Canonical

Ubuntu Linux

4106 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2021-32554

  • EPSS 0.06%
  • Published 12.06.2021 04:15:12
  • Last modified 21.11.2024 06:07:15

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.

5.5

CVE-2021-32555

  • EPSS 0.06%
  • Published 12.06.2021 04:15:12
  • Last modified 21.11.2024 06:07:15

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users.

5.5

CVE-2021-32548

  • EPSS 0.06%
  • Published 12.06.2021 04:15:11
  • Last modified 21.11.2024 06:07:14

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users.

5.5

CVE-2021-32549

  • EPSS 0.06%
  • Published 12.06.2021 04:15:11
  • Last modified 21.11.2024 06:07:14

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users.

5.5

CVE-2021-32550

  • EPSS 0.06%
  • Published 12.06.2021 04:15:11
  • Last modified 21.11.2024 06:07:15

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users.

5.5

CVE-2021-32551

  • EPSS 0.06%
  • Published 12.06.2021 04:15:11
  • Last modified 21.11.2024 06:07:15

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users.

5.5

CVE-2021-32547

  • EPSS 0.06%
  • Published 12.06.2021 04:15:10
  • Last modified 21.11.2024 06:07:14

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users.

7.8

CVE-2021-3489

  • EPSS 0.08%
  • Published 04.06.2021 02:15:07
  • Last modified 21.11.2024 06:21:39

The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code executio...

7.8

CVE-2021-3490

Exploit
  • EPSS 3.46%
  • Published 04.06.2021 02:15:07
  • Last modified 21.11.2024 06:21:39

The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This is...

8.8

CVE-2021-3491

  • EPSS 0.01%
  • Published 04.06.2021 02:15:07
  • Last modified 21.11.2024 06:21:40

The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/mem. This could be used to create a heap overflow lea...