Canonical

Ubuntu Pro 16.04 LTS

5033 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.9

CVE-2020-15802

  • EPSS 55.49%
  • Veröffentlicht 11.09.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:06:12

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, eit...

6.5

CVE-2020-3702

  • EPSS 0.3%
  • Veröffentlicht 08.09.2020 10:15:16
  • Zuletzt bearbeitet 21.11.2024 05:31:36

u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon A...

5.3

CVE-2020-12888

  • EPSS 0.1%
  • Veröffentlicht 15.05.2020 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:00:29

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

4.7

CVE-2019-20794

Exploit
  • EPSS 0.09%
  • Veröffentlicht 09.05.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:39:22

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace compon...

5.5

CVE-2020-12655

  • EPSS 0.08%
  • Veröffentlicht 05.05.2020 06:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:00

An issue was discovered in xfs_agf_verify in fs/xfs/libxfs/xfs_alloc.c in the Linux kernel through 5.6.10. Attackers may trigger a sync of excessive duration via an XFS v5 image with crafted metadata, aka CID-d0c7feaf8767.

7.8

CVE-2020-11725

Exploit
  • EPSS 0.13%
  • Veröffentlicht 12.04.2020 22:15:11
  • Zuletzt bearbeitet 21.11.2024 04:58:29

snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, ...

7.8

CVE-2019-20429

Exploit
  • EPSS 0.66%
  • Veröffentlicht 27.01.2020 05:15:12
  • Zuletzt bearbeitet 21.11.2024 04:38:27

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic (via a modified lm_bufcount field) due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between spt...

7.8

CVE-2019-20425

Exploit
  • EPSS 0.66%
  • Veröffentlicht 27.01.2020 05:15:11
  • Zuletzt bearbeitet 21.11.2024 04:38:26

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustre_msg_string, there is no validation of a certain len...

7.1

CVE-2019-19815

Exploit
  • EPSS 1.11%
  • Veröffentlicht 17.12.2019 07:15:10
  • Zuletzt bearbeitet 21.11.2024 04:35:26

In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h.

9.3

CVE-2019-19814

Exploit
  • EPSS 0.7%
  • Veröffentlicht 17.12.2019 06:15:12
  • Zuletzt bearbeitet 21.11.2024 04:35:26

In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.