Canonical

Ubuntu 14.04 LTS

821 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-13215

  • EPSS 0.11%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:10

A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream kernel.

7.8

CVE-2018-5344

  • EPSS 0.06%
  • Veröffentlicht 12.01.2018 09:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:37

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.

7.8

CVE-2018-5332

  • EPSS 0.04%
  • Veröffentlicht 11.01.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:35

In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).

5.5

CVE-2018-5333

  • EPSS 2.8%
  • Veröffentlicht 11.01.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:36

In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.

5.6

CVE-2017-5715

Exploit
  • EPSS 89.09%
  • Veröffentlicht 04.01.2018 13:29:00
  • Zuletzt bearbeitet 06.05.2025 15:15:51

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

5.6

CVE-2017-5753

Exploit
  • EPSS 94.3%
  • Veröffentlicht 04.01.2018 13:29:00
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

5.6

CVE-2017-5754

  • EPSS 88.69%
  • Veröffentlicht 04.01.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:28:19

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

10

CVE-2017-18017

  • EPSS 34.31%
  • Veröffentlicht 03.01.2018 06:29:00
  • Zuletzt bearbeitet 03.01.2025 12:15:25

The tcpmss_mangle_packet function in net/netfilter/xt_TCPMSS.c in the Linux kernel before 4.11, and 4.9.x before 4.9.36, allows remote attackers to cause a denial of service (use-after-free and memory corruption) or possibly have unspecified other im...

5.5

CVE-2016-3695

  • EPSS 0.06%
  • Veröffentlicht 29.12.2017 15:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The einj_error_inject function in drivers/acpi/apei/einj.c in the Linux kernel allows local users to simulate hardware errors and consequently cause a denial of service by leveraging failure to disable APEI error injection through EINJ when securelev...

7.8

CVE-2017-17805

  • EPSS 0.03%
  • Veröffentlicht 20.12.2017 23:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service ...