Canonical

Ubuntu 18.04 LTS

1647 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.1

CVE-2019-6974

Exploit
  • EPSS 7.92%
  • Veröffentlicht 15.02.2019 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:47:20

In the Linux kernel before 4.20.8, kvm_ioctl_create_device in virt/kvm/kvm_main.c mishandles reference counting because of a race condition, leading to a use-after-free.

5.6

CVE-2019-7308

  • EPSS 0.03%
  • Veröffentlicht 01.02.2019 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:47:58

kernel/bpf/verifier.c in the Linux kernel before 4.20.6 performs undesirable out-of-bounds speculation on pointer arithmetic in various cases, including cases of different branches with different state or limits to sanitize, leading to side-channel a...

4.9

CVE-2019-3819

  • EPSS 0.02%
  • Veröffentlicht 25.01.2019 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:36

A flaw was found in the Linux kernel in the function hid_debug_events_read() in drivers/hid/hid-debug.c file which may enter an infinite loop with certain parameters passed from a userspace. A local privileged user ("root") can cause a system lock up...

6.7

CVE-2019-6133

  • EPSS 0.03%
  • Veröffentlicht 11.01.2019 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:46:00

In PolicyKit (aka polkit) 0.115, the "start time" protection mechanism can be bypassed because fork() is not atomic, and therefore authorization decisions are improperly cached. This is related to lack of uid checking in polkitbackend/polkitbackendin...

5.5

CVE-2019-5489

  • EPSS 0.44%
  • Veröffentlicht 07.01.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:45:02

The mincore() implementation in mm/mincore.c in the Linux kernel through 4.19.13 allowed local attackers to observe page cache access patterns of other processes on the same system, potentially allowing sniffing of secret information. (Fixing this af...

8.8

CVE-2018-16882

  • EPSS 0.1%
  • Veröffentlicht 03.01.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:53:31

A use-after-free issue was found in the way the Linux kernel's KVM hypervisor processed posted interrupts when nested(=1) virtualization is enabled. In nested_get_vmcs12_pages(), in case of an error while processing posted interrupt address, it unmap...

4.9

CVE-2019-3701

Exploit
  • EPSS 0.05%
  • Veröffentlicht 03.01.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:21

An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_AD...

5.5

CVE-2018-20511

  • EPSS 0.07%
  • Veröffentlicht 27.12.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:38

An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next f...

8

CVE-2018-16884

  • EPSS 0.05%
  • Veröffentlicht 18.12.2018 22:29:04
  • Zuletzt bearbeitet 21.11.2024 03:53:31

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container ...

7.2

CVE-2018-20169

  • EPSS 0.12%
  • Veröffentlicht 17.12.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:00

An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.