Canonical

Ubuntu Pro 14.04 LTS

5457 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.23%
  • Veröffentlicht 17.09.2020 16:15:14
  • Zuletzt bearbeitet 21.11.2024 04:53:27

In uvc_scan_chain_forward of uvc_driver.c, there is a possible linked list corruption due to an unusual root cause. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not...

  • EPSS 0.36%
  • Veröffentlicht 15.09.2020 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:02:57

A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerab...

  • EPSS 0.36%
  • Veröffentlicht 15.09.2020 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:02:59

A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The high...

Exploit
  • EPSS 0.56%
  • Veröffentlicht 15.09.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 05:03:01

A flaw was found in the Linux kernel’s implementation of the invert video code on VGA consoles when a local attacker attempts to resize the console, calling an ioctl VT_RESIZE, which causes an out-of-bounds write to occur. This flaw allows a local us...

  • EPSS 0.31%
  • Veröffentlicht 13.09.2020 18:15:09
  • Zuletzt bearbeitet 21.11.2024 05:17:51

The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.

  • EPSS 0.27%
  • Veröffentlicht 13.09.2020 18:15:09
  • Zuletzt bearbeitet 21.11.2024 05:17:51

A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.

  • EPSS 7.14%
  • Veröffentlicht 11.09.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:06:12

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, eit...

  • EPSS 0.37%
  • Veröffentlicht 10.09.2020 17:15:27
  • Zuletzt bearbeitet 21.11.2024 04:56:02

A stack information leak flaw was found in s390/s390x in the Linux kernel’s memory manager functionality, where it incorrectly writes to the /proc/sys/vm/cmm_timeout file. This flaw allows a local user to see the kernel data.

  • EPSS 0.67%
  • Veröffentlicht 10.09.2020 14:15:17
  • Zuletzt bearbeitet 21.11.2024 05:17:41

get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount...

Exploit
  • EPSS 0.57%
  • Veröffentlicht 09.09.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:17:39

In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_connt...