Canonical

Ubuntu Pro 16.04 LTS

5033 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.4

CVE-2019-14899

  • EPSS 0.05%
  • Veröffentlicht 11.12.2019 15:15:14
  • Zuletzt bearbeitet 21.11.2024 04:27:38

A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiti...

7.8

CVE-2019-19449

Exploit
  • EPSS 0.35%
  • Veröffentlicht 08.12.2019 02:15:09
  • Zuletzt bearbeitet 21.11.2024 04:34:45

In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get...

7.8

CVE-2019-19378

Exploit
  • EPSS 0.47%
  • Veröffentlicht 29.11.2019 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:34:40

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.

7.8

CVE-2019-19377

Exploit
  • EPSS 0.39%
  • Veröffentlicht 29.11.2019 16:15:10
  • Zuletzt bearbeitet 21.11.2024 04:34:40

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.

5.5

CVE-2019-19036

Exploit
  • EPSS 1.09%
  • Veröffentlicht 21.11.2019 02:15:23
  • Zuletzt bearbeitet 21.11.2024 04:34:02

btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero.

5.5

CVE-2019-19039

Exploit
  • EPSS 0.43%
  • Veröffentlicht 21.11.2019 02:15:23
  • Zuletzt bearbeitet 21.11.2024 04:34:02

__btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: ...

4.7

CVE-2019-16230

  • EPSS 0.07%
  • Veröffentlicht 11.09.2019 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:30:19

drivers/gpu/drm/radeon/radeon_display.c in the Linux kernel 5.2.14 does not check the alloc_workqueue return value, leading to a NULL pointer dereference. NOTE: A third-party software maintainer states that the work queue allocation is happening duri...

5.5

CVE-2018-7191

Exploit
  • EPSS 0.07%
  • Veröffentlicht 17.05.2019 05:29:00
  • Zuletzt bearbeitet 21.11.2024 04:11:45

In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev nam...

5.6

CVE-2019-7308

  • EPSS 0.03%
  • Veröffentlicht 01.02.2019 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:47:58

kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel a...

5.5

CVE-2018-16885

  • EPSS 0.06%
  • Veröffentlicht 03.01.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:31

A flaw was found in the Linux kernel that allows the userspace to call memcpy_fromiovecend() and similar functions with a zero offset and buffer length which causes the read beyond the buffer boundaries, in certain cases causing a memory access fault...