Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 1.1%
  • Veröffentlicht 24.04.2020 00:15:11
  • Zuletzt bearbeitet 21.11.2024 04:29:28

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfs_btrfs_ioctl_fd_replace() calls fdget(oldfd), then without further checks passes the resulting file* into shiftfs_real_fdget(), which casts ...

  • EPSS 0.69%
  • Veröffentlicht 24.04.2020 00:15:11
  • Zuletzt bearbeitet 21.11.2024 04:29:28

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into init_use...

  • EPSS 1.16%
  • Veröffentlicht 24.04.2020 00:15:11
  • Zuletzt bearbeitet 21.11.2024 04:29:28

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is ...

Exploit
  • EPSS 2.44%
  • Veröffentlicht 23.04.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:39:21

libvncclient/cursor.c in LibVNCServer through 0.9.12 has a HandleCursorShape integer overflow and heap-based buffer overflow via a large height or width value. NOTE: this may overlap CVE-2019-15690.

  • EPSS 27.25%
  • Veröffentlicht 23.04.2020 15:15:14
  • Zuletzt bearbeitet 21.11.2024 04:58:57

An issue was discovered in Squid before 5.0.2. A remote attacker can replay a sniffed Digest Authentication nonce to gain access to resources that are otherwise forbidden. This occurs because the attacker can overflow the nonce reference counter (a s...

  • EPSS 1.53%
  • Veröffentlicht 23.04.2020 15:15:14
  • Zuletzt bearbeitet 21.11.2024 05:11:19

A flaw was found in the Ceph Object Gateway, where it supports request sent by an anonymous user in Amazon S3. This flaw could lead to potential XSS attacks due to the lack of proper neutralization of untrusted input.

Exploit
  • EPSS 0.65%
  • Veröffentlicht 22.04.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:31

Apport creates a world writable lock file with root ownership in the world writable /var/lock/apport directory. If the apport/ directory does not exist (this is not uncommon as /var/lock is a tmpfs), it will create the directory, otherwise it will si...

Exploit
  • EPSS 0.34%
  • Veröffentlicht 22.04.2020 22:15:12
  • Zuletzt bearbeitet 21.11.2024 05:39:31

Time-of-check Time-of-use Race Condition vulnerability on crash report ownership change in Apport allows for a possible privilege escalation opportunity. If fs.protected_symlinks is disabled, this can be exploited between the os.open and os.chown cal...

Exploit
  • EPSS 2.29%
  • Veröffentlicht 22.04.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 05:11:47

A use after free vulnerability in ip_reass() in ip_input.c of libslirp 4.2.0 and prior releases allows crafted packets to cause a denial of service.

  • EPSS 2.96%
  • Veröffentlicht 22.04.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 04:59:12

CServer::SendMsg in engine/server/server.cpp in Teeworlds 0.7.x before 0.7.5 allows remote attackers to shut down the server.