Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 3.03%
  • Veröffentlicht 17.11.2017 20:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

hw/input/ps2.c in Qemu does not validate 'rptr' and 'count' values during guest migration, leading to out-of-bounds access.

  • EPSS 0.39%
  • Veröffentlicht 15.11.2017 21:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The tower_probe function in drivers/usb/misc/legousbtower.c in the Linux kernel before 4.8.1 allows local users (who are physically proximate for inserting a crafted USB device) to gain privileges by leveraging a write-what-where condition that occur...

  • EPSS 0.47%
  • Veröffentlicht 15.11.2017 21:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possi...

Exploit
  • EPSS 26.37%
  • Veröffentlicht 07.11.2017 21:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the in...

  • EPSS 0.44%
  • Veröffentlicht 06.11.2017 17:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

sosreport in SoS 3.x allows local users to obtain sensitive information from sosreport files or gain privileges via a symlink attack on an archive file in a temporary directory, as demonstrated by sosreport-$hostname-$date.tar in /tmp/sosreport-$host...

  • EPSS 5.16%
  • Veröffentlicht 06.11.2017 05:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The receive_xattr function in xattrs.c in rsync 3.1.2 and 3.1.3-development does not check for a trailing '\0' character in an xattr name, which allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash) ...

  • EPSS 2.2%
  • Veröffentlicht 05.11.2017 22:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The ReadWPGImage function in coders/wpg.c in ImageMagick 7.0.7-9 does not properly validate the colormap index in a WPG palette, which allows remote attackers to cause a denial of service (use of uninitialized data or invalid memory allocation) or po...

  • EPSS 0.4%
  • Veröffentlicht 04.11.2017 01:29:37
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The get_endpoints function in drivers/usb/misc/usbtest.c in the Linux kernel through 4.13.11 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a crafted USB devic...

  • EPSS 0.38%
  • Veröffentlicht 04.11.2017 01:29:37
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The usbhid_parse function in drivers/hid/usbhid/hid-core.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (out-of-bounds read and system crash) or possibly have unspecified other impact via a crafted USB device.

  • EPSS 0.39%
  • Veröffentlicht 04.11.2017 01:29:36
  • Zuletzt bearbeitet 13.05.2026 00:24:29

The usb_serial_console_disconnect function in drivers/usb/serial/console.c in the Linux kernel before 4.13.8 allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted USB...