Canonical

Ubuntu 22.04 LTS

8292 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-3707

  • EPSS 0.01%
  • Veröffentlicht 06.03.2023 23:15:10
  • Zuletzt bearbeitet 07.03.2025 16:15:35

A double-free memory flaw was found in the Linux kernel. The Intel GVT-g graphics driver triggers VGA card system resource overload, causing a fail in the intel_gvt_dma_map_guest_page function. This issue could allow a local user to crash the system.

7.8

CVE-2023-1118

  • EPSS 0.02%
  • Veröffentlicht 02.03.2023 18:15:09
  • Zuletzt bearbeitet 23.04.2025 17:16:24

A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

5.5

CVE-2023-23004

  • EPSS 0.02%
  • Veröffentlicht 01.03.2023 20:15:14
  • Zuletzt bearbeitet 19.03.2025 20:15:17

In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

5.5

CVE-2023-23000

  • EPSS 0.01%
  • Veröffentlicht 01.03.2023 19:15:25
  • Zuletzt bearbeitet 20.03.2025 20:15:28

In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used.

4.7

CVE-2022-27672

  • EPSS 0.23%
  • Veröffentlicht 01.03.2023 08:15:10
  • Zuletzt bearbeitet 13.04.2026 20:16:23

When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.

5.5

CVE-2023-1095

  • EPSS 0.02%
  • Veröffentlicht 28.02.2023 23:15:11
  • Zuletzt bearbeitet 18.03.2025 16:15:16

In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this r...

5.5

CVE-2023-22998

  • EPSS 0.02%
  • Veröffentlicht 28.02.2023 21:15:12
  • Zuletzt bearbeitet 19.03.2025 17:15:38

In the Linux kernel before 6.0.3, drivers/gpu/drm/virtio/virtgpu_object.c misinterprets the drm_gem_shmem_get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

7.8

CVE-2023-20938

  • EPSS 0.16%
  • Veröffentlicht 28.02.2023 17:15:10
  • Zuletzt bearbeitet 21.11.2024 07:41:51

In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8

CVE-2023-0461

  • EPSS 0.14%
  • Veröffentlicht 28.02.2023 15:15:11
  • Zuletzt bearbeitet 21.11.2024 07:37:13

There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation ...

7.8

CVE-2023-22995

  • EPSS 0.02%
  • Veröffentlicht 28.02.2023 05:15:12
  • Zuletzt bearbeitet 05.05.2025 16:15:29

In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls.