrfs: zoned: return EIO on RAID1 block group write pointer mismatch There was a bug report about a NULL pointer dereference in btrfsaddfreespacezoned that ultimately happens because a conversion from the default metadata profile...
UBUNTU-CVE-2023-52995
In the Linux kernel, the following vulnerability has been resolved: riscv/kprobe: Fix instruction simulation of JALR Set kprobe at 'jalr 1140ra' of vfswrite results in the following crash: 32.092235 Unable to handle kernel access to user memory without uaccess routines at virtual address...
UBUNTU-CVE-2022-49574
In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcprecovery. While reading sysctltcprecovery, it can be changed concurrently. Thus, we need to add READONCE to its readers...
UBUNTU-CVE-2022-49062
In the Linux kernel, the following vulnerability has been resolved: cachefiles: Fix KASAN slab-out-of-bounds in cachefilessetvolumexattr Use the actual length of volume coherency data when setting the xattr to avoid the following KASAN report. BUG: KASAN: slab-out-of-bounds in...
UBUNTU-CVE-2023-52923
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: adapt set backend to use GC transaction API Use the GC transaction API to replace the old and buggy gc API and the busy mark approach. No set elements are removed from async garbage collection anymore, instea...
UBUNTU-CVE-2024-56607
In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix atomic calls in ath12kmacopsetbitratemask When I try to manually set bitrates: iw wlan0 set bitrates legacy-2.4 1 I get sleeping from invalid context error, see below. Fix that by switching to use recently...
UBUNTU-CVE-2024-53167
In the Linux kernel, the following vulnerability has been resolved: nfs/blocklayout: Don't attempt unregister for invalid block device Since commit d869da91cccb "nfs/blocklayout: Fix premature PR key unregistration" an unmount of a pNFS SCSI layout-enabled NFS may dereference a NULL blockdevice i...
CVE-2024-11586
Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected...
UBUNTU-CVE-2022-48966
In the Linux kernel, the following vulnerability has been resolved: net: mvneta: Prevent out of bounds read in mvnetaconfigrss The pp-indir0 value comes from the user. It is passed to: if cpuonlinepp-rxqdef inside the mvnetapercpuelect function. It needs bounds checkeding to ensure that it is not...
UBUNTU-CVE-2022-49017
In the Linux kernel, the following vulnerability has been resolved: tipc: re-fetch skb cb after tipcmsgvalidate As the call trace shows, the original skb was freed in tipcmsgvalidate, and dereferencing the old skb cb would cause an use-after-free crash. BUG: KASAN: use-after-free in...
UBUNTU-CVE-2024-47756
In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix if-statement expression in kspciequirk This code accidentally uses && where || was intended. It potentially results in a NULL dereference. Thus, fix the if-statement expression to use the correct condition...
UBUNTU-CVE-2022-48945
In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug: BUG: unable to handle page fault for address: ffffc9000a3b1000 PF: supervisor write access in kernel mode PF: errorcode0x0002 - not-present page PGD 100000067...
UBUNTU-CVE-2022-48926
In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: add spinlock for rndis response list There's no lock for rndis response list. It could cause list corruption if there're two different listadd at the same time like below. It's better to add in rndisaddrespons...
UBUNTU-CVE-2024-41081
In the Linux kernel, the following vulnerability has been resolved: ila: block BH in ilaoutput As explained in commit 1378817486d6 "tipc: block BH before using dstcache", net/core/dstcache.c helpers need to be called with BH disabled. ilaoutput is called from lwtunneloutput possibly from process...