Canonical

Ubuntu 16.04 LTS

1003 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2018-13100

  • EPSS 0.29%
  • Veröffentlicht 03.07.2018 10:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:26

An issue was discovered in fs/f2fs/super.c in the Linux kernel through 4.17.3, which does not properly validate secs_per_zone in a corrupted f2fs image, as demonstrated by a divide-by-zero error.

5.5

CVE-2018-12896

Exploit
  • EPSS 0.04%
  • Veröffentlicht 02.07.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:03

An issue was discovered in the Linux kernel through 4.17.3. An Integer Overflow in kernel/time/posix-timers.c in the POSIX timer code is caused by the way the overrun accounting works. Depending on interval and expiry time values, the overrun can be ...

3.3

CVE-2018-13053

  • EPSS 0.03%
  • Veröffentlicht 02.07.2018 12:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:18

The alarm_timer_nsleep function in kernel/time/alarmtimer.c in the Linux kernel through 4.17.3 has an integer overflow via a large relative timeout because ktime_add_safe is not used.

6.3

CVE-2018-1000204

  • EPSS 0.13%
  • Veröffentlicht 26.06.2018 14:29:02
  • Zuletzt bearbeitet 21.11.2024 03:39:55

Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in ...

5.6

CVE-2018-3665

  • EPSS 1.26%
  • Veröffentlicht 21.06.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:05:51

System software utilizing Lazy FP state restore technique on systems using Intel Core-based microprocessors may potentially allow a local process to infer data from another process through a speculative execution side channel.

5.3

CVE-2018-1120

Exploit
  • EPSS 1.44%
  • Veröffentlicht 20.06.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:13

A flaw was found affecting the Linux kernel before version 4.17. By mmap()ing a FUSE-backed file onto a process's memory containing command line arguments (or environment strings), an attacker can cause utilities from psutils or procps (such as ps, w...

7.8

CVE-2018-5848

  • EPSS 0.15%
  • Veröffentlicht 12.06.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:32

In the function wmi_set_ie(), the length validation code does not handle unsigned integer overflow properly. As a result, a large value of the 'ie_len' argument can cause a buffer overflow in all Android releases from CAF (Android for MSM, Firefox OS...

5.5

CVE-2018-5803

  • EPSS 0.06%
  • Veröffentlicht 12.06.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:26

In the Linux Kernel before version 4.15.8, 4.14.25, 4.9.87, 4.4.121, 4.1.51, and 3.2.102, an error in the "_sctp_make_chunk()" function (net/sctp/sm_make_chunk.c) when handling SCTP packets length can be exploited to cause a kernel crash.

7

CVE-2018-5814

  • EPSS 0.03%
  • Veröffentlicht 12.06.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:27

In the Linux Kernel before version 4.16.11, 4.14.43, 4.9.102, and 4.4.133, multiple race condition errors when handling probe, disconnect, and rebind operations can be exploited to trigger a use-after-free condition or a NULL pointer dereference by s...

7.8

CVE-2018-12233

  • EPSS 0.1%
  • Veröffentlicht 12.06.2018 12:29:00
  • Zuletzt bearbeitet 21.11.2024 03:44:49

In the ea_get function in fs/jfs/xattr.c in the Linux kernel through 4.17.1, a memory corruption bug in JFS can be triggered by calling setxattr twice with two different extended attribute names on the same file. This vulnerability can be triggered b...