Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 4.18%
  • Veröffentlicht 23.05.2016 10:59:10
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The x25_negotiate_facilities function in net/x25/x25_facilities.c in the Linux kernel before 4.5.5 does not properly initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory via an X.25 Call...

Exploit
  • EPSS 1.2%
  • Veröffentlicht 23.05.2016 10:59:09
  • Zuletzt bearbeitet 06.05.2026 22:30:45

sound/core/timer.c in the Linux kernel through 4.6 does not initialize certain r1 data structures, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer interface, related to the (1) snd_t...

  • EPSS 0.84%
  • Veröffentlicht 23.05.2016 10:59:08
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The snd_timer_user_params function in sound/core/timer.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via crafted use of the ALSA timer...

  • EPSS 0.48%
  • Veröffentlicht 23.05.2016 10:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The InfiniBand (aka IB) stack in the Linux kernel before 4.5.3 incorrectly relies on the write system call, which allows local users to cause a denial of service (kernel memory write operation) or possibly have unspecified other impact via a uAPI int...

  • EPSS 0.87%
  • Veröffentlicht 23.05.2016 10:59:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The BPF subsystem in the Linux kernel before 4.5.5 mishandles reference counts, which allows local users to cause a denial of service (use-after-free) or possibly have unspecified other impact via a crafted application on (1) a system with more than ...

  • EPSS 1.71%
  • Veröffentlicht 23.05.2016 10:59:02
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The rtnl_fill_link_ifmap function in net/core/rtnetlink.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory by reading a Netlink message.

  • EPSS 4.67%
  • Veröffentlicht 23.05.2016 10:59:01
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The llc_cmsg_rcv function in net/llc/af_llc.c in the Linux kernel before 4.5.5 does not initialize a certain data structure, which allows attackers to obtain sensitive information from kernel stack memory by reading a message.

  • EPSS 0.55%
  • Veröffentlicht 23.05.2016 10:59:00
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The proc_connectinfo function in drivers/usb/core/devio.c in the Linux kernel through 4.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted USBDEVFS_CONNECTIN...

  • EPSS 4.35%
  • Veröffentlicht 22.05.2016 01:59:06
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The openssl_random_pseudo_bytes function in ext/openssl/openssl.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 incorrectly relies on the deprecated RAND_pseudo_bytes function, which makes it easier for remote attackers to defeat...

Exploit
  • EPSS 4.03%
  • Veröffentlicht 22.05.2016 01:59:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when PHP-FPM is used, does not isolate each thread from libxml_disable_entity_loader changes in other threads, which allows remote attackers to conduct XML External Entity (XXE) and XML...