Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 81.53%
  • Veröffentlicht 17.04.2009 14:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:41

udev before 1.4.1 does not verify whether a NETLINK message originates from kernel space, which allows local users to gain privileges by sending a NETLINK message from user space.

  • EPSS 0.54%
  • Veröffentlicht 17.04.2009 14:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:41

Buffer overflow in the util_path_encode function in udev/lib/libudev-util.c in udev before 1.4.1 allows local users to cause a denial of service (service outage) via vectors that trigger a call with crafted arguments.

  • EPSS 8.54%
  • Veröffentlicht 17.04.2009 00:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:10

Multiple integer overflows in FreeType 2.3.9 and earlier allow remote attackers to execute arbitrary code via vectors related to large values in certain inputs in (1) smooth/ftsmooth.c, (2) sfnt/ttcmap.c, and (3) cff/cffload.c.

  • EPSS 8.9%
  • Veröffentlicht 09.04.2009 00:30:00
  • Zuletzt bearbeitet 16.06.2026 23:05:56

The asn1_decode_generaltime function in lib/krb5/asn.1/asn1_decode.c in the ASN.1 GeneralizedTime decoder in MIT Kerberos 5 (aka krb5) before 1.6.4 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code...

  • EPSS 5.07%
  • Veröffentlicht 08.04.2009 16:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:54

libclamav/untar.c in ClamAV before 0.95 allows remote attackers to cause a denial of service (infinite loop) via a crafted TAR file that causes (1) clamd and (2) clamscan to hang.

  • EPSS 0.47%
  • Veröffentlicht 06.04.2009 14:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:50

The vmx_set_msr function in arch/x86/kvm/vmx.c in the VMX implementation in the KVM subsystem in the Linux kernel before 2.6.29.1 on the i386 platform allows guest OS users to cause a denial of service (OOPS) by setting the EFER_LME (aka "Long mode e...

  • EPSS 0.43%
  • Veröffentlicht 25.03.2009 01:30:00
  • Zuletzt bearbeitet 16.06.2026 23:06:26

nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash o...

  • EPSS 5.52%
  • Veröffentlicht 14.03.2009 18:30:00
  • Zuletzt bearbeitet 16.06.2026 23:05:21

Integer overflow in the gst_vorbis_tag_add_coverart function (gst-libs/gst/tag/gstvorbistag.c) in vorbistag in gst-plugins-base (aka gstreamer-plugins-base) before 0.10.23 in GStreamer allows context-dependent attackers to execute arbitrary code via ...

  • EPSS 0.44%
  • Veröffentlicht 06.03.2009 11:30:02
  • Zuletzt bearbeitet 16.06.2026 23:05:54

The audit_syscall_entry function in the Linux kernel 2.6.28.7 and earlier on the x86_64 platform does not properly handle (1) a 32-bit process making a 64-bit syscall or (2) a 64-bit process making a 32-bit syscall, which allows local users to bypass...

  • EPSS 6.66%
  • Veröffentlicht 02.02.2009 19:30:00
  • Zuletzt bearbeitet 16.06.2026 23:04:55

Integer signedness error in the fourxm_read_header function in libavformat/4xm.c in FFmpeg before revision 16846 allows remote attackers to execute arbitrary code via a malformed 4X movie file with a large current_track value, which triggers a NULL p...