Canonical

Ubuntu Pro 18.04 LTS

4807 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2020-11725

Exploit
  • EPSS 0.13%
  • Veröffentlicht 12.04.2020 22:15:11
  • Zuletzt bearbeitet 21.11.2024 04:58:29

snd_ctl_elem_add in sound/core/control.c in the Linux kernel through 5.6.3 has a count=info->owner line, which later affects a private_size*count multiplication for unspecified "interesting side effects." NOTE: kernel engineers dispute this finding, ...

7.8

CVE-2019-20429

Exploit
  • EPSS 0.66%
  • Veröffentlicht 27.01.2020 05:15:12
  • Zuletzt bearbeitet 21.11.2024 04:38:27

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds read and panic (via a modified lm_bufcount field) due to the lack of validation for specific fields of packets sent by a client. This is caused by interaction between spt...

7.8

CVE-2019-20425

Exploit
  • EPSS 0.66%
  • Veröffentlicht 27.01.2020 05:15:11
  • Zuletzt bearbeitet 21.11.2024 04:38:26

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function lustre_msg_string, there is no validation of a certain len...

7.1

CVE-2019-19815

Exploit
  • EPSS 1.11%
  • Veröffentlicht 17.12.2019 07:15:10
  • Zuletzt bearbeitet 21.11.2024 04:35:26

In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause a NULL pointer dereference in f2fs_recover_fsync_data in fs/f2fs/recovery.c. This is related to F2FS_P_SB in fs/f2fs/f2fs.h.

9.3

CVE-2019-19814

Exploit
  • EPSS 0.7%
  • Veröffentlicht 17.12.2019 06:15:12
  • Zuletzt bearbeitet 21.11.2024 04:35:26

In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.

7.4

CVE-2019-14899

  • EPSS 0.05%
  • Veröffentlicht 11.12.2019 15:15:14
  • Zuletzt bearbeitet 21.11.2024 04:27:38

A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiti...

7.8

CVE-2019-19378

Exploit
  • EPSS 0.47%
  • Veröffentlicht 29.11.2019 17:15:11
  • Zuletzt bearbeitet 21.11.2024 04:34:40

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.

4.9

CVE-2019-15213

Exploit
  • EPSS 0.18%
  • Veröffentlicht 19.08.2019 22:15:11
  • Zuletzt bearbeitet 21.11.2024 04:28:12

An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.

5.5

CVE-2018-7191

Exploit
  • EPSS 0.07%
  • Veröffentlicht 17.05.2019 05:29:00
  • Zuletzt bearbeitet 21.11.2024 04:11:45

In the tun subsystem in the Linux kernel before 4.13.14, dev_get_valid_name is not called before register_netdevice. This allows local users to cause a denial of service (NULL pointer dereference and panic) via an ioctl(TUNSETIFF) call with a dev nam...

0

CVE-2019-10124

  • EPSS 0.24%
  • Veröffentlicht 27.03.2019 06:29:00
  • Zuletzt bearbeitet 07.11.2023 03:02:24

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none