Canonical

Ubuntu Pro 14.04 LTS

5456 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.59%
  • Veröffentlicht 19.07.2019 13:15:12
  • Zuletzt bearbeitet 21.11.2024 04:25:26

In the Linux kernel through 5.2.1 on the powerpc platform, when hardware transactional memory is disabled, a local user can cause a denial of service (TM Bad Thing exception and system crash) via a sigreturn() system call that sends a crafted signal ...

  • EPSS 0.82%
  • Veröffentlicht 17.07.2019 19:15:11
  • Zuletzt bearbeitet 21.11.2024 04:25:24

In parse_hid_report_descriptor in drivers/input/tablet/gtco.c in the Linux kernel through 5.2.1, a malicious USB device can send an HID report that triggers an out-of-bounds write during generation of debugging messages.

  • EPSS 2.57%
  • Veröffentlicht 05.07.2019 23:15:10
  • Zuletzt bearbeitet 21.11.2024 04:19:38

In the Linux kernel before 5.1.7, a device can be tracked by an attacker using the IP ID values the kernel produces for connection-less protocols (e.g., UDP and ICMP). When such traffic is sent to multiple destination IP addresses, it is possible to ...

  • EPSS 3.25%
  • Veröffentlicht 05.07.2019 23:15:10
  • Zuletzt bearbeitet 21.11.2024 04:19:38

The Linux kernel 4.x (starting from 4.1) and 5.x before 5.0.8 allows Information Exposure (partial kernel address disclosure), leading to a KASLR bypass. Specifically, it is possible to extract the KASLR kernel image offset using the IP ID values the...

  • EPSS 0.42%
  • Veröffentlicht 19.06.2019 00:15:13
  • Zuletzt bearbeitet 21.11.2024 04:42:49

A double-free can happen in idr_remove_all() in lib/idr.c in the Linux kernel 2.6 branch. An unprivileged local attacker can use this flaw for a privilege escalation or for a system crash and a denial of service (DoS).

  • EPSS 98.75%
  • Veröffentlicht 19.06.2019 00:15:12
  • Zuletzt bearbeitet 21.11.2024 04:21:09

Jonathan Looney discovered that the TCP_SKB_CB(skb)->tcp_gso_segs value was subject to an integer overflow in the Linux kernel when handling TCP Selective Acknowledgments (SACKs). A remote attacker could use this to cause a denial of service. This ha...

  • EPSS 94.69%
  • Veröffentlicht 19.06.2019 00:15:12
  • Zuletzt bearbeitet 21.11.2024 04:21:09

Jonathan Looney discovered that the TCP retransmission queue implementation in tcp_fragment in the Linux kernel could be fragmented when handling certain TCP Selective Acknowledgment (SACK) sequences. A remote attacker could use this to cause a denia...

  • EPSS 91.66%
  • Veröffentlicht 19.06.2019 00:15:12
  • Zuletzt bearbeitet 21.11.2024 04:21:09

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial ...

Exploit
  • EPSS 0.81%
  • Veröffentlicht 18.06.2019 23:15:10
  • Zuletzt bearbeitet 21.11.2024 04:23:45

i915_gem_userptr_get_pages in drivers/gpu/drm/i915/i915_gem_userptr.c in the Linux kernel 4.15.0 on Ubuntu 18.04.2 allows local users to cause a denial of service (NULL pointer dereference and BUG) or possibly have unspecified other impact via crafte...

  • EPSS 5.48%
  • Veröffentlicht 14.06.2019 02:29:00
  • Zuletzt bearbeitet 21.11.2024 04:23:38

An issue was discovered in the Linux kernel before 4.20.15. The nfc_llcp_build_tlv function in net/nfc/llcp_commands.c may return NULL. If the caller does not check for this, it will trigger a NULL pointer dereference. This will cause denial of servi...