Canonical

Ubuntu Pro 16.04 LTS

5033 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.6

CVE-2023-1998

Exploit
  • EPSS 0.11%
  • Veröffentlicht 21.04.2023 15:15:07
  • Zuletzt bearbeitet 13.02.2025 17:16:01

The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the k...

6.7

CVE-2023-2194

  • EPSS 0.02%
  • Veröffentlicht 20.04.2023 21:15:09
  • Zuletzt bearbeitet 23.04.2025 17:16:29

An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of ...

5.5

CVE-2023-28328

  • EPSS 0.02%
  • Veröffentlicht 19.04.2023 23:15:07
  • Zuletzt bearbeitet 19.03.2025 16:15:21

A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash ...

4.7

CVE-2023-1382

  • EPSS 0.02%
  • Veröffentlicht 19.04.2023 23:15:06
  • Zuletzt bearbeitet 19.03.2025 16:15:17

A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel.

5.5

CVE-2023-2162

  • EPSS 0.01%
  • Veröffentlicht 19.04.2023 20:15:12
  • Zuletzt bearbeitet 19.03.2025 16:15:21

A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.

6.4

CVE-2023-30772

  • EPSS 0.07%
  • Veröffentlicht 16.04.2023 04:15:08
  • Zuletzt bearbeitet 05.05.2025 16:15:39

The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.

4.7

CVE-2023-1990

  • EPSS 0.01%
  • Veröffentlicht 12.04.2023 20:15:07
  • Zuletzt bearbeitet 19.03.2025 16:15:17

A use-after-free flaw was found in ndlc_remove in drivers/nfc/st-nci/ndlc.c in the Linux Kernel. This flaw could allow an attacker to crash the system due to a race problem.

7.8

CVE-2023-1829

  • EPSS 0.25%
  • Veröffentlicht 12.04.2023 12:15:07
  • Zuletzt bearbeitet 13.02.2025 17:16:00

A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while...

7

CVE-2023-1989

  • EPSS 0.02%
  • Veröffentlicht 11.04.2023 21:15:15
  • Zuletzt bearbeitet 21.11.2024 07:40:17

A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.

6.5

CVE-2023-30456

  • EPSS 0.01%
  • Veröffentlicht 10.04.2023 02:15:06
  • Zuletzt bearbeitet 19.03.2025 16:15:22

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.