Canonical

Ubuntu 25.10

2230 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2026-31640

  • EPSS 0.05%
  • Veröffentlicht 24.04.2026 14:44:54
  • Zuletzt bearbeitet 27.04.2026 20:20:22

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial In rxrpc_post_response(), the code should be comparing the challenge serial number from the cached response ...

7.5

CVE-2026-31638

  • EPSS 0.07%
  • Veröffentlicht 24.04.2026 14:44:52
  • Zuletzt bearbeitet 27.04.2026 20:20:36

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpc_input_packet_on_conn() can process a to-client packet after the current client call on the channel has already been torn down...

5.5

CVE-2026-31639

  • EPSS 0.01%
  • Veröffentlicht 24.04.2026 14:44:52
  • Zuletzt bearbeitet 27.04.2026 20:20:27

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count leak from call->key When creating a client call in rxrpc_alloc_client_call(), the code obtains a reference to the key. This is never cleaned up and ...

9.8

CVE-2026-31637

  • EPSS 0.08%
  • Veröffentlicht 24.04.2026 14:44:51
  • Zuletzt bearbeitet 27.04.2026 20:20:48

In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response tickets rxkad_decrypt_ticket() decrypts the RXKAD response ticket and then parses the buffer as plaintext without checking whether crypto...

9.1

CVE-2026-31636

  • EPSS 0.05%
  • Veröffentlicht 24.04.2026 14:44:50
  • Zuletzt bearbeitet 27.04.2026 20:21:04

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authenticator parser OOB read rxgk_verify_authenticator() copies auth_len bytes into a temporary buffer and then passes p + auth_len as the parser limit to rxgk...

5.5

CVE-2026-31634

  • EPSS 0.02%
  • Veröffentlicht 24.04.2026 14:44:49
  • Zuletzt bearbeitet 27.04.2026 20:30:25

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix reference count leak in rxrpc_server_keyring() This patch fixes a reference count leak in rxrpc_server_keyring() by checking if rx->securities is already set.

7.5

CVE-2026-31635

  • EPSS 0.05%
  • Veröffentlicht 24.04.2026 14:44:49
  • Zuletzt bearbeitet 27.04.2026 20:30:19

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix oversized RESPONSE authenticator length check rxgk_verify_response() decodes auth_len from the packet and is supposed to verify that it fits in the remaining bytes. The ...

9.8

CVE-2026-31633

  • EPSS 0.05%
  • Veröffentlicht 24.04.2026 14:44:48
  • Zuletzt bearbeitet 27.04.2026 20:30:33

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix integer overflow in rxgk_verify_response() In rxgk_verify_response(), there's a potential integer overflow due to rounding up token_len before checking it, thereby allow...

8.2

CVE-2026-31631

  • EPSS 0.05%
  • Veröffentlicht 24.04.2026 14:44:47
  • Zuletzt bearbeitet 27.04.2026 20:30:46

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix buffer overread in rxgk_do_verify_authenticator() Fix rxgk_do_verify_authenticator() to check the buffer size before checking the nonce.

5.5

CVE-2026-31632

  • EPSS 0.01%
  • Veröffentlicht 24.04.2026 14:44:47
  • Zuletzt bearbeitet 27.04.2026 20:30:38

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix leak of rxgk context in rxgk_verify_response() Fix rxgk_verify_response() to clean up the rxgk context it creates.