Search CVE reports
1 – 10 of 42380 results
A flaw was found in GIMP's PSP file format parser. A double-free condition occurs in the read_layer_block() function when processing a specially crafted PSP file. This could allow an attacker to cause memory...
1 affected package
gimp
| Package | 20.04 LTS |
|---|---|
| gimp | Needs evaluation |
The Erlang/OTP ssl application does not validate that the PSK identity list and binder list carried in a TLS 1.3 ClientHello pre-shared key extension have equal length before passing them to the session ticket handler....
1 affected package
erlang
| Package | 20.04 LTS |
|---|---|
| erlang | Needs evaluation |
Time-of-check Time-of-use (TOCTOU) race condition vulnerability in Erlang/OTP ssl (dtls_packet_demux module) allows an unauthenticated remote attacker to crash all active DTLS sessions on a listener. A DTLS server listener uses a...
1 affected package
erlang
| Package | 20.04 LTS |
|---|---|
| erlang | Needs evaluation |
Improper Enforcement of Message Integrity During Transmission in a Communication Channel vulnerability in Erlang/OTP ssl (tls_gen_connection module) allows a network-positioned attacker to inject unauthenticated plaintext that the...
1 affected package
erlang
| Package | 20.04 LTS |
|---|---|
| erlang | Needs evaluation |
Use of Default Cryptographic Key vulnerability in Erlang/OTP ssl (DTLS server) allows predictable DTLS cookie computation during the startup window, enabling source address verification bypass. On DTLS server startup,...
1 affected package
erlang
| Package | 20.04 LTS |
|---|---|
| erlang | Needs evaluation |
Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user to render an SFTP channel permanently unresponsive. The handle_data/4 function in...
1 affected package
erlang
| Package | 20.04 LTS |
|---|---|
| erlang | Needs evaluation |
Observable Response Discrepancy vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user to enumerate the existence of files and directories outside the configured root directory. The SSH_FXP_REALPATH...
1 affected package
erlang
| Package | 20.04 LTS |
|---|---|
| erlang | Needs evaluation |
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: use chan timer to close channels in cleanup_listen() l2cap_chan_close() removes the channel from conn->chan_l, which must be done under...
162 affected packages
linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11...
| Package | 20.04 LTS |
|---|---|
| linux | Needs evaluation |
| linux-hwe | — |
| linux-hwe-5.4 | — |
| linux-hwe-5.8 | Ignored |
| linux-hwe-5.11 | Ignored |
| linux-hwe-5.13 | Ignored |
| linux-hwe-5.15 | Needs evaluation |
| linux-hwe-5.19 | — |
| linux-hwe-6.2 | — |
| linux-hwe-6.5 | — |
| linux-hwe-6.8 | — |
| linux-hwe-6.11 | — |
| linux-hwe-6.14 | — |
| linux-hwe-6.17 | — |
| linux-hwe-7.0 | — |
| linux-hwe-edge | — |
| linux-lts-xenial | — |
| linux-kvm | Needs evaluation |
| linux-allwinner-5.19 | — |
| linux-aws | Needs evaluation |
| linux-aws-5.0 | — |
| linux-aws-5.3 | — |
| linux-aws-5.4 | — |
| linux-aws-5.8 | Ignored |
| linux-aws-5.11 | Ignored |
| linux-aws-5.13 | Ignored |
| linux-aws-5.15 | Needs evaluation |
| linux-aws-5.19 | — |
| linux-aws-6.2 | — |
| linux-aws-6.5 | — |
| linux-aws-6.8 | — |
| linux-aws-6.14 | — |
| linux-aws-6.17 | — |
| linux-aws-hwe | — |
| linux-azure | Needs evaluation |
| linux-azure-4.15 | — |
| linux-azure-5.3 | — |
| linux-azure-5.4 | — |
| linux-azure-5.8 | Ignored |
| linux-azure-5.11 | Ignored |
| linux-azure-5.13 | Ignored |
| linux-azure-5.15 | Needs evaluation |
