Canonical

Ubuntu 14.04 LTS

821 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2016-4578

Exploit
  • EPSS 0.17%
  • Veröffentlicht 23.05.2016 10:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_t...

5.5

CVE-2016-4569

  • EPSS 0.37%
  • Veröffentlicht 23.05.2016 10:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer...

7.8

CVE-2016-4565

  • EPSS 0.25%
  • Veröffentlicht 23.05.2016 10:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI int...

3.3

CVE-2016-4486

  • EPSS 0.52%
  • Veröffentlicht 23.05.2016 10:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.

7.5

CVE-2016-4485

  • EPSS 0.46%
  • Veröffentlicht 23.05.2016 10:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.

6.2

CVE-2016-4482

  • EPSS 0.04%
  • Veröffentlicht 23.05.2016 10:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTIN...

4.9

CVE-2016-3951

  • EPSS 0.06%
  • Veröffentlicht 02.05.2016 10:59:41
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Double free vulnerability in drivers/net/usb/cdc_ncm.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (system crash) or possibly have unspecified other impact by inserting a USB device with an invali...

4.9

CVE-2016-3689

  • EPSS 0.09%
  • Veröffentlicht 02.05.2016 10:59:40
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ims_pcu_parse_cdc_data function in drivers/input/misc/ims-pcu.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (system crash) via a USB device without both a master and a slave interface.

4.9

CVE-2016-3140

  • EPSS 0.16%
  • Veröffentlicht 02.05.2016 10:59:39
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The digi_port_init function in drivers/usb/serial/digi_acceleport.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted endpoints value in a USB...

4.9

CVE-2016-3138

  • EPSS 0.02%
  • Veröffentlicht 02.05.2016 10:59:37
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The acm_probe function in drivers/usb/class/cdc-acm.c in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a USB device without both a control and a data e...