Canonical

Ubuntu 24.04 LTS

5749 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-26934

  • EPSS 0.13%
  • Veröffentlicht 17.02.2021 02:15:13
  • Zuletzt bearbeitet 21.11.2024 05:57:04

An issue was discovered in the Linux kernel 4.18 through 5.10.16, as used by Xen. The backend allocation (aka be-alloc) mode of the drm_xen_front drivers was not meant to be a supported configuration, but this wasn't stated accordingly in its support...

6.5

CVE-2020-24490

  • EPSS 4.47%
  • Veröffentlicht 02.02.2021 22:15:12
  • Zuletzt bearbeitet 21.11.2024 05:14:54

Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.

8.8

CVE-2020-12351

Exploit
  • EPSS 2.87%
  • Veröffentlicht 23.11.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 04:59:33

Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

6.5

CVE-2020-12352

Exploit
  • EPSS 2.39%
  • Veröffentlicht 23.11.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 04:59:33

Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.

4.4

CVE-2020-14304

  • EPSS 0.06%
  • Veröffentlicht 15.09.2020 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:02:57

A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerab...

5.9

CVE-2020-15802

  • EPSS 55.49%
  • Veröffentlicht 11.09.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 05:06:12

Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, eit...

7.8

CVE-2020-14356

Exploit
  • EPSS 0.82%
  • Veröffentlicht 19.08.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:03:05

A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.

4.7

CVE-2019-20794

Exploit
  • EPSS 0.09%
  • Veröffentlicht 09.05.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:39:22

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace compon...

7.2

CVE-2019-15794

  • EPSS 0.09%
  • Veröffentlicht 24.04.2020 00:15:11
  • Zuletzt bearbeitet 21.11.2024 04:29:28

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is ...

7.8

CVE-2019-20426

Exploit
  • EPSS 0.66%
  • Veröffentlicht 27.01.2020 05:15:11
  • Zuletzt bearbeitet 21.11.2024 04:38:26

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlm_cancel_hpreq_check, there is no lock_count bounds che...