- kernel-4.4.0-200.232 (ubuntu-xenial)
- 4.4.0-210.242
- 2021-10-12 06:58:45
- 2021-10-12 12:05:57
- K20211012_02
- CVE-2019-19813, CVSSv2 Score: 7.8
- Description:
btrfs: inode: Verify inode mode to avoid NULL pointer dereference
- CVE: https://security-tracker.debian.org/tracker/CVE-2019-19816
- Patch: ubuntu-xenial/4.4.0-201.233/CVE-2019-19816-CVE-2019-19813-btrfs-inode-Verify-inode-mode-to-avoid-NULL-pointer-dereference.patch
- From: kernel-4.4.0-20kernel-4.4.0-201.233
- Description:
- CVE:
- Patch: ubuntu-xenial/4.4.0-201.233/0001-CVE-2018-13093-xfs-catch-inode-allocation-state-mismatch-corruption.patch
- From:
- Description:
- CVE:
- Patch: ubuntu-xenial/4.4.0-201.233/0002-CVE-2018-13093-xfs-validate-cached-inodes-are-free-when-allocated.patch
- From:
- CVE-2020-25669, CVSSv2 Score: 4.1
- Description:
Input: sunkbd - avoid use-after-free in teardown paths
- CVE: https://security-tracker.debian.org/tracker/CVE-2020-25669
- Patch: 4.19.0/CVE-2020-25669-Input-sunkbd-avoid-use-after-free-in-teardown-paths.patch
- From: 4.19.160-2~deb9u1
- CVE-2020-29661, CVSSv2 Score: 7.8
- Description:
tty: Fix ->pgrp locking in tiocspgrp()
- CVE: https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-29661
- Patch: ubuntu-xenial/4.4.0-203.235/0001-CVE-2020-29661-tty-Fix-pgrp-locking-in-tiocspgrp.patch
- From: 4.4.0-203.235
- CVE-2020-29660, CVSSv2 Score: 4.4
- Description:
tty: Fix ->session locking
- CVE: https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-29660
- Patch: ubuntu-xenial/4.4.0-203.235/0002-CVE-2020-29660-tty-Fix-session-locking.patch
- From: 4.4.0-203.235
- CVE-2020-27815, CVSSv2 Score: 7.4
- Description:
jfs: Fix array index bounds check in dbAdjTree
- CVE: https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-27815
- Patch: ubuntu-xenial/4.4.0-203.235/CVE-2020-27815-jfs-Fix-array-index-bounds-check-in-dbAdjTree.patch
- From: 4.4.0-203.235
- CVE-2020-29374, CVSSv2 Score: 7.0
- Description:
mm/userfaultfd: do not access vma->vm_mm after calling
- CVE: https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-29374
- Patch: ubuntu-xenial/4.4.0-203.235/0003-CVE-2020-29374-mm-userfaultfd-do-not-access-vma-vm_mm-after-calling.patch
- From: 4.4.0-203.235
- CVE-2020-29374, CVSSv2 Score: 7.0
- Description:
mm/userfaultfd: do not access vma->vm_mm after calling
- CVE: https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-29374
- Patch: ubuntu-xenial/4.4.0-203.235/0004-CVE-2020-29374-gup-document-and-work-around-COW-can-break-either-wa.patch
- From: 4.4.0-203.235
- CVE-2020-29568, CVSSv2 Score: 6.8
- Description:
limit size of watch_events dom0 queue.
- CVE: https://linux.oracle.com/cve/CVE-2020-29568.html
- Patch: 4.9.0/CVE-2020-29568-xsa349-kpatch.patch
- From: linux-4.9.258-1
- CVE-2020-29568, CVSSv2 Score: 6.8
- Description:
handle xenwatch_thread patching.
