Canonical

Ubuntu 20.04 LTS

3473 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.1

CVE-2020-25656

Exploit
  • EPSS 0.02%
  • Veröffentlicht 02.12.2020 01:15:12
  • Zuletzt bearbeitet 21.11.2024 05:18:22

A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnera...

5.5

CVE-2020-25704

  • EPSS 0.03%
  • Veröffentlicht 02.12.2020 01:15:12
  • Zuletzt bearbeitet 21.11.2024 05:18:31

A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.

7

CVE-2020-29368

Exploit
  • EPSS 0.1%
  • Veröffentlicht 28.11.2020 07:15:11
  • Zuletzt bearbeitet 21.11.2024 05:23:55

An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.

7

CVE-2020-29369

Exploit
  • EPSS 0.08%
  • Veröffentlicht 28.11.2020 07:15:11
  • Zuletzt bearbeitet 21.11.2024 05:23:55

An issue was discovered in mm/mmap.c in the Linux kernel before 5.7.11. There is a race condition between certain expand functions (expand_downwards and expand_upwards) and page-table free operations from an munmap call, aka CID-246c320a8cfe.

3.3

CVE-2020-29371

Exploit
  • EPSS 0.05%
  • Veröffentlicht 28.11.2020 07:15:11
  • Zuletzt bearbeitet 21.11.2024 05:23:56

An issue was discovered in romfs_dev_read in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd.

3.6

CVE-2020-29374

Exploit
  • EPSS 0.02%
  • Veröffentlicht 28.11.2020 07:15:11
  • Zuletzt bearbeitet 21.11.2024 05:23:56

An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and there...

7.2

CVE-2020-15436

Exploit
  • EPSS 0.15%
  • Veröffentlicht 23.11.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:05:33

Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.

4.9

CVE-2020-15437

Exploit
  • EPSS 0.04%
  • Veröffentlicht 23.11.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:05:33

The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitiali...

8.8

CVE-2020-12351

Exploit
  • EPSS 2.87%
  • Veröffentlicht 23.11.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 04:59:33

Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

6.5

CVE-2020-12352

Exploit
  • EPSS 2.39%
  • Veröffentlicht 23.11.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 04:59:33

Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.