Canonical

Ubuntu 20.04 LTS

3473 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2020-28974

Exploit
  • EPSS 0.06%
  • Veröffentlicht 20.11.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:23:25

A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can ...

4.7

CVE-2020-4788

  • EPSS 0.2%
  • Veröffentlicht 20.11.2020 04:15:11
  • Zuletzt bearbeitet 21.11.2024 05:33:15

IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.

5.5

CVE-2020-28941

  • EPSS 0.06%
  • Veröffentlicht 19.11.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:23:20

An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an i...

6.1

CVE-2020-28915

  • EPSS 0.12%
  • Veröffentlicht 18.11.2020 08:15:12
  • Zuletzt bearbeitet 21.11.2024 05:23:17

A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.

7.4

CVE-2020-25705

  • EPSS 1.01%
  • Veröffentlicht 17.11.2020 02:15:13
  • Zuletzt bearbeitet 21.11.2024 05:18:31

A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization a...

5.5

CVE-2020-8694

  • EPSS 0.81%
  • Veröffentlicht 12.11.2020 18:15:16
  • Zuletzt bearbeitet 21.11.2024 05:39:15

Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5

CVE-2020-27673

  • EPSS 0.04%
  • Veröffentlicht 22.10.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:21:38

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.

4.7

CVE-2020-27675

  • EPSS 0.06%
  • Veröffentlicht 22.10.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:21:38

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL point...

7.8

CVE-2020-0423

  • EPSS 0.95%
  • Veröffentlicht 14.10.2020 14:15:17
  • Zuletzt bearbeitet 21.11.2024 04:53:29

In binder_release_work of binder.c, there is a possible use-after-free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploita...

7.5

CVE-2020-25645

Exploit
  • EPSS 0.39%
  • Veröffentlicht 13.10.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:18:19

A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two e...