Canonical

Ubuntu Linux

4108 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2026-31431

Warnung Medienbericht Exploit
  • EPSS 2.57%
  • Veröffentlicht 22.04.2026 08:15:10
  • Zuletzt bearbeitet 12.05.2026 16:15:00

In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-pl...

7.1

CVE-2025-13350

  • EPSS 0.01%
  • Veröffentlicht 05.03.2026 18:56:03
  • Zuletzt bearbeitet 09.03.2026 13:36:08

Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage collector but backports upstream commit 8594d9b85c07 ("af_unix: Don’t call skb_get() for OOB skb"). When orphaned MSG_OOB sockets hit unix_gc(), the garbage collector still calls kfree_skb() as i...

7.8

CVE-2025-32463

Warnung Medienbericht Exploit
  • EPSS 57.35%
  • Veröffentlicht 30.06.2025 00:00:00
  • Zuletzt bearbeitet 05.11.2025 19:26:48

Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.

4.7

CVE-2025-5054

Exploit
  • EPSS 0.03%
  • Veröffentlicht 30.05.2025 17:37:01
  • Zuletzt bearbeitet 03.11.2025 20:19:15

Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function `_check_global_pid_and_forward`, which detects if the ...

4.9

CVE-2023-5616

Exploit
  • EPSS 0.04%
  • Veröffentlicht 15.04.2025 18:29:54
  • Zuletzt bearbeitet 26.08.2025 16:34:27

In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system was configured to use systemd socket activation for openssh-server. This could unknowingly leave the local machine exposed to remote SSH access contrary ...

5.5

CVE-2022-1804

  • EPSS 0.07%
  • Veröffentlicht 25.03.2025 12:28:08
  • Zuletzt bearbeitet 26.08.2025 17:13:47

accountsservice no longer drops permissions when writting .pam_environment

8.8

CVE-2025-0927

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 23.03.2025 15:00:47
  • Zuletzt bearbeitet 08.04.2025 08:15:14

Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. Filesystem bugs due to corrupt images are not considered a CVE for any filesystem that is only mountable by CAP_SYS_ADMIN in the initial user namespace. That ...

5.9

CVE-2025-26466

Medienbericht
  • EPSS 62.37%
  • Veröffentlicht 28.02.2025 22:15:40
  • Zuletzt bearbeitet 10.02.2026 18:16:14

A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious cli...

9.8

CVE-2022-1736

  • EPSS 0.54%
  • Veröffentlicht 31.01.2025 02:15:28
  • Zuletzt bearbeitet 26.08.2025 17:49:07

Ubuntu's configuration of gnome-control-center allowed Remote Desktop Sharing to be enabled by default.

8.1

CVE-2024-6387

Medienbericht Exploit
  • EPSS 48.42%
  • Veröffentlicht 01.07.2024 13:15:06
  • Zuletzt bearbeitet 12.05.2026 12:17:20

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to aut...