Canonical

Ubuntu 25.10

3177 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.12%
  • Veröffentlicht 22.04.2026 14:16:45
  • Zuletzt bearbeitet 28.04.2026 13:40:13

In the Linux kernel, the following vulnerability has been resolved: s390/syscalls: Add spectre boundary for syscall dispatch table The s390 syscall number is directly controlled by userspace, but does not have an array_index_nospec() boundary to pr...

  • EPSS 0.13%
  • Veröffentlicht 22.04.2026 14:16:45
  • Zuletzt bearbeitet 28.04.2026 13:12:24

In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-lpspi: fix teardown order issue (UAF) There is a teardown order issue in the driver. The SPI controller is registered using devm_spi_register_controller(), which delay...

  • EPSS 0.1%
  • Veröffentlicht 22.04.2026 14:16:44
  • Zuletzt bearbeitet 30.06.2026 03:18:25

In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix tx.buf use-after-free in isotp_sendmsg() isotp_sendmsg() uses only cmpxchg() on so->tx.state to serialize access to so->tx.buf. isotp_release() waits for ISOTP_IDLE...

  • EPSS 0.13%
  • Veröffentlicht 22.04.2026 14:16:44
  • Zuletzt bearbeitet 27.04.2026 23:25:50

In the Linux kernel, the following vulnerability has been resolved: ASoC: sma1307: fix double free of devm_kzalloc() memory A previous change added NULL checks and cleanup for allocation failures in sma1307_setting_loaded(). However, the cleanup f...

  • EPSS 0.5%
  • Veröffentlicht 22.04.2026 14:16:44
  • Zuletzt bearbeitet 01.06.2026 17:16:47

In the Linux kernel, the following vulnerability has been resolved: ksmbd: do not expire session on binding failure When a multichannel session binding request fails (e.g. wrong password), the error path unconditionally sets sess->state = SMB2_SESS...

  • EPSS 0.48%
  • Veröffentlicht 22.04.2026 14:16:44
  • Zuletzt bearbeitet 27.04.2026 23:24:22

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix memory leaks and NULL deref in smb2_lock() smb2_lock() has three error handling issues after list_del() detaches smb_lock from lock_list at no_check_cl: 1) If vfs_lock_...

  • EPSS 0.5%
  • Veröffentlicht 22.04.2026 14:16:44
  • Zuletzt bearbeitet 27.04.2026 23:23:52

In the Linux kernel, the following vulnerability has been resolved: ksmbd: replace hardcoded hdr2_len with offsetof() in smb2_calc_max_out_buf_len() After this commit (e2b76ab8b5c9 "ksmbd: add support for read compound"), response buffer management...

  • EPSS 0.13%
  • Veröffentlicht 22.04.2026 14:16:44
  • Zuletzt bearbeitet 27.04.2026 23:19:30

In the Linux kernel, the following vulnerability has been resolved: drm/xe: always keep track of remap prev/next During 3D workload, user is reporting hitting: [ 413.361679] WARNING: drivers/gpu/drm/xe/xe_vm.c:1217 at vm_bind_ioctl_ops_unwind+0x1...

  • EPSS 0.13%
  • Veröffentlicht 22.04.2026 14:16:43
  • Zuletzt bearbeitet 07.05.2026 18:18:57

In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false A UAF issue occurs when the virtio_net driver is configured with napi_tx=N and the device's...

  • EPSS 0.13%
  • Veröffentlicht 22.04.2026 14:16:43
  • Zuletzt bearbeitet 07.05.2026 17:39:34

In the Linux kernel, the following vulnerability has been resolved: virt: tdx-guest: Fix handling of host controlled 'quote' buffer length Validate host controlled value `quote_buf->out_len` that determines how many bytes of the quote are copied ou...