Canonical

Ubuntu 20.04 LTS

3473 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2022-3239

  • EPSS 0.03%
  • Veröffentlicht 19.09.2022 20:15:12
  • Zuletzt bearbeitet 21.11.2024 07:19:07

A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based TV cards. A local user could use this flaw to crash the system or potentially escalate their privileges on the...

5.5

CVE-2022-40768

  • EPSS 0.02%
  • Veröffentlicht 18.09.2022 05:15:08
  • Zuletzt bearbeitet 21.11.2024 07:22:01

drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.

5.5

CVE-2022-36402

  • EPSS 0.05%
  • Veröffentlicht 16.09.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 07:12:57

An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system...

7.8

CVE-2022-3176

  • EPSS 0.02%
  • Veröffentlicht 16.09.2022 14:15:09
  • Zuletzt bearbeitet 21.11.2024 07:18:58

There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_...

7.8

CVE-2022-2977

  • EPSS 0.02%
  • Veröffentlicht 14.09.2022 21:15:10
  • Zuletzt bearbeitet 21.11.2024 07:02:01

A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are configured (this is not the default) a local attacker can create a use-after-free and create a situation where it ma...

7.1

CVE-2022-3202

  • EPSS 0.03%
  • Veröffentlicht 14.09.2022 15:15:11
  • Zuletzt bearbeitet 21.11.2024 07:19:02

A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information.

5.5

CVE-2022-3169

  • EPSS 0.02%
  • Veröffentlicht 09.09.2022 15:15:15
  • Zuletzt bearbeitet 21.11.2024 07:18:58

A flaw was found in the Linux kernel. A denial of service flaw may occur if there is a consecutive request of the NVME_IOCTL_RESET and the NVME_IOCTL_SUBSYS_RESET through the device file of the driver, resulting in a PCIe link disconnect.

5.5

CVE-2022-38096

  • EPSS 0.04%
  • Veröffentlicht 09.09.2022 15:15:14
  • Zuletzt bearbeitet 12.05.2026 10:16:38

A NULL pointer dereference vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the...

7.8

CVE-2022-2964

  • EPSS 0.03%
  • Veröffentlicht 09.09.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:01:59

A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability contains multiple out-of-bounds reads and possible out-of-bounds writes.

5.5

CVE-2022-36280

  • EPSS 0.05%
  • Veröffentlicht 09.09.2022 15:15:10
  • Zuletzt bearbeitet 21.11.2024 07:12:42

An out-of-bounds(OOB) memory access vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_kms.c in GPU component in the Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user accou...