Canonical

Ubuntu 26.04 LTS

192 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
0

CVE-2026-43491

  • EPSS 0.02%
  • Veröffentlicht 19.05.2026 10:44:23
  • Zuletzt bearbeitet 19.05.2026 12:16:18

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum server registration per node Current code does no bound checking on the number of servers added per node. A malicious client can flood NEW_SERVER m...

7.1

CVE-2026-46333

Medienbericht
  • EPSS 0.01%
  • Veröffentlicht 15.05.2026 12:58:44
  • Zuletzt bearbeitet 21.05.2026 14:16:48

In the Linux kernel, the following vulnerability has been resolved: ptrace: slightly saner 'get_dumpable()' logic The 'dumpability' of a task is fundamentally about the memory image of the task - the concept comes from whether it can core dump or n...

8.8

CVE-2026-43490

  • EPSS 0.03%
  • Veröffentlicht 15.05.2026 05:15:37
  • Zuletzt bearbeitet 20.05.2026 17:16:23

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate inherited ACE SID length smb_inherit_dacl() walks the parent directory DACL loaded from the security descriptor xattr. It verifies that each ACE contains the fixed ...

7.8

CVE-2026-43500 (Dirty Frag II)

Medienbericht
  • EPSS 40.27%
  • Veröffentlicht 11.05.2026 08:16:16
  • Zuletzt bearbeitet 17.05.2026 16:16:16

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Also unshare DATA/RESPONSE packets when paged frags are present The DATA-packet handler in rxrpc_input_call_event() and the RESPONSE handler in rxrpc_verify_response() copy ...

7.6

CVE-2026-43350

  • EPSS 0.04%
  • Veröffentlicht 08.05.2026 13:41:53
  • Zuletzt bearbeitet 01.06.2026 17:17:05

In the Linux kernel, the following vulnerability has been resolved: smb: client: require a full NFS mode SID before reading mode bits parse_dacl() treats an ACE SID matching sid_unix_NFS_mode as an NFS mode SID and reads sid.sub_auth[2] to recover ...

5.5

CVE-2026-43349

  • EPSS 0.01%
  • Veröffentlicht 08.05.2026 13:41:52
  • Zuletzt bearbeitet 15.05.2026 19:09:19

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid uninit-value access in f2fs_sanity_check_node_footer syzbot reported a f2fs bug as below: BUG: KMSAN: uninit-value in f2fs_sanity_check_node_footer+0x374/0xa20 ...

5.5

CVE-2026-43348

  • EPSS 0.01%
  • Veröffentlicht 08.05.2026 13:41:51
  • Zuletzt bearbeitet 15.05.2026 19:27:15

In the Linux kernel, the following vulnerability has been resolved: mshv_vtl: Fix vmemmap_shift exceeding MAX_FOLIO_ORDER When registering VTL0 memory via MSHV_ADD_VTL0_MEMORY, the kernel computes pgmap->vmemmap_shift as the number of trailing zero...

8.8

CVE-2026-43284 (Dirty Frag I)

Warnung Medienbericht Exploit
  • EPSS 38.45%
  • Veröffentlicht 08.05.2026 07:21:47
  • Zuletzt bearbeitet 26.05.2026 18:16:49

In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP marks such skbs with SKBFL_SHARED_FRAG after skb_splice_...

9.1

CVE-2026-43071

  • EPSS 0.07%
  • Veröffentlicht 05.05.2026 16:16:16
  • Zuletzt bearbeitet 01.06.2026 17:17:01

In the Linux kernel, the following vulnerability has been resolved: dcache: Limit the minimal number of bucket to two There is an OOB read problem on dentry_hashtable when user sets 'dhash_entries=1': BUG: unable to handle page fault for address:...

5.5

CVE-2026-43072

  • EPSS 0.01%
  • Veröffentlicht 05.05.2026 16:16:16
  • Zuletzt bearbeitet 01.06.2026 17:17:01

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: platform_get_irq_byname() returns an int platform_get_irq_byname() will return a negative value if an error happens, so it should be checked and not just passed directly i...