Canonical

Ubuntu 22.04 LTS

7957 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2022-33981

Exploit
  • EPSS 0.02%
  • Veröffentlicht 18.06.2022 16:15:08
  • Zuletzt bearbeitet 05.05.2025 17:18:15

drivers/block/floppy.c in the Linux kernel before 5.17.6 is vulnerable to a denial of service, because of a concurrency use-after-free flaw after deallocating raw_cmd in the raw_cmd_ioctl function.

5.5

CVE-2022-21166

  • EPSS 0.19%
  • Veröffentlicht 15.06.2022 21:15:09
  • Zuletzt bearbeitet 05.05.2025 17:17:41

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5

CVE-2022-21123

  • EPSS 0.45%
  • Veröffentlicht 15.06.2022 20:15:17
  • Zuletzt bearbeitet 05.05.2025 17:17:37

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5

CVE-2022-21125

  • EPSS 0.54%
  • Veröffentlicht 15.06.2022 20:15:17
  • Zuletzt bearbeitet 05.05.2025 17:17:37

Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

4.6

CVE-2022-21499

  • EPSS 0.18%
  • Veröffentlicht 09.06.2022 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:44:50

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is...

0

CVE-2022-1966

  • EPSS 0.04%
  • Veröffentlicht 06.06.2022 18:15:08
  • Zuletzt bearbeitet 07.11.2023 03:42:21

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in...

3.3

CVE-2022-32296

  • EPSS 0.07%
  • Veröffentlicht 05.06.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 07:06:07

The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.

7.8

CVE-2022-32250

Exploit
  • EPSS 1.31%
  • Veröffentlicht 02.06.2022 21:15:07
  • Zuletzt bearbeitet 21.11.2024 07:06:01

net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.

7.8

CVE-2022-1943

  • EPSS 0.04%
  • Veröffentlicht 02.06.2022 14:15:34
  • Zuletzt bearbeitet 21.11.2024 06:41:48

A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially

6.9

CVE-2022-1789

  • EPSS 0.02%
  • Veröffentlicht 02.06.2022 14:15:33
  • Zuletzt bearbeitet 21.11.2024 06:41:28

With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.