Canonical

Ubuntu Pro 18.04 LTS

4807 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.8

CVE-2023-1079

  • EPSS 0.02%
  • Veröffentlicht 27.03.2023 21:15:10
  • Zuletzt bearbeitet 19.02.2025 22:15:11

A flaw was found in the Linux kernel. A use-after-free may be triggered in asus_kbd_backlight_set when plugging/disconnecting in a malicious USB device, which advertises itself as an Asus device. Similarly to the previous known CVE-2023-25012, but in...

4.7

CVE-2023-0590

  • EPSS 0.02%
  • Veröffentlicht 23.03.2023 21:15:19
  • Zuletzt bearbeitet 21.11.2024 07:37:27

A use-after-free flaw was found in qdisc_graft in net/sched/sch_api.c in the Linux Kernel due to a race problem. This flaw leads to a denial of service issue. If patch ebda44da44f6 ("net: sched: fix race condition in qdisc_graft()") not applied yet, ...

7

CVE-2023-28466

  • EPSS 0.02%
  • Veröffentlicht 16.03.2023 00:15:11
  • Zuletzt bearbeitet 05.05.2025 16:15:34

do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).

5.5

CVE-2023-23000

  • EPSS 0.01%
  • Veröffentlicht 01.03.2023 19:15:25
  • Zuletzt bearbeitet 20.03.2025 20:15:28

In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used.

4.7

CVE-2022-27672

  • EPSS 0.23%
  • Veröffentlicht 01.03.2023 08:15:10
  • Zuletzt bearbeitet 13.04.2026 20:16:23

When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.

7.8

CVE-2023-20938

  • EPSS 0.16%
  • Veröffentlicht 28.02.2023 17:15:10
  • Zuletzt bearbeitet 21.11.2024 07:41:51

In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

5.5

CVE-2023-0597

  • EPSS 0.02%
  • Veröffentlicht 23.02.2023 20:15:12
  • Zuletzt bearbeitet 12.03.2025 20:15:13

A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some ...

5.5

CVE-2023-23454

  • EPSS 0.04%
  • Veröffentlicht 12.01.2023 07:15:08
  • Zuletzt bearbeitet 20.03.2025 21:15:18

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than v...

5.5

CVE-2022-4543

Exploit
  • EPSS 0.34%
  • Veröffentlicht 11.01.2023 15:15:09
  • Zuletzt bearbeitet 08.04.2025 20:15:18

A flaw named "EntryBleed" was found in the Linux Kernel Page Table Isolation (KPTI). This issue could allow a local attacker to leak KASLR base via prefetch side-channels based on TLB timing for Intel systems.

7.8

CVE-2022-47518

  • EPSS 0.03%
  • Veröffentlicht 18.12.2022 06:15:09
  • Zuletzt bearbeitet 17.04.2025 15:15:52

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the li...