Canonical

Ubuntu 14.04 LTS

821 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.7

CVE-2013-2146

Exploit
  • EPSS 0.04%
  • Veröffentlicht 07.06.2013 14:03:19
  • Zuletzt bearbeitet 29.04.2026 01:13:23

arch/x86/kernel/cpu/perf_event_intel.c in the Linux kernel before 3.8.9, when the Performance Events Subsystem is enabled, specifies an incorrect bitmask, which allows local users to cause a denial of service (general protection fault and system cras...

2.1

CVE-2013-2147

  • EPSS 0.08%
  • Veröffentlicht 07.06.2013 14:03:19
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The HP Smart Array controller disk-array driver and Compaq SMART2 controller disk-array driver in the Linux kernel through 3.9.4 do not initialize certain data structures, which allows local users to obtain sensitive information from kernel memory vi...

2.1

CVE-2013-2148

  • EPSS 0.06%
  • Veröffentlicht 07.06.2013 14:03:19
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The fill_event_metadata function in fs/notify/fanotify/fanotify_user.c in the Linux kernel through 3.9.4 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a read operation ...

7.9

CVE-2013-2850

  • EPSS 13.32%
  • Veröffentlicht 07.06.2013 14:03:19
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory...

4.4

CVE-2013-1929

Exploit
  • EPSS 0.12%
  • Veröffentlicht 07.06.2013 14:03:18
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Heap-based buffer overflow in the tg3_read_vpd function in drivers/net/ethernet/broadcom/tg3.c in the Linux kernel before 3.8.6 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via c...

2.1

CVE-2013-2141

Exploit
  • EPSS 0.03%
  • Veröffentlicht 07.06.2013 14:03:18
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The do_tkill function in kernel/signal.c in the Linux kernel before 3.8.9 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory via a crafted application that makes a (1) tkill or (2...

7.2

CVE-2013-2094

Warnung Exploit
  • EPSS 65.85%
  • Veröffentlicht 14.05.2013 20:55:01
  • Zuletzt bearbeitet 22.04.2026 14:38:13

The perf_swevent_init function in kernel/events/core.c in the Linux kernel before 3.8.9 uses an incorrect integer data type, which allows local users to gain privileges via a crafted perf_event_open system call.

3.7

CVE-2013-1959

Exploit
  • EPSS 1.42%
  • Veröffentlicht 03.05.2013 11:57:45
  • Zuletzt bearbeitet 29.04.2026 01:13:23

kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modify...

6.9

CVE-2013-1979

  • EPSS 0.05%
  • Veröffentlicht 03.05.2013 11:57:45
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The scm_set_cred function in include/net/scm.h in the Linux kernel before 3.8.11 uses incorrect uid and gid values during credentials passing, which allows local users to gain privileges via a crafted application.

4.7

CVE-2013-2015

  • EPSS 0.13%
  • Veröffentlicht 29.04.2013 14:55:04
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The ext4_orphan_del function in fs/ext4/namei.c in the Linux kernel before 3.7.3 does not properly handle orphan-list entries for non-journal filesystems, which allows physically proximate attackers to cause a denial of service (system hang) via a cr...