Search CVE reports
131 – 140 of 39594 results
In the Linux kernel, the following vulnerability has been resolved: nfsd: fix refcount leak in nfsd_set_fh_dentry() nfsd exports a "pseudo root filesystem" which is used by NFSv4 to find the various exported filesystems using...
147 affected packages
linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11...
| Package | 18.04 LTS |
|---|---|
| linux | Not affected |
| linux-hwe | Ignored |
| linux-hwe-5.4 | Not affected |
| linux-hwe-5.8 | Not in release |
| linux-hwe-5.11 | Not in release |
| linux-hwe-5.13 | Not in release |
| linux-hwe-5.15 | Not in release |
| linux-hwe-5.19 | Not in release |
| linux-hwe-6.2 | Not in release |
| linux-hwe-6.5 | Not in release |
| linux-hwe-6.8 | Not in release |
| linux-hwe-6.11 | Not in release |
| linux-hwe-6.14 | Not in release |
| linux-hwe-edge | Ignored |
| linux-lts-xenial | Not in release |
| linux-kvm | Not affected |
| linux-allwinner-5.19 | Not in release |
| linux-aws-5.0 | Ignored |
| linux-aws-5.3 | Ignored |
| linux-aws-5.4 | Not affected |
| linux-aws-5.8 | Not in release |
| linux-aws-5.11 | Not in release |
| linux-aws-5.13 | Not in release |
| linux-aws-5.15 | Not in release |
| linux-aws-5.19 | Not in release |
| linux-aws-6.2 | Not in release |
| linux-aws-6.5 | Not in release |
| linux-aws-6.8 | Not in release |
| linux-aws-6.14 | Not in release |
| linux-aws-hwe | Not in release |
| linux-azure | Ignored |
| linux-azure-4.15 | Not affected |
| linux-azure-5.3 | Ignored |
| linux-azure-5.4 | Not affected |
| linux-azure-5.8 | Not in release |
| linux-azure-5.11 | Not in release |
| linux-azure-5.13 | Not in release |
| linux-azure-5.15 | Not in release |
| linux-azure-5.19 | Not in release |
| linux-azure-6.2 | Not in release |
| linux-azure-6.5 | Not in release |
| linux-azure-6.8 | Not in release |
| linux-azure-6.11 | Not in release |
| linux-azure-6.14 | Not in release |
| linux-azure-fde | Not in release |
| linux-azure-fde-5.15 | Not in release |
| linux-azure-fde-5.19 | Not in release |
| linux-azure-fde-6.2 | Not in release |
| linux-azure-fde-6.14 | Not in release |
| linux-azure-nvidia | Not in release |
| linux-azure-nvidia-6.14 | Not in release |
| linux-bluefield | Not in release |
| linux-azure-edge | Ignored |
| linux-fips | Not affected |
| linux-aws-fips | Not affected |
| linux-azure-fips | Not affected |
| linux-gcp-fips | Not affected |
| linux-gcp | Ignored |
| linux-gcp-4.15 | Not affected |
| linux-gcp-5.3 | Ignored |
| linux-gcp-5.4 | Not affected |
| linux-gcp-5.8 | Not in release |
| linux-gcp-5.11 | Not in release |
| linux-gcp-5.13 | Not in release |
| linux-gcp-5.15 | Not in release |
| linux-gcp-5.19 | Not in release |
| linux-gcp-6.2 | Not in release |
| linux-gcp-6.5 | Not in release |
| linux-gcp-6.8 | Not in release |
| linux-gcp-6.11 | Not in release |
| linux-gcp-6.14 | Not in release |
| linux-gke | Not in release |
| linux-gke-4.15 | Ignored |
| linux-gke-5.4 | Ignored |
| linux-gke-5.15 | Not in release |
| linux-gkeop | Not in release |
| linux-gkeop-5.4 | Ignored |
| linux-gkeop-5.15 | Not in release |
| linux-ibm | Not in release |
| linux-ibm-5.4 | Not affected |
| linux-ibm-5.15 | Not in release |
| linux-ibm-6.8 | Not in release |
| linux-intel-5.13 | Not in release |
| linux-intel-iotg | Not in release |
| linux-intel-iotg-5.15 | Not in release |
| linux-iot | Not in release |
| linux-intel-iot-realtime | Not in release |
| linux-lowlatency | Not in release |
| linux-lowlatency-hwe-5.15 | Not in release |
| linux-lowlatency-hwe-5.19 | Not in release |
| linux-lowlatency-hwe-6.2 | Not in release |
| linux-lowlatency-hwe-6.5 | Not in release |
| linux-lowlatency-hwe-6.8 | Not in release |
| linux-lowlatency-hwe-6.11 | Not in release |
| linux-nvidia | Not in release |
| linux-nvidia-6.2 | Not in release |
| linux-nvidia-6.5 | Not in release |
| linux-nvidia-6.8 | Not in release |
| linux-nvidia-6.11 | Not in release |
| linux-nvidia-lowlatency | Not in release |
