Canonical

Ubuntu 25.10

3177 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.19%
  • Veröffentlicht 24.10.2025 12:24:57
  • Zuletzt bearbeitet 15.04.2026 00:35:42

In the Linux kernel, the following vulnerability has been resolved: tracing: dynevent: Add a missing lockdown check on dynevent Since dynamic_events interface on tracefs is compatible with kprobe_events and uprobe_events, it should also check the l...

  • EPSS 0.19%
  • Veröffentlicht 24.10.2025 12:24:57
  • Zuletzt bearbeitet 12.05.2026 13:17:18

In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - Fix incorrect boolean values in af_alg_ctx Commit 1b34cbbf4f01 ("crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg") changed some fields from bool to 1...

  • EPSS 0.19%
  • Veröffentlicht 24.10.2025 12:24:56
  • Zuletzt bearbeitet 15.04.2026 00:35:42

In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix shift-out-of-bounds issue Explicitly uses a 64-bit constant when the number of bits used for its shifting is 32 (which is the case for PC CAN FD interfaces suppo...

  • EPSS 0.27%
  • Veröffentlicht 24.10.2025 11:44:29
  • Zuletzt bearbeitet 15.04.2026 00:35:42

In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essiv_aead_crypt so that it's also checked for decryption and in-place encry...

  • EPSS 0.19%
  • Veröffentlicht 24.10.2025 11:44:28
  • Zuletzt bearbeitet 15.04.2026 00:35:42

In the Linux kernel, the following vulnerability has been resolved: ipvs: Defer ip_vs_ftp unregister during netns cleanup On the netns cleanup path, __ip_vs_ftp_exit() may unregister ip_vs_ftp before connections with valid cp->app pointers are flus...

Medienbericht
  • EPSS 0.25%
  • Veröffentlicht 22.10.2025 14:59:43
  • Zuletzt bearbeitet 30.10.2025 17:21:42

OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, ubusd contains a heap buffer overflow in the event registration parsing code. This allows an attacker to modify the head and potentially execute arbitra...

Medienbericht
  • EPSS 0.17%
  • Veröffentlicht 22.10.2025 14:59:15
  • Zuletzt bearbeitet 30.10.2025 17:34:02

OpenWrt Project is a Linux operating system targeting embedded devices. Prior to version 24.10.4, local users could read and write arbitrary kernel memory using the ioctls of the ltq-ptm driver which is used to drive the datapath of the DSL line. Thi...

  • EPSS 0.21%
  • Veröffentlicht 20.10.2025 15:30:43
  • Zuletzt bearbeitet 15.04.2026 00:35:42

In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix memory leak by freeing untracked persist buffer One internal buffer which is allocated only once per session was not being freed during session close because it wa...

  • EPSS 0.23%
  • Veröffentlicht 20.10.2025 15:29:10
  • Zuletzt bearbeitet 18.04.2026 09:16:12

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID Per UVC 1.1+ specification 3.7.2, units and terminals must have a non-zero unique ID. ``` Each Unit and Termin...

  • EPSS 0.23%
  • Veröffentlicht 20.10.2025 15:29:09
  • Zuletzt bearbeitet 15.04.2026 00:35:42

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: audioreach: fix potential null pointer dereference It is possible that the topology parsing function audioreach_widget_load_module_common() could return NULL or an erro...