Canonical

Ubuntu 18.04 LTS

1647 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2019-3874

  • EPSS 0.18%
  • Veröffentlicht 25.03.2019 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:46

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.

5.5

CVE-2019-9857

  • EPSS 0.07%
  • Veröffentlicht 21.03.2019 16:01:17
  • Zuletzt bearbeitet 21.11.2024 04:52:26

In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak...

5.5

CVE-2019-7222

Exploit
  • EPSS 0.04%
  • Veröffentlicht 21.03.2019 16:01:11
  • Zuletzt bearbeitet 21.11.2024 04:47:47

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.

7.8

CVE-2019-7221

Exploit
  • EPSS 0.05%
  • Veröffentlicht 21.03.2019 16:01:10
  • Zuletzt bearbeitet 21.11.2024 04:47:46

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

7.8

CVE-2018-20669

Exploit
  • EPSS 0.08%
  • Veröffentlicht 21.03.2019 16:00:37
  • Zuletzt bearbeitet 21.11.2024 04:01:57

An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function ca...

4.6

CVE-2018-19985

  • EPSS 0.04%
  • Veröffentlicht 21.03.2019 16:00:33
  • Zuletzt bearbeitet 21.11.2024 03:58:56

The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitr...

5.5

CVE-2019-9213

Exploit
  • EPSS 6.81%
  • Veröffentlicht 05.03.2019 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:51:13

In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check...

9.8

CVE-2018-20784

  • EPSS 0.53%
  • Veröffentlicht 22.02.2019 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:02:10

In the Linux kernel before 4.20.2, kernel/sched/fair.c mishandles leaf cfs_rq's, which allows attackers to cause a denial of service (infinite loop in update_blocked_averages) or possibly have unspecified other impact by inducing a high load.

7.8

CVE-2019-8980

  • EPSS 2.08%
  • Veröffentlicht 21.02.2019 05:29:01
  • Zuletzt bearbeitet 21.11.2024 04:50:44

A memory leak in the kernel_read_file function in fs/exec.c in the Linux kernel through 4.20.11 allows attackers to cause a denial of service (memory consumption) by triggering vfs_read failures.

7.8

CVE-2019-8912

  • EPSS 0.37%
  • Veröffentlicht 18.02.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:50:39

In the Linux kernel through 4.20.11, af_alg_release() in crypto/af_alg.c neglects to set a NULL value for a certain structure member, which leads to a use-after-free in sockfs_setattr.