Canonical

Ubuntu 22.04 LTS

8751 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.51%
  • Veröffentlicht 25.09.2023 21:15:15
  • Zuletzt bearbeitet 21.11.2024 08:23:06

An array indexing vulnerability was found in the netfilter subsystem of the Linux kernel. A missing macro could lead to a miscalculation of the `h->nets` array offset, providing attackers with the primitive to arbitrarily increment/decrement a memory...

  • EPSS 0.2%
  • Veröffentlicht 25.09.2023 16:15:15
  • Zuletzt bearbeitet 21.11.2024 08:41:12

A flaw was found in vringh_kiov_advance in drivers/vhost/vringh.c in the host side of a virtio ring in the Linux Kernel. This issue may result in a denial of service from guest to host via zero length descriptor.

  • EPSS 0.3%
  • Veröffentlicht 22.09.2023 14:15:45
  • Zuletzt bearbeitet 04.11.2025 20:16:29

The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the headers would come in one piece. Unfortunately the logic introduced there didn't account for the extreme case of ...

  • EPSS 3.55%
  • Veröffentlicht 20.09.2023 06:15:10
  • Zuletzt bearbeitet 21.11.2024 07:58:03

Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary read/write in kernel memory, lateral privilege escalation, and container escape.

  • EPSS 0.16%
  • Veröffentlicht 13.09.2023 17:15:10
  • Zuletzt bearbeitet 21.11.2024 08:34:30

A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an...

Exploit
  • EPSS 0.4%
  • Veröffentlicht 12.09.2023 20:15:10
  • Zuletzt bearbeitet 13.02.2025 18:15:48

A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. When the plug qdisc is used as a class of the qfq qdisc, sending network packets triggers use-after-free in qfq...

  • EPSS 0.04%
  • Veröffentlicht 11.09.2023 17:15:07
  • Zuletzt bearbeitet 07.11.2023 04:23:08

Rejected reason: CVE-2023-4881 was wrongly assigned to a bug that was deemed to be a non-security issue by the Linux kernel security team.

  • EPSS 0.55%
  • Veröffentlicht 06.09.2023 14:15:12
  • Zuletzt bearbeitet 13.02.2025 18:15:46

A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. ...

  • EPSS 0.29%
  • Veröffentlicht 06.09.2023 14:15:12
  • Zuletzt bearbeitet 20.03.2025 16:59:51

A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve local privilege escalation. If a class with a link-sharing curve (i.e. with the HFSC_FSC flag set) has a pare...

  • EPSS 0.29%
  • Veröffentlicht 06.09.2023 14:15:11
  • Zuletzt bearbeitet 13.02.2025 17:17:14

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. On an error when building a nftables rule, deactivating immediate expressions in nft_immediate_deactivate() c...