Canonical

Ubuntu Linux

4106 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-2084

  • EPSS 0.03%
  • Published 19.04.2023 22:15:10
  • Last modified 05.02.2025 15:15:15

Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.

7.8

CVE-2023-1326

  • EPSS 4.08%
  • Published 13.04.2023 23:15:07
  • Last modified 21.11.2024 07:38:55

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal siz...

5.5

CVE-2020-11935

  • EPSS 0.03%
  • Published 07.04.2023 02:15:07
  • Last modified 21.11.2024 04:58:56

It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack.

7.8

CVE-2023-0179

Exploit
  • EPSS 0.33%
  • Published 27.03.2023 22:15:20
  • Last modified 21.11.2024 07:36:41

A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execut...

7.1

CVE-2023-1380

  • EPSS 0.03%
  • Published 27.03.2023 21:15:10
  • Last modified 21.11.2024 07:39:04

A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined ...

7.8

CVE-2023-0386

Warning
  • EPSS 56.35%
  • Published 22.03.2023 21:15:18
  • Last modified 18.06.2025 15:00:59

A flaw was found in the Linux kernel, where unauthorized access to the execution of the setuid file with capabilities was found in the Linux kernel’s OverlayFS subsystem in how a user copies a capable file from a nosuid mount into another mount. This...

7.5

CVE-2022-40617

  • EPSS 0.21%
  • Published 31.10.2022 06:15:09
  • Last modified 06.05.2025 19:15:56

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control...

7

CVE-2022-41222

Exploit
  • EPSS 0.01%
  • Published 21.09.2022 08:15:09
  • Last modified 28.05.2025 16:15:28

mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.

8.8

CVE-2022-39176

  • EPSS 0.09%
  • Published 02.09.2022 04:15:11
  • Last modified 21.11.2024 07:17:43

BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.

8.8

CVE-2022-39177

  • EPSS 0.05%
  • Published 02.09.2022 04:15:11
  • Last modified 21.11.2024 07:17:43

BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.