Canonical

Ubuntu 26.04 LTS

1029 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.09%
  • Veröffentlicht 24.06.2026 16:28:40
  • Zuletzt bearbeitet 14.07.2026 16:28:18

In the Linux kernel, the following vulnerability has been resolved: virt: sev-guest: Do not use host-controlled page order in cleanup path When issuing an extended guest request (SVM_VMGEXIT_EXT_GUEST_REQUEST), get_ext_report() allocates a buffer t...

  • EPSS 0.53%
  • Veröffentlicht 24.06.2026 16:28:39
  • Zuletzt bearbeitet 14.07.2026 16:42:07

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential null-ptr-deref in decode_choose_args() A message of type CEPH_MSG_OSD_MAP contains an OSD map that itself contains a CRUSH map. When decoding this CRUSH map ...

  • EPSS 0.54%
  • Veröffentlicht 24.06.2026 16:28:39
  • Zuletzt bearbeitet 14.07.2026 16:39:34

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in osdmap_decode() When decoding osd_state and osd_weight from an incoming osdmap in osdmap_decode(), both are decoded for each osd, i.e...

  • EPSS 0.36%
  • Veröffentlicht 24.06.2026 16:28:38
  • Zuletzt bearbeitet 14.07.2026 16:43:00

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in __ceph_x_decrypt() In __ceph_x_decrypt(), a part of the buffer p is interpreted as a ceph_x_encrypt_header, and the magic field of th...

  • EPSS 0.39%
  • Veröffentlicht 24.06.2026 16:28:37
  • Zuletzt bearbeitet 15.07.2026 01:16:24

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in crush_decode() A message of type CEPH_MSG_OSD_MAP containing a crush map with at least one bucket has two fields holding the bucket a...

  • EPSS 0.13%
  • Veröffentlicht 24.06.2026 16:28:36
  • Zuletzt bearbeitet 14.07.2026 16:50:59

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix oops due to out of scope access Below oops triggers when kill QEMU process: Oops: general protection fault, probably for non-canonical address 0x7fffffff844eaaa7...

  • EPSS 0.53%
  • Veröffentlicht 24.06.2026 16:28:36
  • Zuletzt bearbeitet 14.07.2026 16:45:43

In the Linux kernel, the following vulnerability has been resolved: libceph: handle rbtree insertion error in decode_choose_args() A message of type CEPH_MSG_OSD_MAP contains an OSD map that itself contains a CRUSH map. The received CRUSH map may o...

  • EPSS 0.14%
  • Veröffentlicht 24.06.2026 16:28:35
  • Zuletzt bearbeitet 15.07.2026 01:16:24

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix WARN_ON in __iommu_group_set_domain_nofail() due to reset In __iommu_group_set_domain_internal(), concurrent domain attachments are rejected when any device in the group...

  • EPSS 0.14%
  • Veröffentlicht 24.06.2026 16:28:34
  • Zuletzt bearbeitet 15.07.2026 01:16:23

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: handle empty bo and UAF races There look to be some nasty races here when triggering the invalidate_mappings hook: 1) We do xe_bo_alloc() followed by the attach, b...

  • EPSS 0.14%
  • Veröffentlicht 24.06.2026 16:28:33
  • Zuletzt bearbeitet 15.07.2026 01:16:23

In the Linux kernel, the following vulnerability has been resolved: drm/xe/dma-buf: fix UAF with retry loop Retry doesn't work here, since bo will be freed on error, leading to UAF. However, now that we do the alloc & init before the attach, we can...