- CVE: https://linux.oracle.com/cve/CVE-2020-29568.html
- Patch: 4.9.0/CVE-2020-29568-xsa349-restart-xenwatch-thread-kpatch.patch
- From: linux-4.9.258-1
- CVE-2021-3178, CVSSv2 Score: 6.5
- Description:
nfsd4: readdirplus shouldn't return parent of export
- CVE: https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-3178
- Patch: ubuntu-xenial/4.4.0-204.236/0001-CVE-2021-3178-nfsd4-readdirplus-shouldn-t-return-parent-of-export.patch
- From: 4.4.0-204.236
- CVE-2020-29569, CVSSv2 Score: 8.8
- Description:
xen-blkback: set ring->xenblkd to NULL after kthread_stop()
- CVE: https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-29569
- Patch: ubuntu-xenial/4.4.0-204.236/CVE-2020-29569-xen-blkback-set-ring-xenblkd-to-NULL-after-kthread_stop.patch
- From: 4.4.0-204.236
- CVE-2020-36158, CVSSv2 Score: 6.7
- Description:
mwifiex: Fix possible buffer overflows in
- CVE: https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-36158
- Patch: ubuntu-xenial/4.4.0-204.236/CVE-2020-36158-mwifiex-Fix-possible-buffer-overflows-in-mwifiex_cmd_802_11_ad_hoc_start.patch
- From: 4.4.0-204.236
- CVE-2021-27365, CVSSv2 Score: 7.8
- Description:
sysfs: Add sysfs_emit and sysfs_emit_at to format sysfs output
- CVE: https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-27365
- Patch: 5.0.0/CVE-2021-27365-sysfs-Add-sysfs_emit-and-sysfs_emit_at-to-format-sysfs-output.patch
- From: >kernel-5.4.0-66.74
- CVE-2021-27363 CVE-2021-27364, CVSSv2 Score: 7.1
- Description:
scsi: iscsi: Restrict sessions and handles to admin capabilities
- CVE: https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-27363
- Patch: 5.4.0/CVE-2021-27363-CVE-2021-27364-scsi-iscsi-Restrict-sessions-and-handles-to-admin-capabilities.patch
- From: >kernel-5.4.0-66.74
- CVE-2021-27365, CVSSv2 Score: 7.8
- Description:
scsi: iscsi: Ensure sysfs attributes are limited to PAGE_SIZE
- CVE: https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-27365
- Patch: 5.4.0/CVE-2021-27365-scsi-iscsi-Ensure-sysfs-attributes-are-limited-to-PAGE_SIZE.patch
- From: >kernel-5.4.0-66.74
- CVE-2021-27365, CVSSv2 Score: 7.8
- Description:
scsi: iscsi: Verify lengths on passthrough PDUs
- CVE: https://people.canonical.com/~ubuntu-security/cve/2021/CVE-2021-27365
- Patch: 4.4.0/CVE-2021-27365-scsi-iscsi-Verify-lengths-on-passthrough-PDUs.patch
- From: >kernel-4.15.0-203.235
- CVE-2019-19061, CVSSv2 Score: 5.9
- Description:
iio: imu: adis16400: fix memory leak
- CVE: https://access.redhat.com/security/cve/CVE-2019-19061
- Patch: ubuntu-xenial/4.4.0-208.240/CVE-2019-19061-iio-imu-adis16400-fix-memory-leak.patch
- From: 4.4.0-208.240
- CVE-2019-16231, CVSSv2 Score: 4.1
- Description:
[netdrv] fjes: Handle workqueue allocation failure
- CVE: https://access.redhat.com/security/cve/cve-2019-16231
- Patch: ubuntu-xenial/4.4.0-208.240/0001-CVE-2019-16231-fjes-Handle-workqueue-allocation-failure.patch
- From: 4.4.0-208.240
- CVE-2018-13095, CVSSv2 Score: 5.5
- Description:
xfs: More robust inode extent count validation
- CVE: http://people.canonical.com/~ubuntu-security/cve/CVE-2018-13095
- Patch: ubuntu-xenial/4.4.0-208.240/CVE-2018-13095-xfs-More-robust-inode-extent-count-validation.patch
- From: 4.4.0-208.240
- CVE-2017-16644, CVSSv2 Score: 4.6
- Description:
hdpvr: Fix an error handling path in hdpvr_probe()
- CVE: https://access.redhat.com/security/cve/CVE-2017-16644
- Patch: ubuntu-xenial/4.4.0-208.240/CVE-2017-16644-media-hdpvr-Fix-an-error-handling-path-in-hdpvr_probe.patch
- From: 4.4.0-208.240
- CVE-2015-1350, CVSSv2 Score: 5.5
- Description:
vfs: Move security_inode_killpriv() after permission checks
- CVE: https://access.redhat.com/security/cve/cve-2015-1350
- Patch: ubuntu-xenial/4.4.0-208.240/CVE-2015-1350.patch
- From: 4.4.0-208.240
- CVE-2019-16232, CVSSv2 Score: 7.5
- Description:
libertas: fix a potential NULL pointer dereference
- CVE: https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-16232
- Patch: ubuntu-xenial/4.4.0-208.240/CVE-2019-16232-libertas-fix-a-potential-NULL-pointer-dereference.patch
- From: 4.4.0-208.240
- CVE-2021-26930, CVSSv2 Score: 7.8
- Description:
xen-blkback: fix error handling in xen_blkbk_map()
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-26930