| linux-azure-5.19 | — |
| linux-azure-6.2 | — |
| linux-azure-6.5 | — |
| linux-azure-6.8 | — |
| linux-azure-6.11 | — |
| linux-azure-6.14 | — |
| linux-azure-6.17 | — |
| linux-azure-fde | Ignored |
| linux-azure-fde-5.15 | Needs evaluation |
| linux-azure-fde-5.19 | — |
| linux-azure-fde-6.2 | — |
| linux-azure-fde-6.8 | — |
| linux-azure-fde-6.14 | — |
| linux-azure-fde-6.17 | — |
| linux-azure-nvidia | — |
| linux-azure-nvidia-6.14 | — |
| linux-bluefield | Needs evaluation |
| linux-azure-edge | — |
| linux-fips | Needs evaluation |
| linux-aws-fips | Needs evaluation |
| linux-azure-fips | Needs evaluation |
| linux-gcp-fips | Needs evaluation |
| linux-gcp | Needs evaluation |
| linux-gcp-4.15 | — |
| linux-gcp-5.3 | — |
| linux-gcp-5.4 | — |
| linux-gcp-5.8 | Ignored |
| linux-gcp-5.11 | Ignored |
| linux-gcp-5.13 | Ignored |
| linux-gcp-5.15 | Needs evaluation |
| linux-gcp-5.19 | — |
| linux-gcp-6.2 | — |
| linux-gcp-6.5 | — |
| linux-gcp-6.8 | — |
| linux-gcp-6.11 | — |
| linux-gcp-6.14 | — |
| linux-gcp-6.17 | — |
| linux-gke | Ignored |
| linux-gke-4.15 | — |
| linux-gke-5.4 | — |
| linux-gke-5.15 | Ignored |
| linux-gkeop | Ignored |
| linux-gkeop-5.4 | — |
| linux-gkeop-5.15 | Ignored |
| linux-ibm | Needs evaluation |
| linux-ibm-5.4 | — |
| linux-ibm-5.15 | Needs evaluation |
| linux-ibm-6.8 | — |
| linux-intel-5.13 | Ignored |
| linux-intel-iotg | — |
| linux-intel-iotg-5.15 | Needs evaluation |
| linux-iot | Needs evaluation |
| linux-intel-iot-realtime | — |
| linux-lowlatency | — |
| linux-lowlatency-hwe-5.15 | Needs evaluation |
| linux-lowlatency-hwe-5.19 | — |
| linux-lowlatency-hwe-6.2 | — |
| linux-lowlatency-hwe-6.5 | — |
| linux-lowlatency-hwe-6.8 | — |
| linux-lowlatency-hwe-6.11 | — |
| linux-nvidia | — |
| linux-nvidia-6.2 | — |
| linux-nvidia-6.5 | — |
| linux-nvidia-6.8 | — |
| linux-nvidia-6.11 | — |
| linux-nvidia-6.17 | — |
| linux-nvidia-7.0 | — |
| linux-nvidia-bos | — |
| linux-nvidia-lowlatency | — |
| linux-nvidia-tegra | — |
| linux-nvidia-tegra-5.15 | Needs evaluation |
| linux-nvidia-tegra-igx | — |
| linux-oracle | Needs evaluation |
| linux-oracle-5.0 | — |
| linux-oracle-5.3 | — |
| linux-oracle-5.4 | — |
| linux-oracle-5.8 | Ignored |
| linux-oracle-5.11 | Ignored |
| linux-oracle-5.13 | Ignored |
| linux-oracle-5.15 | Needs evaluation |
| linux-oracle-6.5 | — |
| linux-oracle-6.8 | — |
| linux-oracle-6.14 | — |
| linux-oracle-6.17 | — |
| linux-oem | — |
| linux-oem-5.6 | Ignored |
| linux-oem-5.10 | Ignored |
| linux-oem-5.13 | Ignored |
| linux-oem-5.14 | Ignored |
| linux-oem-5.17 | — |
| linux-oem-6.0 | — |
| linux-oem-6.1 | — |
| linux-oem-6.5 | — |
| linux-oem-6.8 | — |
| linux-oem-6.11 | — |
| linux-oem-6.14 | — |
| linux-oem-6.17 | — |
| linux-oem-7.0 | — |
| linux-raspi | Needs evaluation |
| linux-raspi2 | Ignored |
| linux-raspi-5.4 | — |
| linux-raspi-realtime | — |
| linux-realtime | — |
| linux-realtime-6.8 | — |
| linux-realtime-6.14 | — |
| linux-riscv | Ignored |
| linux-riscv-5.8 | Ignored |
| linux-riscv-5.11 | Ignored |
| linux-riscv-5.15 | Needs evaluation |
| linux-riscv-5.19 | — |
| linux-riscv-6.5 | — |
| linux-riscv-6.8 | — |
| linux-riscv-6.14 | — |
| linux-riscv-6.17 | — |
| linux-starfive-5.19 | — |
| linux-starfive-6.2 | — |
| linux-starfive-6.5 | — |
| linux-xilinx | — |
| linux-xilinx-zynqmp | Needs evaluation |
| linux-realtime-6.17 | — |
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs l2cap_conn_del() bt_accept_dequeue() unlinks a not-yet-accepted child from the parent accept queue and...
162 affected packages
linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11...
| Package | 20.04 LTS |
|---|---|
| linux | Needs evaluation |
| linux-hwe | — |
| linux-hwe-5.4 | — |
| linux-hwe-5.8 | Ignored |
| linux-hwe-5.11 | Ignored |
| linux-hwe-5.13 | Ignored |
| linux-hwe-5.15 | Needs evaluation |
| linux-hwe-5.19 | — |
| linux-hwe-6.2 | — |
| linux-hwe-6.5 | — |
| linux-hwe-6.8 | — |
| linux-hwe-6.11 | — |
| linux-hwe-6.14 | — |
| linux-hwe-6.17 | — |
| linux-hwe-7.0 | — |
| linux-hwe-edge | — |
| linux-lts-xenial | — |
| linux-kvm | Needs evaluation |
| linux-allwinner-5.19 | — |
| linux-aws | Needs evaluation |
| linux-aws-5.0 | — |
| linux-aws-5.3 | — |
| linux-aws-5.4 | — |
| linux-aws-5.8 | Ignored |
| linux-aws-5.11 | Ignored |
| linux-aws-5.13 | Ignored |
| linux-aws-5.15 | Needs evaluation |
| linux-aws-5.19 | — |
| linux-aws-6.2 | — |
| linux-aws-6.5 | — |
| linux-aws-6.8 | — |
| linux-aws-6.14 | — |
| linux-aws-6.17 | — |
| linux-aws-hwe | — |
| linux-azure | Needs evaluation |
| linux-azure-4.15 | — |
| linux-azure-5.3 | — |
| linux-azure-5.4 | — |
| linux-azure-5.8 | Ignored |
| linux-azure-5.11 | Ignored |
| linux-azure-5.13 | Ignored |
| linux-azure-5.15 | Needs evaluation |
| linux-azure-5.19 | — |
| linux-azure-6.2 | — |
| linux-azure-6.5 | — |
| linux-azure-6.8 | — |
| linux-azure-6.11 | — |
| linux-azure-6.14 | — |
| linux-azure-6.17 | — |
| linux-azure-fde | Ignored |
| linux-azure-fde-5.15 | Needs evaluation |
| linux-azure-fde-5.19 | — |
| linux-azure-fde-6.2 | — |
| linux-azure-fde-6.8 | — |
| linux-azure-fde-6.14 | — |
| linux-azure-fde-6.17 | — |
| linux-azure-nvidia | — |
| linux-azure-nvidia-6.14 | — |
| linux-bluefield | Needs evaluation |
| linux-azure-edge | — |
| linux-fips | Needs evaluation |
| linux-aws-fips | Needs evaluation |
| linux-azure-fips | Needs evaluation |
| linux-gcp-fips | Needs evaluation |
| linux-gcp | Needs evaluation |
| linux-gcp-4.15 | — |
| linux-gcp-5.3 | — |
| linux-gcp-5.4 | — |
| linux-gcp-5.8 | Ignored |
| linux-gcp-5.11 | Ignored |
| linux-gcp-5.13 | Ignored |
| linux-gcp-5.15 | Needs evaluation |
| linux-gcp-5.19 | — |
| linux-gcp-6.2 | — |
| linux-gcp-6.5 | — |
| linux-gcp-6.8 | — |
| linux-gcp-6.11 | — |
| linux-gcp-6.14 | — |
| linux-gcp-6.17 | — |
| linux-gke | Ignored |
| linux-gke-4.15 | — |
| linux-gke-5.4 | — |
| linux-gke-5.15 | Ignored |
| linux-gkeop | Ignored |
| linux-gkeop-5.4 | — |
| linux-gkeop-5.15 | Ignored |
| linux-ibm | Needs evaluation |
