Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.4%
  • Veröffentlicht 13.12.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:00

v9fs_wstat in hw/9pfs/9p.c in QEMU allows guest OS users to cause a denial of service (crash) because of a race condition during file renaming.

  • EPSS 4.35%
  • Veröffentlicht 12.12.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:52

An out-of-bounds read in dns_validate_dns_response in dns.c was discovered in HAProxy through 1.8.14. Due to a missing check when validating DNS responses, remote attackers might be able read the 16 bytes corresponding to an AAAA record from the non-...

  • EPSS 6.59%
  • Veröffentlicht 12.12.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:00:53

An issue was discovered in dns.c in HAProxy through 1.8.14. In the case of a compressed pointer, a crafted packet can trigger infinite recursion by making the pointer point to itself, or create a long chain of valid pointers resulting in stack exhaus...

  • EPSS 0.42%
  • Veröffentlicht 12.12.2018 13:29:02
  • Zuletzt bearbeitet 21.11.2024 03:53:29

A flaw was found in qemu Media Transfer Protocol (MTP) before version 3.1.0. A path traversal in the in usb_mtp_write_data function in hw/usb/dev-mtp.c due to an improper filename sanitization. When the guest device is mounted in read-write mode, thi...

Exploit
  • EPSS 0.51%
  • Veröffentlicht 12.12.2018 10:29:00
  • Zuletzt bearbeitet 21.11.2024 03:55:52

The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that fil...

  • EPSS 3.13%
  • Veröffentlicht 11.12.2018 16:29:01
  • Zuletzt bearbeitet 21.11.2024 03:55:46

An integer overflow in path handling lead to a use after free in Skia in Google Chrome prior to 71.0.3578.80 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

  • EPSS 0.26%
  • Veröffentlicht 07.12.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:15:37

In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploi...

  • EPSS 2.1%
  • Veröffentlicht 07.12.2018 22:29:01
  • Zuletzt bearbeitet 21.11.2024 04:09:27

An error within the "rollei_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash.

  • EPSS 1.8%
  • Veröffentlicht 07.12.2018 22:29:01
  • Zuletzt bearbeitet 21.11.2024 04:09:27

An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash.

  • EPSS 1.79%
  • Veröffentlicht 07.12.2018 22:29:01
  • Zuletzt bearbeitet 21.11.2024 04:09:27

An error within the "nikon_coolscan_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.9 can be exploited to trigger a NULL pointer dereference.