Canonical

Ubuntu 22.04 LTS

8292 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
0

CVE-2022-1966

  • EPSS 0.04%
  • Veröffentlicht 06.06.2022 18:15:08
  • Zuletzt bearbeitet 07.11.2023 03:42:21

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-32250. Reason: This candidate is a duplicate of CVE-2022-32250. Notes: All CVE users should reference CVE-2022-32250 instead of this candidate. All references and descriptions in...

3.3

CVE-2022-32296

  • EPSS 0.07%
  • Veröffentlicht 05.06.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 07:06:07

The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.

7.8

CVE-2022-32250

Exploit
  • EPSS 2.18%
  • Veröffentlicht 02.06.2022 21:15:07
  • Zuletzt bearbeitet 21.11.2024 07:06:01

net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.

7.8

CVE-2022-1943

  • EPSS 0.04%
  • Veröffentlicht 02.06.2022 14:15:34
  • Zuletzt bearbeitet 21.11.2024 06:41:48

A flaw out of bounds memory write in the Linux kernel UDF file system functionality was found in the way user triggers some file operation which triggers udf_write_fi(). A local user could use this flaw to crash the system or potentially

6.9

CVE-2022-1789

  • EPSS 0.02%
  • Veröffentlicht 02.06.2022 14:15:33
  • Zuletzt bearbeitet 21.11.2024 06:41:28

With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.

6.3

CVE-2022-1462

Exploit
  • EPSS 0.05%
  • Veröffentlicht 02.06.2022 14:15:32
  • Zuletzt bearbeitet 21.11.2024 06:40:46

An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc functi...

7.8

CVE-2022-1652

  • EPSS 0.75%
  • Veröffentlicht 02.06.2022 14:15:32
  • Zuletzt bearbeitet 21.11.2024 06:41:10

Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to exe...

7.8

CVE-2022-1882

  • EPSS 0.04%
  • Veröffentlicht 26.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:41:40

A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially ...

7

CVE-2022-1734

Exploit
  • EPSS 0.08%
  • Veröffentlicht 18.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:41:21

A flaw in Linux Kernel found in nfcmrvl_nci_unregister_dev() in drivers/nfc/nfcmrvl/main.c can lead to use after free both read or write when non synchronized between cleanup routine and firmware download routine.

7.8

CVE-2022-29581

Exploit
  • EPSS 0.19%
  • Veröffentlicht 17.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:59:20

Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.