Canonical

Ubuntu 20.04 LTS

3473 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-23000

  • EPSS 0.01%
  • Veröffentlicht 01.03.2023 19:15:25
  • Zuletzt bearbeitet 20.03.2025 20:15:28

In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used.

4.7

CVE-2022-27672

  • EPSS 0.23%
  • Veröffentlicht 01.03.2023 08:15:10
  • Zuletzt bearbeitet 13.04.2026 20:16:23

When SMT is enabled, certain AMD processors may speculatively execute instructions using a target from the sibling thread after an SMT mode switch potentially resulting in information disclosure.

5.5

CVE-2023-1095

  • EPSS 0.02%
  • Veröffentlicht 28.02.2023 23:15:11
  • Zuletzt bearbeitet 18.03.2025 16:15:16

In nf_tables_updtable, if nf_tables_table_enable returns an error, nft_trans_destroy is called to free the transaction object. nft_trans_destroy() calls list_del(), but the transaction was never placed on a list -- the list head is all zeroes, this r...

7.8

CVE-2023-20938

  • EPSS 0.16%
  • Veröffentlicht 28.02.2023 17:15:10
  • Zuletzt bearbeitet 21.11.2024 07:41:51

In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8

CVE-2023-0461

  • EPSS 0.14%
  • Veröffentlicht 28.02.2023 15:15:11
  • Zuletzt bearbeitet 21.11.2024 07:37:13

There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation ...

7.8

CVE-2023-22995

  • EPSS 0.02%
  • Veröffentlicht 28.02.2023 05:15:12
  • Zuletzt bearbeitet 05.05.2025 16:15:29

In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls.

7.1

CVE-2023-26607

Exploit
  • EPSS 0.07%
  • Veröffentlicht 26.02.2023 23:15:10
  • Zuletzt bearbeitet 05.05.2025 16:15:31

In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.

4.7

CVE-2023-26545

  • EPSS 0.02%
  • Veröffentlicht 25.02.2023 04:15:10
  • Zuletzt bearbeitet 25.06.2025 20:54:48

In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.

5.5

CVE-2023-0597

  • EPSS 0.02%
  • Veröffentlicht 23.02.2023 20:15:12
  • Zuletzt bearbeitet 12.03.2025 20:15:13

A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some ...

5.5

CVE-2023-0615

  • EPSS 0.02%
  • Veröffentlicht 06.02.2023 23:15:09
  • Zuletzt bearbeitet 25.03.2025 20:15:17

A memory leak flaw and potential divide by zero and Integer overflow was found in the Linux kernel V4L2 and vivid test code functionality. This issue occurs when a user triggers ioctls, such as VIDIOC_S_DV_TIMINGS ioctl. This could allow a local user...