Canonical

Ubuntu 18.04 LTS

1647 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2019-20810

  • EPSS 0.07%
  • Veröffentlicht 03.06.2020 00:15:10
  • Zuletzt bearbeitet 21.11.2024 04:39:25

go7007_snd_init in drivers/media/usb/go7007/snd-go7007.c in the Linux kernel before 5.6 does not call snd_card_free for a failure path, which causes a memory leak, aka CID-9453264ef586.

4.4

CVE-2019-20806

  • EPSS 0.12%
  • Veröffentlicht 27.05.2020 12:15:10
  • Zuletzt bearbeitet 21.11.2024 04:39:24

An issue was discovered in the Linux kernel before 5.2. There is a NULL pointer dereference in tw5864_handle_frame() in drivers/media/pci/tw5864/tw5864-video.c, which may cause denial of service, aka CID-2e7682ebfc75.

6.1

CVE-2020-10751

  • EPSS 0.08%
  • Veröffentlicht 26.05.2020 15:15:10
  • Zuletzt bearbeitet 21.11.2024 04:55:59

A flaw was found in the Linux kernels SELinux LSM hook implementation before version 5.7, where it incorrectly assumed that an skb would only contain a single netlink message. The hook would incorrectly only validate the first netlink message in the ...

5.9

CVE-2020-10711

  • EPSS 5.44%
  • Veröffentlicht 22.05.2020 15:15:11
  • Zuletzt bearbeitet 21.11.2024 04:55:54

A NULL pointer dereference flaw was found in the Linux kernel's SELinux subsystem in versions before 5.7. This flaw occurs while importing the Commercial IP Security Option (CIPSO) protocol's category bitmap into the SELinux extensible bitmap via the...

5.4

CVE-2020-10135

Exploit
  • EPSS 20.2%
  • Veröffentlicht 19.05.2020 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:54:53

Legacy pairing and secure-connections pairing authentication in Bluetooth BR/EDR Core Specification v5.2 and earlier may allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. An unauthenticated, adj...

6.5

CVE-2020-13143

  • EPSS 2.98%
  • Veröffentlicht 18.05.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:44

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753...

5.3

CVE-2020-12888

  • EPSS 0.1%
  • Veröffentlicht 15.05.2020 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:00:29

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

5.3

CVE-2020-12826

Exploit
  • EPSS 0.07%
  • Veröffentlicht 12.05.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:20

A signal access-control issue was discovered in the Linux kernel before 5.6.5, aka CID-7395ea4e65c2. Because exec_id in include/linux/sched.h is only 32 bits, an integer overflow can interfere with a do_notify_parent protection mechanism. A child pro...

5.5

CVE-2020-12769

Exploit
  • EPSS 0.06%
  • Veröffentlicht 09.05.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:15

An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.

6.7

CVE-2020-12770

  • EPSS 0.04%
  • Veröffentlicht 09.05.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:15

An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.