Canonical

Ubuntu 26.04 LTS

1029 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS -
  • Veröffentlicht 16.07.2026 12:17:01
  • Zuletzt bearbeitet 16.07.2026 14:16:48

An insecure symlink following vulnerability exists in Canonical ubuntu-pro-client (formerly ubuntu-advantage-tools) within the pro collect-logs command framework. The utility creates or utilizes predictable temporary file paths or user-accessible log...

  • EPSS -
  • Veröffentlicht 16.07.2026 12:16:02
  • Zuletzt bearbeitet 16.07.2026 14:16:48

An input validation and injection vulnerability exists in Canonical ubuntu-pro-client (formerly ubuntu-advantage-tools). The client constructs APT source files (such as /etc/apt/sources.list.d/ubuntu-.list or their DEB822 equivalents) using data rece...

  • EPSS -
  • Veröffentlicht 16.07.2026 12:12:27
  • Zuletzt bearbeitet 16.07.2026 16:19:16

An information disclosure vulnerability exists in Canonical ubuntu-pro-client (formerly ubuntu-advantage-tools). The client validates Ubuntu Pro APT credentials by executing /usr/lib/apt/apt-helper using the download-file command. During this process...

  • EPSS 0.19%
  • Veröffentlicht 16.07.2026 05:13:40
  • Zuletzt bearbeitet 16.07.2026 17:16:18

In the Linux kernel, the following vulnerability has been resolved: ipv4: account for fraggap on the paged allocation path In __ip_append_data(), when the paged-allocation branch is taken, alloclen and pagedlen are computed as alloclen = fraghead...

  • EPSS 0.16%
  • Veröffentlicht 13.07.2026 17:33:52
  • Zuletzt bearbeitet 14.07.2026 15:26:52

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_conn: Fix memory leak in hci_le_big_terminate() hci_le_big_terminate() allocates iso_list_data via kzalloc_obj but returns 0 without freeing it when neither pa_sync_...

  • EPSS 0.16%
  • Veröffentlicht 13.07.2026 17:33:52
  • Zuletzt bearbeitet 14.07.2026 15:26:52

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix zerocopy completion for multi-skb sends When a large message is fragmented into multiple skbs, the zerocopy uarg is only allocated and attached to the last skb in...

  • EPSS 0.11%
  • Veröffentlicht 10.07.2026 12:17:22
  • Zuletzt bearbeitet 14.07.2026 15:26:52

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: preserve shared-frag marker in iptfs_consume_frags() iptfs_consume_frags() transfers paged fragments from one socket buffer to another but fails to propagate the SKBFL...

  • EPSS 0.17%
  • Veröffentlicht 04.07.2026 12:17:02
  • Zuletzt bearbeitet 14.07.2026 15:26:52

In the Linux kernel, the following vulnerability has been resolved: af_unix: Set gc_in_progress to true in unix_gc(). Igor Ushakov reported that unix_gc() could run with gc_in_progress being false if the work is scheduled while running: Thread 1...

  • EPSS 0.18%
  • Veröffentlicht 04.07.2026 12:17:02
  • Zuletzt bearbeitet 14.07.2026 15:26:52

In the Linux kernel, the following vulnerability has been resolved: ipv6: account for fraggap on the paged allocation path In __ip6_append_data(), when the paged-allocation branch is taken (MSG_MORE / NETIF_F_SG / large fraglen), alloclen and paged...

Medienbericht Exploit
  • EPSS 0.18%
  • Veröffentlicht 04.07.2026 12:17:01
  • Zuletzt bearbeitet 14.07.2026 15:26:52

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected role Commit 0cb2af2ea66ad ("KVM: x86: Fix shadow paging use-after-free due to unexpected GFN") fixed a shadow paging mi...