Canonical

Ubuntu 20.04 LTS

3473 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7

CVE-2021-44733

Exploit
  • EPSS 0.28%
  • Veröffentlicht 22.12.2021 17:15:09
  • Zuletzt bearbeitet 21.11.2024 06:31:28

A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.

5.5

CVE-2021-45095

  • EPSS 0.04%
  • Veröffentlicht 16.12.2021 04:15:06
  • Zuletzt bearbeitet 21.11.2024 06:31:56

pep_sock_accept in net/phonet/pep.c in the Linux kernel through 5.15.8 has a refcount leak.

4.1

CVE-2021-39648

  • EPSS 0.05%
  • Veröffentlicht 15.12.2021 19:15:15
  • Zuletzt bearbeitet 21.11.2024 06:19:53

In gadget_dev_desc_UDC_show of configfs.c, there is a possible disclosure of kernel heap memory due to a race condition. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for explo...

6.7

CVE-2021-39656

  • EPSS 0.02%
  • Veröffentlicht 15.12.2021 19:15:15
  • Zuletzt bearbeitet 21.11.2024 06:19:54

In __configfs_open_file of file.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Pro...

4.4

CVE-2021-39657

  • EPSS 0.03%
  • Veröffentlicht 15.12.2021 19:15:15
  • Zuletzt bearbeitet 21.11.2024 06:19:54

In ufshcd_eh_device_reset_handler of ufshcd.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitat...

6.9

CVE-2021-0920

Warnung
  • EPSS 0.94%
  • Veröffentlicht 15.12.2021 19:15:11
  • Zuletzt bearbeitet 23.10.2025 14:53:26

In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: Androi...

5.5

CVE-2021-33098

  • EPSS 0.07%
  • Veröffentlicht 17.11.2021 20:15:10
  • Zuletzt bearbeitet 21.11.2024 06:08:17

Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.

6.7

CVE-2021-43975

Exploit
  • EPSS 0.02%
  • Veröffentlicht 17.11.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:30:07

In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.

4.6

CVE-2021-43976

  • EPSS 0.05%
  • Veröffentlicht 17.11.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:30:07

In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

5.5

CVE-2021-43389

Exploit
  • EPSS 0.01%
  • Veröffentlicht 04.11.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 06:29:08

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.