Canonical

Ubuntu 26.04 LTS

192 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.7

CVE-2019-20794

Exploit
  • EPSS 0.09%
  • Veröffentlicht 09.05.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 04:39:22

An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace compon...

7.2

CVE-2019-15794

  • EPSS 0.09%
  • Veröffentlicht 24.04.2020 00:15:11
  • Zuletzt bearbeitet 21.11.2024 04:29:28

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is ...

7.8

CVE-2019-20426

Exploit
  • EPSS 0.66%
  • Veröffentlicht 27.01.2020 05:15:11
  • Zuletzt bearbeitet 21.11.2024 04:38:26

In the Lustre file system before 2.12.3, the ptlrpc module has an out-of-bounds access and panic due to the lack of validation for specific fields of packets sent by a client. In the function ldlm_cancel_hpreq_check, there is no lock_count bounds che...

9.3

CVE-2019-19814

Exploit
  • EPSS 0.7%
  • Veröffentlicht 17.12.2019 06:15:12
  • Zuletzt bearbeitet 21.11.2024 04:35:26

In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.

7.4

CVE-2019-14899

  • EPSS 0.05%
  • Veröffentlicht 11.12.2019 15:15:14
  • Zuletzt bearbeitet 21.11.2024 04:27:38

A vulnerability was discovered in Linux, FreeBSD, OpenBSD, MacOS, iOS, and Android that allows a malicious access point, or an adjacent user, to determine if a connected user is using a VPN, make positive inferences about the websites they are visiti...

7.8

CVE-2019-19378

Exploit
  • EPSS 0.47%
  • Veröffentlicht 29.11.2019 17:15:11
  • Zuletzt bearbeitet 28.05.2026 19:16:34

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.

4.9

CVE-2019-15213

Exploit
  • EPSS 0.18%
  • Veröffentlicht 19.08.2019 22:15:11
  • Zuletzt bearbeitet 28.05.2026 19:16:30

An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.

4.9

CVE-2018-17977

  • EPSS 0.12%
  • Veröffentlicht 08.10.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:55:19

The Linux kernel 4.14.67 mishandles certain interaction among XFRM Netlink messages, IPPROTO_AH packets, and IPPROTO_IP packets, which allows local users to cause a denial of service (memory consumption and system hang) by leveraging root access to e...

5.5

CVE-2018-12928

  • EPSS 0.09%
  • Veröffentlicht 28.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:07

In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.

5.5

CVE-2018-12929

  • EPSS 0.12%
  • Veröffentlicht 28.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:08

ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem.