Canonical

Ubuntu 20.04 LTS

3473 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.7

CVE-2021-33624

Exploit
  • EPSS 0.47%
  • Veröffentlicht 23.06.2021 16:15:07
  • Zuletzt bearbeitet 11.11.2025 16:15:33

In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6...

4.9

CVE-2021-0605

  • EPSS 0.04%
  • Veröffentlicht 22.06.2021 12:15:09
  • Zuletzt bearbeitet 21.11.2024 05:43:00

In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Pr...

7.8

CVE-2021-0512

  • EPSS 0.04%
  • Veröffentlicht 21.06.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 05:42:50

In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...

5.5

CVE-2021-34693

Exploit
  • EPSS 0.05%
  • Veröffentlicht 14.06.2021 22:15:20
  • Zuletzt bearbeitet 21.11.2024 06:10:57

net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.

5.7

CVE-2021-0129

  • EPSS 0.15%
  • Veröffentlicht 09.06.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:42:01

Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.

5.5

CVE-2021-3564

Exploit
  • EPSS 0.03%
  • Veröffentlicht 08.06.2021 12:15:11
  • Zuletzt bearbeitet 21.11.2024 06:21:51

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux ke...

7.1

CVE-2020-36386

Exploit
  • EPSS 0.22%
  • Veröffentlicht 07.06.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:23

An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf.

7.8

CVE-2020-36385

  • EPSS 0.06%
  • Veröffentlicht 07.06.2021 12:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:22

An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.

3.3

CVE-2021-20239

  • EPSS 0.08%
  • Veröffentlicht 28.05.2021 11:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:11

A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentialit...

7.2

CVE-2021-20292

  • EPSS 0.11%
  • Veröffentlicht 28.05.2021 11:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:17

There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to per...