Canonical

Ubuntu 18.04 LTS

1647 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2023-32233

  • EPSS 0.72%
  • Veröffentlicht 08.05.2023 20:15:20
  • Zuletzt bearbeitet 05.05.2025 16:15:39

In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs ...

6.7

CVE-2023-32269

  • EPSS 0.01%
  • Veröffentlicht 05.05.2023 17:15:09
  • Zuletzt bearbeitet 05.05.2025 16:15:40

An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the syste...

7.8

CVE-2023-31436

  • EPSS 0.04%
  • Veröffentlicht 28.04.2023 02:15:09
  • Zuletzt bearbeitet 21.11.2024 08:01:51

qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed QFQ_MIN_LMAX.

4.7

CVE-2023-0458

  • EPSS 0.14%
  • Veröffentlicht 26.04.2023 19:15:08
  • Zuletzt bearbeitet 21.11.2024 07:37:13

A speculative pointer dereference problem exists in the Linux Kernel on the do_prlimit() function. The resource argument value is controlled and is used in pointer arithmetic for the 'rlim' variable and can be used to leak the contents. We recommend ...

7.5

CVE-2023-0045

Exploit
  • EPSS 0.28%
  • Veröffentlicht 25.04.2023 23:15:09
  • Zuletzt bearbeitet 13.02.2025 17:15:52

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set  function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctr...

5.5

CVE-2023-28328

  • EPSS 0.02%
  • Veröffentlicht 19.04.2023 23:15:07
  • Zuletzt bearbeitet 19.03.2025 16:15:21

A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from user space is not checked properly before transferring into the device. This flaw allows a local user to crash ...

5.5

CVE-2023-2162

  • EPSS 0.01%
  • Veröffentlicht 19.04.2023 20:15:12
  • Zuletzt bearbeitet 19.03.2025 16:15:21

A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux Kernel. In this flaw an attacker could leak kernel internal information.

7.8

CVE-2023-1829

  • EPSS 0.25%
  • Veröffentlicht 12.04.2023 12:15:07
  • Zuletzt bearbeitet 13.02.2025 17:16:00

A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The tcindex_delete function which does not properly deactivate filters in case of a perfect hashes while...

6.5

CVE-2023-30456

  • EPSS 0.01%
  • Veröffentlicht 10.04.2023 02:15:06
  • Zuletzt bearbeitet 19.03.2025 16:15:22

An issue was discovered in arch/x86/kvm/vmx/nested.c in the Linux kernel before 6.2.8. nVMX on x86_64 lacks consistency checks for CR0 and CR4.

5.5

CVE-2020-11935

  • EPSS 0.04%
  • Veröffentlicht 07.04.2023 02:15:07
  • Zuletzt bearbeitet 21.11.2024 04:58:56

It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack.