Canonical

Ubuntu 20.04 LTS

3473 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-23454

  • EPSS 0.04%
  • Veröffentlicht 12.01.2023 07:15:08
  • Zuletzt bearbeitet 20.03.2025 21:15:18

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than v...

6.4

CVE-2022-4382

Exploit
  • EPSS 0.03%
  • Veröffentlicht 10.01.2023 22:15:14
  • Zuletzt bearbeitet 09.04.2025 16:15:21

A use-after-free flaw caused by a race among the superblock operations in the gadgetfs Linux driver was found. It could be triggered by yanking out a device that is running the gadgetfs side.

8.8

CVE-2022-2196

  • EPSS 0.04%
  • Veröffentlicht 09.01.2023 11:15:10
  • Zuletzt bearbeitet 13.02.2025 17:15:40

A regression exists in the Linux Kernel within KVM: nVMX that allowed for speculative execution attacks. L2 can carry out Spectre v2 attacks on L1 due to L1 thinking it doesn't need retpolines or IBPB after running L2 due to KVM (L0) advertising eIBR...

5.5

CVE-2022-4662

  • EPSS 0.01%
  • Veröffentlicht 22.12.2022 22:15:16
  • Zuletzt bearbeitet 09.04.2025 19:15:46

A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.

7.1

CVE-2022-47520

  • EPSS 0.03%
  • Veröffentlicht 18.12.2022 06:15:09
  • Zuletzt bearbeitet 17.04.2025 15:15:53

An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) infor...

7.8

CVE-2022-20566

  • EPSS 0.02%
  • Veröffentlicht 16.12.2022 16:15:19
  • Zuletzt bearbeitet 21.04.2025 14:15:26

In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: And...

6.7

CVE-2022-20572

  • EPSS 0.01%
  • Veröffentlicht 16.12.2022 16:15:19
  • Zuletzt bearbeitet 18.04.2025 15:15:46

In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ...

5.5

CVE-2022-3108

  • EPSS 0.01%
  • Veröffentlicht 14.12.2022 21:15:12
  • Zuletzt bearbeitet 22.04.2025 15:15:59

An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().

5.5

CVE-2022-3111

  • EPSS 0.02%
  • Veröffentlicht 14.12.2022 21:15:12
  • Zuletzt bearbeitet 22.04.2025 14:15:19

An issue was discovered in the Linux kernel through 5.16-rc6. free_charger_irq() in drivers/power/supply/wm8350_power.c lacks free of WM8350_IRQ_CHG_FAST_RDY, which is registered in wm8350_init_charger().

5.5

CVE-2022-3115

  • EPSS 0.07%
  • Veröffentlicht 14.12.2022 21:15:12
  • Zuletzt bearbeitet 22.04.2025 14:15:21

An issue was discovered in the Linux kernel through 5.16-rc6. malidp_crtc_reset in drivers/gpu/drm/arm/malidp_crtc.c lacks check of the return value of kzalloc() and will cause the null pointer dereference.