Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.4%
  • Veröffentlicht 28.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:08

ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem.

  • EPSS 0.43%
  • Veröffentlicht 28.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:08

ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a ...

  • EPSS 0.43%
  • Veröffentlicht 28.06.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:08

ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs...

Exploit
  • EPSS 1.18%
  • Veröffentlicht 27.06.2018 11:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:04

In arch/x86/kvm/vmx.c in the Linux kernel before 4.17.2, when nested virtualization is used, local attackers could cause L1 KVM guests to VMEXIT, potentially allowing privilege escalations and denial of service attacks due to lack of checking of CPL.

Exploit
  • EPSS 25.18%
  • Veröffentlicht 26.06.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:03

Heap-based buffer overflow in the cpSeparateBufToContigBuf function in tiffcp.c in LibTIFF 3.9.3, 3.9.4, 3.9.5, 3.9.6, 3.9.7, 4.0.0beta7, 4.0.0alpha4, 4.0.0alpha5, 4.0.0alpha6, 4.0.0, 4.0.1, 4.0.2, 4.0.3, 4.0.4, 4.0.4beta, 4.0.5, 4.0.6, 4.0.7, 4.0.8 ...

  • EPSS 32.92%
  • Veröffentlicht 26.06.2018 16:29:01
  • Zuletzt bearbeitet 09.06.2025 16:15:28

BusyBox project BusyBox wget version prior to commit 8e2174e9bd836e53c8b9c6e00d1bc6e2a718686e contains a Buffer Overflow vulnerability in Busybox wget that can result in heap buffer overflow. This attack appear to be exploitable via network connectiv...

  • EPSS 1.91%
  • Veröffentlicht 26.06.2018 14:29:02
  • Zuletzt bearbeitet 21.11.2024 03:39:55

Linux Kernel version 3.18 to 4.16 incorrectly handles an SG_IO ioctl on /dev/sg0 with dxfer_direction=SG_DXFER_FROM_DEV and an empty 6-byte cmdp. This may lead to copying up to 1000 kernel heap pages to the userspace. This has been fixed upstream in ...

  • EPSS 6.8%
  • Veröffentlicht 26.06.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 03:46:02

exif_read_from_impl in ext/exif/exif.c in PHP 7.2.x through 7.2.7 allows attackers to trigger a use-after-free (in exif_read_from_file) because it closes a stream that it is not responsible for closing. The vulnerable code is reachable through the PH...

Exploit
  • EPSS 5.23%
  • Veröffentlicht 23.06.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:45:41

A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.

Exploit
  • EPSS 6.69%
  • Veröffentlicht 23.06.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:45:41

demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occ...