CVE-2026-47327
- EPSS 0.09%
- Veröffentlicht 28.05.2026 18:27:20
- Zuletzt bearbeitet 09.06.2026 14:27:03
Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.
CVE-2026-47326
- EPSS 0.09%
- Veröffentlicht 28.05.2026 18:26:58
- Zuletzt bearbeitet 09.06.2026 14:23:39
Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.
- EPSS 96.27%
- Veröffentlicht 22.04.2026 08:15:10
- Zuletzt bearbeitet 01.07.2026 17:30:58
In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-pl...
CVE-2026-3888
- EPSS 0.38%
- Veröffentlicht 17.03.2026 14:16:17
- Zuletzt bearbeitet 04.06.2026 14:43:01
Local privilege escalation in snapd on Linux allows local attackers to get root privilege by re-creating snap's private /tmp directory when systemd-tmpfiles is configured to automatically clean up this directory. This issue affects Ubuntu 16.04 LTS, ...
CVE-2026-3497
- EPSS 2.18%
- Veröffentlicht 12.03.2026 18:27:44
- Zuletzt bearbeitet 30.06.2026 03:19:13
Vulnerability in the OpenSSH GSSAPI delta included in various Linux distributions. This vulnerability affects the GSSAPI patches added by various Linux distributions and does not affect the OpenSSH upstream project itself. The usage of sshpkt_disconn...
CVE-2025-13350
- EPSS 0.15%
- Veröffentlicht 05.03.2026 18:56:03
- Zuletzt bearbeitet 09.03.2026 13:36:08
Ubuntu Linux 6.8 GA retains the legacy AF_UNIX garbage collector but backports upstream commit 8594d9b85c07 ("af_unix: Don’t call skb_get() for OOB skb"). When orphaned MSG_OOB sockets hit unix_gc(), the garbage collector still calls kfree_skb() as i...
CVE-2025-32463
- EPSS 47.47%
- Veröffentlicht 30.06.2025 00:00:00
- Zuletzt bearbeitet 05.11.2025 19:26:48
Sudo before 1.9.17p1 allows local users to obtain root access because /etc/nsswitch.conf from a user-controlled directory is used with the --chroot option.
CVE-2025-5054
- EPSS 0.67%
- Veröffentlicht 30.05.2025 17:37:01
- Zuletzt bearbeitet 03.11.2025 20:19:15
Race condition in Canonical apport up to and including 2.32.0 allows a local attacker to leak sensitive information via PID-reuse by leveraging namespaces. When handling a crash, the function `_check_global_pid_and_forward`, which detects if the ...
CVE-2023-5616
- EPSS 0.21%
- Veröffentlicht 15.04.2025 18:29:54
- Zuletzt bearbeitet 26.08.2025 16:34:27
In Ubuntu, gnome-control-center did not properly reflect SSH remote login status when the system was configured to use systemd socket activation for openssh-server. This could unknowingly leave the local machine exposed to remote SSH access contrary ...
CVE-2022-1804
- EPSS 0.14%
- Veröffentlicht 25.03.2025 12:28:08
- Zuletzt bearbeitet 26.08.2025 17:13:47
accountsservice no longer drops permissions when writting .pam_environment