Canonical

Ubuntu Linux

4106 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2017-17813

Exploit
  • EPSS 0.18%
  • Veröffentlicht 21.12.2017 03:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in the pp_list_one_macro function in asm/preproc.c that will cause a remote denial of service attack, related to mishandling of line-syntax errors.

5.5

CVE-2017-17814

Exploit
  • EPSS 0.18%
  • Veröffentlicht 21.12.2017 03:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in do_directive in asm/preproc.c that will cause a remote denial of service attack.

5.5

CVE-2017-17815

Exploit
  • EPSS 0.2%
  • Veröffentlicht 21.12.2017 03:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in is_mmacro() in asm/preproc.c that will cause a remote denial of service attack, because of a missing check for the relationship between minimum and maximum parameter counts.

5.5

CVE-2017-17816

Exploit
  • EPSS 0.18%
  • Veröffentlicht 21.12.2017 03:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_getline in asm/preproc.c that will cause a remote denial of service attack.

5.5

CVE-2017-17817

Exploit
  • EPSS 0.18%
  • Veröffentlicht 21.12.2017 03:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_verror in asm/preproc.c that will cause a remote denial of service attack.

7.5

CVE-2017-17818

Exploit
  • EPSS 0.68%
  • Veröffentlicht 21.12.2017 03:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Netwide Assembler (NASM) 2.14rc0, there is a heap-based buffer over-read that will cause a remote denial of service attack, related to a while loop in paste_tokens in asm/preproc.c.

5.5

CVE-2017-17819

Exploit
  • EPSS 0.2%
  • Veröffentlicht 21.12.2017 03:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Netwide Assembler (NASM) 2.14rc0, there is an illegal address access in the function find_cc() in asm/preproc.c that will cause a remote denial of service attack, because pointers associated with skip_white_ calls are not validated.

5.5

CVE-2017-17820

Exploit
  • EPSS 0.18%
  • Veröffentlicht 21.12.2017 03:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

In Netwide Assembler (NASM) 2.14rc0, there is a use-after-free in pp_list_one_macro in asm/preproc.c that will lead to a remote denial of service attack, related to mishandling of operand-type errors.

7.8

CVE-2017-17805

  • EPSS 0.02%
  • Veröffentlicht 20.12.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The Salsa20 encryption algorithm in the Linux kernel before 4.14.8 does not correctly handle zero-length inputs, allowing a local attacker able to use the AF_ALG-based skcipher interface (CONFIG_CRYPTO_USER_API_SKCIPHER) to cause a denial of service ...

7.8

CVE-2017-17806

  • EPSS 0.03%
  • Veröffentlicht 20.12.2017 23:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The HMAC implementation (crypto/hmac.c) in the Linux kernel before 4.14.8 does not validate that the underlying cryptographic hash algorithm is unkeyed, allowing a local attacker able to use the AF_ALG-based hash interface (CONFIG_CRYPTO_USER_API_HAS...