Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Warnung Exploit
  • EPSS 11.22%
  • Veröffentlicht 06.12.2010 20:13:00
  • Zuletzt bearbeitet 16.06.2026 23:23:47

The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privile...

Exploit
  • EPSS 0.91%
  • Veröffentlicht 30.11.2010 21:38:23
  • Zuletzt bearbeitet 16.06.2026 23:23:41

The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWSDOWN is used, does not properly restrict the stack memory consumption of the (1) arguments and (2) environment for a 32-bit application on a 64-bit pl...

  • EPSS 0.38%
  • Veröffentlicht 29.11.2010 16:00:02
  • Zuletzt bearbeitet 16.06.2026 23:24:04

The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmct...

  • EPSS 2.02%
  • Veröffentlicht 26.11.2010 20:00:02
  • Zuletzt bearbeitet 16.06.2026 23:23:22

The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not properly validate the hmac_ids array of an SCTP peer, which allows remote attackers to cause a denial of service (memory corruption and panic) via a cr...

  • EPSS 0.48%
  • Veröffentlicht 26.11.2010 19:00:06
  • Zuletzt bearbeitet 16.06.2026 23:21:50

drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.36 does not properly validate pointers to blocks of memory, which allows l...

Exploit
  • EPSS 0.82%
  • Veröffentlicht 26.11.2010 19:00:06
  • Zuletzt bearbeitet 16.06.2026 23:21:50

drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kernel before 2.6.36 on 64-bit platforms does not validate the destination of a memory copy operation, which allows local users to write to arbitrary kerne...

  • EPSS 5.54%
  • Veröffentlicht 22.11.2010 13:00:02
  • Zuletzt bearbeitet 16.06.2026 23:22:45

The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial of service (panic) via a certain sequence of SCTP ...

Exploit
  • EPSS 3.13%
  • Veröffentlicht 17.11.2010 01:00:02
  • Zuletzt bearbeitet 16.06.2026 23:23:58

libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, and other products, reads from invalid memory locations during processing of malformed XPath expressions, which allows context-dependent attackers to ca...

Exploit
  • EPSS 11.28%
  • Veröffentlicht 12.11.2010 21:00:02
  • Zuletzt bearbeitet 16.06.2026 23:23:43

The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protec...

  • EPSS 6.32%
  • Veröffentlicht 09.11.2010 01:00:02
  • Zuletzt bearbeitet 16.06.2026 23:22:46

fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename.