Canonical

Ubuntu Pro 16.04 LTS

5033 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-37576

Exploit
  • EPSS 0.02%
  • Veröffentlicht 26.07.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 06:15:27

arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.

6.4

CVE-2021-37159

  • EPSS 0.03%
  • Veröffentlicht 21.07.2021 15:16:20
  • Zuletzt bearbeitet 21.11.2024 06:14:45

hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.

7.8

CVE-2021-33909

Exploit
  • EPSS 1.78%
  • Veröffentlicht 20.07.2021 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:09:45

fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.

7.8

CVE-2021-3612

  • EPSS 0.09%
  • Veröffentlicht 09.07.2021 11:15:09
  • Zuletzt bearbeitet 21.11.2024 06:21:58

An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privi...

7.8

CVE-2021-22555

Warnung Exploit
  • EPSS 86.31%
  • Veröffentlicht 07.07.2021 12:15:08
  • Zuletzt bearbeitet 27.10.2025 17:06:32

A heap out-of-bounds write affecting Linux since v2.6.19-rc1 was discovered in net/netfilter/x_tables.c. This allows an attacker to gain privileges or cause a DoS (via heap memory corruption) through user name space

5.3

CVE-2021-31615

  • EPSS 0.25%
  • Veröffentlicht 25.06.2021 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:06:01

Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a crafted packet during the receive window of the listening device before the transmitting device initiates its p...

4.7

CVE-2021-33624

Exploit
  • EPSS 0.47%
  • Veröffentlicht 23.06.2021 16:15:07
  • Zuletzt bearbeitet 11.11.2025 16:15:33

In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6...

7.1

CVE-2021-32078

Exploit
  • EPSS 0.22%
  • Veröffentlicht 17.06.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:06:48

An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative, e.g., access to element -2 of an array, aka CID-298a58e165e4.

5.5

CVE-2021-34693

Exploit
  • EPSS 0.05%
  • Veröffentlicht 14.06.2021 22:15:20
  • Zuletzt bearbeitet 21.11.2024 06:10:57

net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.

5.7

CVE-2021-0129

  • EPSS 0.15%
  • Veröffentlicht 09.06.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:42:01

Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.