| linux-nvidia-tegra | Not in release |
| linux-nvidia-tegra-5.15 | Not in release |
| linux-nvidia-tegra-igx | Not in release |
| linux-oracle-5.0 | Ignored |
| linux-oracle-5.3 | Ignored |
| linux-oracle-5.4 | Not affected |
| linux-oracle-5.8 | Not in release |
| linux-oracle-5.11 | Not in release |
| linux-oracle-5.13 | Not in release |
| linux-oracle-5.15 | Not in release |
| linux-oracle-6.5 | Not in release |
| linux-oracle-6.8 | Not in release |
| linux-oracle-6.14 | Not in release |
| linux-oem | Ignored |
| linux-oem-5.6 | Not in release |
| linux-oem-5.10 | Not in release |
| linux-oem-5.13 | Not in release |
| linux-oem-5.14 | Not in release |
| linux-oem-5.17 | Not in release |
| linux-oem-6.0 | Not in release |
| linux-oem-6.1 | Not in release |
| linux-oem-6.5 | Not in release |
| linux-oem-6.8 | Not in release |
| linux-oem-6.11 | Not in release |
| linux-oem-6.14 | Not in release |
| linux-raspi2 | Ignored |
| linux-raspi-5.4 | Not affected |
| linux-raspi-realtime | Not in release |
| linux-realtime-6.8 | Not in release |
| linux-realtime-6.14 | Not in release |
| linux-riscv | Not in release |
| linux-riscv-5.8 | Not in release |
| linux-riscv-5.11 | Not in release |
| linux-riscv-5.15 | Not in release |
| linux-riscv-5.19 | Not in release |
| linux-riscv-6.5 | Not in release |
| linux-riscv-6.8 | Not in release |
| linux-riscv-6.14 | Not in release |
| linux-starfive-5.19 | Not in release |
| linux-starfive-6.2 | Not in release |
| linux-starfive-6.5 | Not in release |
| linux-xilinx | Not in release |
| linux-xilinx-zynqmp | Not in release |
| linux-aws | Not affected |
| linux-oracle | Not affected |
| linux-raspi | Not in release |
| linux-realtime | Not in release |
With TLS 1.2 connections a client can use any digest, specifically a weaker digest that is supported, rather than those in the CertificateRequest.
1 affected package
wolfssl
| Package | 18.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting...
1 affected package
wolfssl
| Package | 18.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing...
1 affected package
wolfssl
| Package | 18.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
Improper input validation in the TLS 1.3 CertificateVerify signature algorithm negotiation in wolfSSL 5.8.2 and earlier on multiple platforms allows for downgrading the signature algorithm used. For example when a client sends...
1 affected package
wolfssl
| Package | 18.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
Improper Input Validation in the TLS 1.3 CKS extension parsing in wolfSSL 5.8.2 and earlier on multiple platforms allows a remote unauthenticated attacker to potentially cause a denial-of-service via a crafted ClientHello message...
1 affected package
wolfssl
| Package | 18.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
The server previously verified the TLS 1.3 PSK binder using a non-constant time method which could potentially leak information about the PSK binder
1 affected package
wolfssl
| Package | 18.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
Integer Underflow Leads to Out-of-Bounds Access in XChaCha20-Poly1305 Decrypt. This issue is hit specifically with a call to the function wc_XChaCha20Poly1305_Decrypt() which is not used with TLS connections, only from direct...
1 affected package
wolfssl
| Package | 18.04 LTS |
|---|---|
| wolfssl | Needs evaluation |
PJSIP is a free and open source multimedia communication library. Prior to version 2.16, Opus PLC may zero-fill the input frame as long as the decoder ptime, while the input frame length, which is based on stream ptime, may...
1 affected package
pjproject
| Package | 18.04 LTS |
|---|---|
| pjproject | Needs evaluation |
With TLS 1.3 pre-shared key (PSK) a malicious or faulty server could ignore the request for PFS (perfect forward secrecy) and the client would continue on with the connection using PSK without PFS. This happened when...
1 affected package
wolfssl
| Package | 18.04 LTS |
|---|---|
| wolfssl | Needs evaluation |