- Patch: ubuntu-xenial/4.4.0-208.240/CVE-2021-26930-xsa365-linux.patch
- From: 4.4.0-208.240
- CVE-2021-26931, CVSSv2 Score: 7.8
- Description:
xen-blkback: don't "handle" error by BUG()
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-26931
- Patch: ubuntu-xenial/4.4.0-208.240/CVE-2021-26931-xsa362-linux-1.patch
- From: 4.4.0-208.240
- CVE-2021-26931, CVSSv2 Score: 7.8
- Description:
xen-blkback: don't "handle" error by BUG()
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-26931
- Patch: ubuntu-xenial/4.4.0-208.240/CVE-2021-26931-xsa362-linux-2.patch
- From: 4.4.0-208.240
- CVE-2021-26931, CVSSv2 Score: 7.8
- Description:
xen-blkback: don't "handle" error by BUG()
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-26931
- Patch: ubuntu-xenial/4.4.0-208.240/CVE-2021-26931-xsa362-linux-3.patch
- From: 4.4.0-208.240
- CVE-2021-28038, CVSSv2 Score: 6.5
- Description:
Xen/x86: also check kernel mapping in set_foreign_p2m_mapping()
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-28038
- Patch: ubuntu-xenial/4.4.0-208.240/CVE-2021-28038-Xen-x86-also-check-kernel-mapping-in-set_foreign_p2m_mapping.patch
- From: 4.4.0-208.240
- CVE-2021-28038, CVSSv2 Score: 6.5
- Description:
Xen/gnttab: handle p2m update errors on a per-slot basis
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-28038
- Patch: ubuntu-xenial/4.4.0-208.240/CVE-2021-28038-xsa367-linux.patch
- From: 4.4.0-208.240
- CVE-2019-19061, CVSSv2 Score: 5.9
- Description:
floppy: fix lock_fdc() signal handling
- CVE: https://access.redhat.com/security/cve/CVE-2019-19061
- Patch: ubuntu-xenial/4.4.0-208.240/CVE-2021-20261-floppy-fix-lock_fdc-signal-handling.patch
- From: 4.4.0-208.240
- CVE-2017-5967, CVSSv2 Score: 3.3
- Description:
timer: Restrict timer_stats to initial PID namespace
- CVE: https://security-tracker.debian.org/tracker/CVE-2017-5967
- Patch: ubuntu-xenial/4.4.0-208.240/CVE-2017-5967-kpatch.patch
- From: 4.4.0-208.240
- CVE-2021-3347, CVSSv2 Score: 7.4
- Description:
futex: Handle faults correctly for PI futexes
- CVE: https://access.redhat.com/security/cve/cve-2021-3347
- Patch: 4.4.0/CVE-2021-3347-futex-Handle-faults-correctly-for-PI-futexes-kpatch.patch
- From: >kernel-4.4.0-201.233
- CVE-2021-29154, CVSSv2 Score: n/a
- Description:
bpf, x86: Validate computation of branch displacements for x86-64
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-29154
- Patch: 4.4.0/CVE-2021-29154-bpf-x86-Validate-computation-of-branch-displacements-for-x86-64.patch
- From: >kernel-4.4.0-206.238
- CVE-2021-3493, CVSSv2 Score: 8.8
- Description:
vfs: move cap_convert_nscap() call into vfs_setxattr()
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-3493
- Patch: 4.4.0/CVE-2021-3493-vfs-move-cap_convert_nscap-call-into-vfs_setxattr.patch
- From: kernel-4.4.0-209.241
- CVE-2021-3493, CVSSv2 Score: 8.8
- Description:
UBUNTU: SAUCE: vfs_setxattr: free converted value if xattr_permission returns error
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-3493
- Patch: 4.4.0/CVE-2021-3493-UBUNTU-SAUCE-vfs_setxattr-free-converted-value-if-xattr_permission-returns-error.patch
- From: kernel-4.4.0-209.241
- CVE-2021-33909, CVSSv2 Score: 7.8
- Description:
seq_file: Disallow extremely large seq buffer allocations
- CVE: N/A
- Patch: 4.4.0/CVE-2021-33909-seq_file-Disallow-extremely-large-seq-buffer-allocations.patch
- From: kernel-4.4.0-212.242
- CVE-2021-22555, CVSSv2 Score: 7.8
- Description:
netfilter: x_tables: fix compat match/target pad out-of-bound write
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-22555
- Patch: 4.4.0/CVE-2021-22555-netfilter-x_tables-fix-compat-match-target-pad-out-of-bound-write.patch
- From: kernel-4.4.0-213.245
- CVE-2021-3653, CVSSv2 Score: 8.8
- Description:
KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl
- CVE: https://access.redhat.com/security/cve/CVE-2021-3653
- Patch: 4.4.0/CVE-2021-3653-KVM-nSVM-avoid-picking-up-unsupported-bits-from-L2-in-int_ctl.patch
- From: kernel-4.4.0-214.246
- Description:
Restrict access to pagemap/kpageflags/kpagecount
- CVE: http://googleprojectzero.blogspot.ru/2015/03/exploiting-dram-rowhammer-bug-to-gain.html
- Patch: 4.4.0/proc-restrict-pagemap-access.patch
- From:
- Description:
- CVE:
- Patch: 4.4.0/kpatch-add-paravirt-asm-definitions.patch
- From: