Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 137 results


CVE-2008-4395

Low priority
Fixed

Multiple buffer overflows in the ndiswrapper module 1.53 for the Linux kernel 2.6 allow remote attackers to execute arbitrary code by sending packets over a local wireless network that specify long ESSIDs.

6 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22, linux-ubuntu-modules-2.6.22, linux-ubuntu-modules-2.6.24

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-source-2.6.15
linux-source-2.6.20
linux-source-2.6.22
linux-ubuntu-modules-2.6.22
linux-ubuntu-modules-2.6.24
Show less packages

CVE-2008-3831

Medium priority

Some fixes available 3 of 4

The i915 driver in (1) drivers/char/drm/i915_dma.c in the Linux kernel 2.6.24 on Debian GNU/Linux and (2) sys/dev/pci/drm/i915_drv.c in OpenBSD does not restrict the DRM_I915_HWS_ADDR ioctl to the Direct Rendering Manager (DRM)...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-source-2.6.15
linux-source-2.6.20
linux-source-2.6.22
Show less packages

CVE-2008-4445

Low priority
Fixed

The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-source-2.6.15
linux-source-2.6.20
linux-source-2.6.22
Show less packages

CVE-2008-4410

Low priority
Not affected

The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-source-2.6.15
linux-source-2.6.20
linux-source-2.6.22
Show less packages

CVE-2008-3833

Low priority
Not affected

The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-source-2.6.15
linux-source-2.6.20
linux-source-2.6.22
Show less packages

CVE-2008-3832

Medium priority
Not affected

A certain Fedora patch for the utrace subsystem in the Linux kernel before 2.6.26.5-28 on Fedora 8, and before 2.6.26.5-45 on Fedora 9, allows local users to cause a denial of service (NULL pointer dereference and system crash or...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-source-2.6.15
linux-source-2.6.20
linux-source-2.6.22
Show less packages

CVE-2008-4302

Low priority
Ignored

fs/splice.c in the splice subsystem in the Linux kernel before 2.6.22.2 does not properly handle a failure of the add_to_page_cache_lru function, and subsequently attempts to unlock a page that was not locked, which allows local...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-source-2.6.15
linux-source-2.6.20
linux-source-2.6.22
Show less packages

CVE-2008-4210

Low priority

Some fixes available 1 of 2

fs/open.c in the Linux kernel before 2.6.22 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-source-2.6.15
linux-source-2.6.20
linux-source-2.6.22
Show less packages

CVE-2008-3528

Negligible priority
Ignored

The error-reporting functionality in (1) fs/ext2/dir.c, (2) fs/ext3/dir.c, and possibly (3) fs/ext4/dir.c in the Linux kernel 2.6.26.5 does not limit the number of printk console messages that report directory corruption, which...

4 affected packages

linux, linux-source-2.6.15, linux-source-2.6.20, linux-source-2.6.22

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux
linux-source-2.6.15
linux-source-2.6.20
linux-source-2.6.22
Show less packages

CVE-2007-0001

Unknown priority
Not affected

The file watch implementation in the audit subsystem (auditctl -w) in the Red Hat Enterprise Linux (RHEL) 4 kernel 2.6.9 allows local users to cause a denial of service (kernel panic) by replacing a watched file, which does not...

3 affected packages

linux-source-2.6.15, linux-source-2.6.17, linux-source-2.6.20

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
linux-source-2.6.15
linux-source-2.6.17
linux-source-2.6.20
Show less packages