Canonical

Ubuntu 22.04 LTS

7957 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-3006

  • EPSS 0.02%
  • Veröffentlicht 31.05.2023 20:15:11
  • Zuletzt bearbeitet 09.01.2025 21:15:24

A known cache speculation vulnerability, known as Branch History Injection (BHI) or Spectre-BHB, becomes actual again for the new hw AmpereOne. Spectre-BHB is similar to Spectre v2, except that malicious code uses the shared branch history (stored in...

7.1

CVE-2022-48502

Exploit
  • EPSS 0.01%
  • Veröffentlicht 31.05.2023 20:15:10
  • Zuletzt bearbeitet 21.11.2024 07:33:27

An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c.

5.5

CVE-2023-34256

  • EPSS 0.02%
  • Veröffentlicht 31.05.2023 20:15:10
  • Zuletzt bearbeitet 11.03.2025 16:15:14

An issue was discovered in the Linux kernel before 6.3.3. There is an out-of-bounds read in crc16 in lib/crc16.c when called from fs/ext4/super.c because ext4_group_desc_csum does not properly check an offset. NOTE: this is disputed by third parties ...

4.7

CVE-2023-2612

  • EPSS 0.02%
  • Veröffentlicht 31.05.2023 00:15:10
  • Zuletzt bearbeitet 21.11.2024 07:58:55

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).

4.7

CVE-2023-2898

  • EPSS 0.02%
  • Veröffentlicht 26.05.2023 22:15:14
  • Zuletzt bearbeitet 21.11.2024 07:59:31

There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.

6.8

CVE-2023-2002

Exploit
  • EPSS 0.6%
  • Veröffentlicht 26.05.2023 17:15:14
  • Zuletzt bearbeitet 21.11.2024 07:57:44

A vulnerability was found in the HCI sockets implementation due to a missing capability check in net/bluetooth/hci_sock.c in the Linux Kernel. This flaw allows an attacker to unauthorized execution of management commands, compromising the confidentia...

5.5

CVE-2023-0459

  • EPSS 0.02%
  • Veröffentlicht 25.05.2023 14:15:09
  • Zuletzt bearbeitet 21.11.2024 07:37:13

Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the "access_ok" check and pass a kernel pointer to copy_from_user(). This would allow an attacker to leak information. We re...

4.7

CVE-2023-33288

  • EPSS 0.01%
  • Veröffentlicht 22.05.2023 03:15:09
  • Zuletzt bearbeitet 18.03.2025 19:15:41

An issue was discovered in the Linux kernel before 6.2.9. A use-after-free was found in bq24190_remove in drivers/power/supply/bq24190_charger.c. It could allow a local attacker to crash the system due to a race condition.

5.5

CVE-2023-1195

  • EPSS 0.02%
  • Veröffentlicht 18.05.2023 22:15:09
  • Zuletzt bearbeitet 18.03.2025 19:15:40

A use-after-free flaw was found in reconn_set_ipaddr_from_hostname in fs/cifs/connect.c in the Linux kernel. The issue occurs when it forgets to set the free pointer server->hostname to NULL, leading to an invalid pointer request.

6.4

CVE-2023-33203

  • EPSS 0.02%
  • Veröffentlicht 18.05.2023 08:15:08
  • Zuletzt bearbeitet 05.05.2025 16:15:40

The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/net/ethernet/qualcomm/emac/emac.c if a physically proximate attacker unplugs an emac based device.