Canonical

Ubuntu 22.04 LTS

7957 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.6

CVE-2023-1998

Exploit
  • EPSS 0.11%
  • Veröffentlicht 21.04.2023 15:15:07
  • Zuletzt bearbeitet 13.02.2025 17:16:01

The Linux kernel allows userspace processes to enable mitigations by calling prctl with PR_SET_SPECULATION_CTRL which disables the speculation feature as well as by using seccomp. We had noticed that on VMs of at least one major cloud provider, the k...

6.7

CVE-2023-2194

  • EPSS 0.02%
  • Veröffentlicht 20.04.2023 21:15:09
  • Zuletzt bearbeitet 23.04.2025 17:16:29

An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of ...

5.5

CVE-2023-2177

  • EPSS 0.01%
  • Veröffentlicht 20.04.2023 21:15:08
  • Zuletzt bearbeitet 18.03.2025 20:15:19

A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation is failed, stream_out is freed which would further be accessed. A local user could use this flaw to crash the ...

5.5

CVE-2023-28327

  • EPSS 0.01%
  • Veröffentlicht 19.04.2023 23:15:07
  • Zuletzt bearbeitet 19.03.2025 16:15:21

A NULL pointer dereference flaw was found in the UNIX protocol in net/unix/diag.c In unix_diag_get_exact in the Linux Kernel. The newly allocated skb does not have sk, leading to a NULL pointer. This flaw allows a local user to crash or potentially c...

5.5

CVE-2023-28328

  • EPSS 0.02%
  • Veröffentlicht 19.04.2023 23:15:07
  • Zuletzt bearbeitet 19.03.2025 16:15:21

A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash ...

5.5

CVE-2023-2166

  • EPSS 0.02%
  • Veröffentlicht 19.04.2023 23:15:07
  • Zuletzt bearbeitet 05.02.2025 16:15:38

A null pointer dereference issue was found in can protocol in net/can/af_can.c in the Linux before Linux. ml_priv may not be initialized in the receive path of CAN frames. A local user could use this flaw to crash the system or potentially cause a de...

4.7

CVE-2023-1382

  • EPSS 0.02%
  • Veröffentlicht 19.04.2023 23:15:06
  • Zuletzt bearbeitet 19.03.2025 16:15:17

A data race flaw was found in the Linux kernel, between where con is allocated and con->sock is set. This issue leads to a NULL pointer dereference when accessing con->sock->sk in net/tipc/topsrv.c in the tipc protocol in the Linux kernel.

5.5

CVE-2023-2162

  • EPSS 0.01%
  • Veröffentlicht 19.04.2023 20:15:12
  • Zuletzt bearbeitet 19.03.2025 16:15:21

A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.

6.4

CVE-2023-30772

  • EPSS 0.07%
  • Veröffentlicht 16.04.2023 04:15:08
  • Zuletzt bearbeitet 05.05.2025 16:15:39

The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.

7.8

CVE-2023-2008

  • EPSS 1.79%
  • Veröffentlicht 14.04.2023 21:15:08
  • Zuletzt bearbeitet 05.05.2025 16:15:35

A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the lack of proper validation of user-supplied data, which can result in a memory access past the end of an array. A...