Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 9.52%
  • Veröffentlicht 07.12.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:55:41

Perl before 5.26.3 has a buffer over-read via a crafted regular expression that triggers disclosure of sensitive information from process memory.

Exploit
  • EPSS 6.06%
  • Veröffentlicht 07.12.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:55:41

Perl before 5.26.3 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

  • EPSS 1.61%
  • Veröffentlicht 07.12.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:49

An issue was discovered in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils through 2.31. There is a heap-based buffer overflow in bfd_elf32_swap_phdr_in in elfcode.h because the number of program headers is not r...

  • EPSS 0.72%
  • Veröffentlicht 06.12.2018 14:29:01
  • Zuletzt bearbeitet 21.11.2024 04:15:43

In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi...

Exploit
  • EPSS 12.09%
  • Veröffentlicht 05.12.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:55:40

Perl before 5.26.3 and 5.28.0 before 5.28.1 has a buffer overflow via a crafted regular expression that triggers invalid write operations.

  • EPSS 0.43%
  • Veröffentlicht 04.12.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:41

An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sens...

  • EPSS 2.3%
  • Veröffentlicht 04.12.2018 09:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:40

The function WavpackPackInit in pack_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (resource exhaustion caused by an infinite loop) via a crafted wav audio file because WavpackSetConfiguration64 mishan...

Exploit
  • EPSS 2.54%
  • Veröffentlicht 04.12.2018 09:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:40

The function WavpackVerifySingleBlock in open_utils.c in libwavpack.a in WavPack through 5.1.0 allows attackers to cause a denial-of-service (out-of-bounds read and application crash) via a crafted WavPack Lossless Audio file, as demonstrated by wvun...

  • EPSS 0.56%
  • Veröffentlicht 03.12.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:37

In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.

Exploit
  • EPSS 11.48%
  • Veröffentlicht 03.12.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:33

A flaw was found in PolicyKit (aka polkit) 0.115 that allows a user with a uid greater than INT_MAX to successfully execute any systemctl command.