Canonical

Ubuntu 22.04 LTS

7957 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-0995

Exploit
  • EPSS 16.96%
  • Veröffentlicht 25.03.2022 19:15:10
  • Zuletzt bearbeitet 21.11.2024 06:39:49

An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of ser...

5.5

CVE-2022-0854

Exploit
  • EPSS 0.02%
  • Veröffentlicht 23.03.2022 20:15:10
  • Zuletzt bearbeitet 21.11.2024 06:39:32

A memory leak flaw was found in the Linux kernel’s DMA subsystem, in the way a user calls DMA_FROM_DEVICE. This flaw allows a local user to read random memory from the kernel space.

5.5

CVE-2021-4095

Exploit
  • EPSS 0.11%
  • Veröffentlicht 10.03.2022 17:44:53
  • Zuletzt bearbeitet 21.11.2024 06:36:53

A NULL pointer dereference was found in the Linux kernel's KVM when dirty ring logging is enabled without an active vCPU context. An unprivileged local attacker on the host may use this flaw to cause a kernel oops condition and thus a denial of servi...

7.8

CVE-2022-26490

  • EPSS 0.12%
  • Veröffentlicht 06.03.2022 04:15:07
  • Zuletzt bearbeitet 25.06.2025 21:01:34

st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows because of untrusted length parameters.

5.5

CVE-2022-25375

  • EPSS 0.71%
  • Veröffentlicht 20.02.2022 20:15:18
  • Zuletzt bearbeitet 21.11.2024 06:52:06

An issue was discovered in drivers/usb/gadget/function/rndis.c in the Linux kernel before 5.16.10. The RNDIS USB gadget lacks validation of the size of the RNDIS_MSG_SET command. Attackers can obtain sensitive information from kernel memory.

7.8

CVE-2022-25265

Exploit
  • EPSS 0.27%
  • Veröffentlicht 16.02.2022 21:15:08
  • Zuletzt bearbeitet 21.11.2024 06:51:54

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable ...

9.8

CVE-2021-3773

  • EPSS 0.6%
  • Veröffentlicht 16.02.2022 19:15:08
  • Zuletzt bearbeitet 28.03.2025 15:15:41

A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in traditional network attacks.

5.5

CVE-2021-33061

  • EPSS 0.05%
  • Veröffentlicht 09.02.2022 23:15:15
  • Zuletzt bearbeitet 05.05.2025 17:17:05

Insufficient control flow management for the Intel(R) 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enable denial of service via local access.

5.3

CVE-2021-31615

  • EPSS 0.25%
  • Veröffentlicht 25.06.2021 12:15:08
  • Zuletzt bearbeitet 21.11.2024 06:06:01

Unencrypted Bluetooth Low Energy baseband links in Bluetooth Core Specifications 4.0 through 5.2 may permit an adjacent device to inject a crafted packet during the receive window of the listening device before the transmitting device initiates its p...

7.5

CVE-2020-26556

  • EPSS 0.9%
  • Veröffentlicht 24.05.2021 18:15:07
  • Zuletzt bearbeitet 21.11.2024 05:20:04

Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by...