| linux-ibm-5.4 | — |
| linux-ibm-5.15 | Needs evaluation |
| linux-ibm-6.8 | — |
| linux-intel-5.13 | Ignored |
| linux-intel-iotg | — |
| linux-intel-iotg-5.15 | Needs evaluation |
| linux-iot | Needs evaluation |
| linux-intel-iot-realtime | — |
| linux-lowlatency | — |
| linux-lowlatency-hwe-5.15 | Needs evaluation |
| linux-lowlatency-hwe-5.19 | — |
| linux-lowlatency-hwe-6.2 | — |
| linux-lowlatency-hwe-6.5 | — |
| linux-lowlatency-hwe-6.8 | — |
| linux-lowlatency-hwe-6.11 | — |
| linux-nvidia | — |
| linux-nvidia-6.2 | — |
| linux-nvidia-6.5 | — |
| linux-nvidia-6.8 | — |
| linux-nvidia-6.11 | — |
| linux-nvidia-6.17 | — |
| linux-nvidia-7.0 | — |
| linux-nvidia-bos | — |
| linux-nvidia-lowlatency | — |
| linux-nvidia-tegra | — |
| linux-nvidia-tegra-5.15 | Needs evaluation |
| linux-nvidia-tegra-igx | — |
| linux-oracle | Needs evaluation |
| linux-oracle-5.0 | — |
| linux-oracle-5.3 | — |
| linux-oracle-5.4 | — |
| linux-oracle-5.8 | Ignored |
| linux-oracle-5.11 | Ignored |
| linux-oracle-5.13 | Ignored |
| linux-oracle-5.15 | Needs evaluation |
| linux-oracle-6.5 | — |
| linux-oracle-6.8 | — |
| linux-oracle-6.14 | — |
| linux-oracle-6.17 | — |
| linux-oem | — |
| linux-oem-5.6 | Ignored |
| linux-oem-5.10 | Ignored |
| linux-oem-5.13 | Ignored |
| linux-oem-5.14 | Ignored |
| linux-oem-5.17 | — |
| linux-oem-6.0 | — |
| linux-oem-6.1 | — |
| linux-oem-6.5 | — |
| linux-oem-6.8 | — |
| linux-oem-6.11 | — |
| linux-oem-6.14 | — |
| linux-oem-6.17 | — |
| linux-oem-7.0 | — |
| linux-raspi | Needs evaluation |
| linux-raspi2 | Ignored |
| linux-raspi-5.4 | — |
| linux-raspi-realtime | — |
| linux-realtime | — |
| linux-realtime-6.8 | — |
| linux-realtime-6.14 | — |
| linux-riscv | Ignored |
| linux-riscv-5.8 | Ignored |
| linux-riscv-5.11 | Ignored |
| linux-riscv-5.15 | Needs evaluation |
| linux-riscv-5.19 | — |
| linux-riscv-6.5 | — |
| linux-riscv-6.8 | — |
| linux-riscv-6.14 | — |
| linux-riscv-6.17 | — |
| linux-starfive-5.19 | — |
| linux-starfive-6.2 | — |
| linux-starfive-6.5 | — |
| linux-xilinx | — |
| linux-xilinx-zynqmp | Needs evaluation |
| linux-realtime-6.17 | — |
Libreswan, via the function RSA_authenticate_hash_signature_pkcs1_1_5_rsa(), did not correctly verify the DER encoding of the ASN.1 digest when the IKEv2 AUTH payload was encoded using RSASSA-PKCS1-v1_5 (RFC 8017). A remote...
1 affected package
libreswan
| Package | 20.04 LTS |
|---|---|
| libreswan | Needs evaluation |