Canonical

Ubuntu 14.04 LTS

821 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
2.3

CVE-2015-8569

  • EPSS 0.02%
  • Veröffentlicht 28.12.2015 11:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The (1) pptp_bind and (2) pptp_connect functions in drivers/net/ppp/pptp.c in the Linux kernel through 4.3.3 do not verify an address length, which allows local users to obtain sensitive information from kernel memory and bypass the KASLR protection ...

7

CVE-2015-8543

  • EPSS 1.56%
  • Veröffentlicht 28.12.2015 11:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The networking implementation in the Linux kernel through 4.3.3, as used in Android and other products, does not validate protocol identifiers for certain protocol families, which allows local users to cause a denial of service (NULL function pointer...

4

CVE-2015-8374

  • EPSS 0.03%
  • Veröffentlicht 28.12.2015 11:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

fs/btrfs/inode.c in the Linux kernel before 4.3.3 mishandles compressed inline extents, which allows local users to obtain sensitive pre-truncation information from a file via a clone action.

5.9

CVE-2015-7990

  • EPSS 0.04%
  • Veröffentlicht 28.12.2015 11:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Race condition in the rds_sendmsg function in net/rds/sendmsg.c in the Linux kernel before 4.3.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by using a socket t...

2.3

CVE-2015-7885

  • EPSS 0.09%
  • Veröffentlicht 28.12.2015 11:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.

4.9

CVE-2015-7509

  • EPSS 0.08%
  • Veröffentlicht 28.12.2015 11:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

fs/ext4/namei.c in the Linux kernel before 3.7 allows physically proximate attackers to cause a denial of service (system crash) via a crafted no-journal filesystem, a related issue to CVE-2013-2015.

5.4

CVE-2013-7446

Exploit
  • EPSS 0.02%
  • Veröffentlicht 28.12.2015 11:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Use-after-free vulnerability in net/unix/af_unix.c in the Linux kernel before 4.3.3 allows local users to bypass intended AF_UNIX socket permissions or cause a denial of service (panic) via crafted epoll_ctl calls.

5

CVE-2015-0272

  • EPSS 0.91%
  • Veröffentlicht 17.11.2015 15:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

GNOME NetworkManager allows remote attackers to cause a denial of service (IPv6 traffic disruption) via a crafted MTU value in an IPv6 Router Advertisement (RA) message, a different vulnerability than CVE-2015-8215.

5

CVE-2015-8215

  • EPSS 6.24%
  • Veröffentlicht 16.11.2015 21:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the mi...

4.7

CVE-2015-8104

  • EPSS 0.34%
  • Veröffentlicht 16.11.2015 11:59:12
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.