Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.38%
  • Veröffentlicht 23.07.2014 14:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The web interface in CUPS before 1.7.4 allows local users in the lp group to read arbitrary files via a symlink attack on a file in /var/cache/cups/rss/.

  • EPSS 1.66%
  • Veröffentlicht 11.07.2014 14:55:04
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The L3-agent in OpenStack Neutron before 2013.2.4, 2014.x before 2014.1.2, and Juno before Juno-2 allows remote authenticated users to cause a denial of service (IPv4 address attachment outage) by attaching an IPv6 private subnet to a L3 router.

Exploit
  • EPSS 2.32%
  • Veröffentlicht 09.07.2014 11:07:03
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The Linux kernel before 3.15.4 on Intel processors does not properly restrict use of a non-canonical value for the saved RIP address in the case of a system call that does not use IRET, which allows local users to leverage a race condition and gain p...

  • EPSS 3.92%
  • Veröffentlicht 03.07.2014 17:55:05
  • Zuletzt bearbeitet 06.05.2026 22:30:45

LibreOffice 4.2.4 executes unspecified VBA macros automatically, which has unspecified impact and attack vectors, possibly related to doc/docmacromode.cxx.

  • EPSS 5.93%
  • Veröffentlicht 03.07.2014 04:22:16
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The sctp_association_free function in net/sctp/associola.c in the Linux kernel before 3.15.2 does not properly manage a certain backlog value, which allows remote attackers to cause a denial of service (socket outage) via a crafted SCTP packet.

  • EPSS 5.42%
  • Veröffentlicht 03.07.2014 04:22:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Multiple integer overflows in the lzo1x_decompress_safe function in lib/lzo/lzo1x_decompress_safe.c in the LZO decompressor in the Linux kernel before 3.15.2 allow context-dependent attackers to cause a denial of service (memory corruption) via a cra...

  • EPSS 0.34%
  • Veröffentlicht 03.07.2014 04:22:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

Race condition in the tlv handler functionality in the snd_ctl_elem_user_tlv function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 allows local users to obtain sensitive information from kernel memory b...

  • EPSS 0.5%
  • Veröffentlicht 03.07.2014 04:22:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from ke...

  • EPSS 0.5%
  • Veröffentlicht 03.07.2014 04:22:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not check authorization for SNDRV_CTL_IOCTL_ELEM_REPLACE commands, which allows local users to remove kernel controls and ...

  • EPSS 0.49%
  • Veröffentlicht 03.07.2014 04:22:15
  • Zuletzt bearbeitet 06.05.2026 22:30:45

The snd_ctl_elem_add function in sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not properly maintain the user_ctl_count value, which allows local users to cause a denial of service (integer overflow an...