Canonical

Ubuntu 20.04 LTS

3474 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.37%
  • Veröffentlicht 15.09.2020 23:15:12
  • Zuletzt bearbeitet 21.11.2024 04:56:01

A flaw was found in the Linux kernel before 5.8-rc1 in the implementation of the Enhanced IBPB (Indirect Branch Prediction Barrier). The IBPB mitigation will be disabled when STIBP is not available or when the Enhanced Indirect Branch Restricted Spec...

  • EPSS 0.42%
  • Veröffentlicht 15.09.2020 22:15:13
  • Zuletzt bearbeitet 21.11.2024 05:03:08

A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, o...

  • EPSS 0.36%
  • Veröffentlicht 15.09.2020 20:15:13
  • Zuletzt bearbeitet 21.11.2024 05:02:59

A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The high...

  • EPSS 0.31%
  • Veröffentlicht 13.09.2020 18:15:09
  • Zuletzt bearbeitet 21.11.2024 05:17:51

The rbd block device driver in drivers/block/rbd.c in the Linux kernel through 5.8.9 used incomplete permission checking for access to rbd devices, which could be leveraged by local attackers to map or unmap rbd block devices, aka CID-f44d04e696fe.

  • EPSS 0.27%
  • Veröffentlicht 13.09.2020 18:15:09
  • Zuletzt bearbeitet 21.11.2024 05:17:51

A race condition between hugetlb sysctl handlers in mm/hugetlb.c in the Linux kernel before 5.8.8 could be used by local attackers to corrupt memory, cause a NULL pointer dereference, or possibly have unspecified other impact, aka CID-17743798d812.

Exploit
  • EPSS 0.57%
  • Veröffentlicht 09.09.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:17:39

In the Linux kernel through 5.8.7, local attackers able to inject conntrack netlink configuration could overflow a local buffer, causing crashes or triggering use of incorrect protocol numbers in ctnetlink_parse_tuple_filter in net/netfilter/nf_connt...

  • EPSS 0.28%
  • Veröffentlicht 09.09.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 05:17:39

A TOCTOU mismatch in the NFS client code in the Linux kernel before 5.8.3 could be used by local attackers to corrupt memory or possibly have unspecified other impact because a size check is in fs/nfs/nfs4proc.c instead of fs/nfs/nfs4xdr.c, aka CID-b...

  • EPSS 0.34%
  • Veröffentlicht 08.09.2020 10:15:16
  • Zuletzt bearbeitet 21.11.2024 05:31:36

u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon A...

  • EPSS 0.36%
  • Veröffentlicht 19.08.2020 13:15:10
  • Zuletzt bearbeitet 21.11.2024 05:14:44

In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered.

  • EPSS 0.24%
  • Veröffentlicht 14.08.2020 20:15:12
  • Zuletzt bearbeitet 07.11.2023 03:13:52

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-10751. Reason: This candidate is a duplicate of CVE-2020-10751. Notes: All CVE users should reference CVE-2020-10751 instead of this candidate. All references and descriptions in...