Canonical

Ubuntu 18.04 LTS

1647 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.5

CVE-2020-24586

Exploit
  • EPSS 1.46%
  • Veröffentlicht 11.05.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:15:03

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when a...

2.6

CVE-2020-24587

Exploit
  • EPSS 0.49%
  • Veröffentlicht 11.05.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:15:05

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragmen...

3.5

CVE-2020-24588

Exploit
  • EPSS 0.31%
  • Veröffentlicht 11.05.2021 20:15:08
  • Zuletzt bearbeitet 14.04.2026 09:16:20

The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP...

5.3

CVE-2020-26139

  • EPSS 2.25%
  • Veröffentlicht 11.05.2021 20:15:08
  • Zuletzt bearbeitet 14.04.2026 09:16:21

An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denia...

5.4

CVE-2020-26147

  • EPSS 0.19%
  • Veröffentlicht 11.05.2021 20:15:08
  • Zuletzt bearbeitet 14.04.2026 10:16:18

An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragme...

7

CVE-2021-32399

Exploit
  • EPSS 0.06%
  • Veröffentlicht 10.05.2021 22:15:06
  • Zuletzt bearbeitet 21.11.2024 06:06:59

net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.

6.7

CVE-2021-31916

  • EPSS 0.11%
  • Veröffentlicht 06.05.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:06:30

An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gai...

5.5

CVE-2021-31829

  • EPSS 0.08%
  • Veröffentlicht 06.05.2021 16:15:07
  • Zuletzt bearbeitet 21.11.2024 06:06:18

kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against ...

7.8

CVE-2020-35519

  • EPSS 0.11%
  • Veröffentlicht 06.05.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 05:27:29

An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leadin...

7

CVE-2021-23133

Exploit
  • EPSS 0.09%
  • Veröffentlicht 22.04.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:51:16

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr...