Canonical

Ubuntu 14.04 LTS

821 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2014-8134

Exploit
  • EPSS 0.09%
  • Veröffentlicht 12.12.2014 18:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The paravirt_ops_setup function in arch/x86/kernel/kvm.c in the Linux kernel through 3.18 uses an improper paravirt_enabled setting for KVM guest kernels, which makes it easier for guest OS users to bypass the ASLR protection mechanism via a crafted ...

4.9

CVE-2014-9090

  • EPSS 0.04%
  • Veröffentlicht 30.11.2014 01:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The do_double_fault function in arch/x86/kernel/traps.c in the Linux kernel through 3.17.4 does not properly handle faults associated with the Stack Segment (SS) segment register, which allows local users to cause a denial of service (panic) via a mo...

4.6

CVE-2014-8989

Exploit
  • EPSS 0.03%
  • Veröffentlicht 30.11.2014 01:59:07
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Linux kernel through 3.17.4 does not properly restrict dropping of supplemental group memberships in certain namespace scenarios, which allows local users to bypass intended file permissions by leveraging a POSIX ACL containing an entry for the g...

6.1

CVE-2014-8884

  • EPSS 0.04%
  • Veröffentlicht 30.11.2014 01:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Stack-based buffer overflow in the ttusbdecfe_dvbs_diseqc_send_master_cmd function in drivers/media/usb/ttusb-dec/ttusbdecfe.c in the Linux kernel before 3.17.4 allows local users to cause a denial of service (system crash) or possibly gain privilege...

4.9

CVE-2014-7843

  • EPSS 0.04%
  • Veröffentlicht 30.11.2014 01:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The __clear_user function in arch/arm64/lib/clear_user.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary.

4.9

CVE-2014-7842

  • EPSS 0.05%
  • Veröffentlicht 30.11.2014 01:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Race condition in arch/x86/kvm/x86.c in the Linux kernel before 3.17.4 allows guest OS users to cause a denial of service (guest OS crash) via a crafted application that performs an MMIO transaction or a PIO transaction to trigger a guest userspace e...

5

CVE-2014-7841

Exploit
  • EPSS 18.31%
  • Veröffentlicht 30.11.2014 01:59:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The sctp_process_param function in net/sctp/sm_make_chunk.c in the SCTP implementation in the Linux kernel before 3.17.4, when ASCONF is used, allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) via a malf...

5

CVE-2014-3688

Exploit
  • EPSS 1.96%
  • Veröffentlicht 30.11.2014 01:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to ...

4.9

CVE-2010-5313

  • EPSS 0.05%
  • Veröffentlicht 30.11.2014 01:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Race condition in arch/x86/kvm/x86.c in the Linux kernel before 2.6.38 allows L2 guest OS users to cause a denial of service (L1 guest OS crash) via a crafted instruction that triggers an L2 emulation failure report, a similar issue to CVE-2014-7842.

5

CVE-2014-8709

  • EPSS 1.48%
  • Veröffentlicht 10.11.2014 11:55:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The ieee80211_fragment function in net/mac80211/tx.c in the Linux kernel before 3.13.5 does not properly maintain a certain tail pointer, which allows remote attackers to obtain sensitive cleartext information by reading packets.