Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.24%
  • Veröffentlicht 12.12.2023 02:15:09
  • Zuletzt bearbeitet 21.11.2024 08:41:57

A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password.

  • EPSS 7.88%
  • Veröffentlicht 08.12.2023 06:15:45
  • Zuletzt bearbeitet 04.11.2025 20:17:09

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has oc...

Warnung Exploit
  • EPSS 81.42%
  • Veröffentlicht 03.10.2023 18:15:10
  • Zuletzt bearbeitet 12.05.2026 16:24:45

A buffer overflow was discovered in the GNU C Library's dynamic loader ld.so while processing the GLIBC_TUNABLES environment variable. This issue could allow a local attacker to use maliciously crafted GLIBC_TUNABLES environment variables when launch...

Medienbericht Exploit
  • EPSS 1.81%
  • Veröffentlicht 27.09.2023 15:19:39
  • Zuletzt bearbeitet 21.11.2024 08:25:27

PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue...

  • EPSS 0.41%
  • Veröffentlicht 06.09.2023 14:15:10
  • Zuletzt bearbeitet 20.03.2025 17:00:02

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain'...

Exploit
  • EPSS 0.33%
  • Veröffentlicht 01.09.2023 21:15:07
  • Zuletzt bearbeitet 21.11.2024 08:16:57

In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.

Exploit
  • EPSS 1.45%
  • Veröffentlicht 01.09.2023 19:15:42
  • Zuletzt bearbeitet 21.11.2024 07:39:21

Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal ...

  • EPSS 0.56%
  • Veröffentlicht 14.08.2023 03:15:09
  • Zuletzt bearbeitet 25.02.2026 18:17:01

An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled.

Exploit
  • EPSS 15.78%
  • Veröffentlicht 26.07.2023 02:15:09
  • Zuletzt bearbeitet 21.11.2024 07:58:59

On Ubuntu kernels carrying both c914c0e27eb0 and "UBUNTU: SAUCE: overlayfs: Skip permission checking for trusted.overlayfs.* xattrs", an unprivileged user may set privileged extended attributes on the mounted files, leading them to be set on the uppe...

Exploit
  • EPSS 8.89%
  • Veröffentlicht 26.07.2023 02:15:09
  • Zuletzt bearbeitet 21.11.2024 08:03:44

Local privilege escalation vulnerability in Ubuntu Kernels overlayfs ovl_copy_up_meta_inode_data skip permission checks when calling ovl_do_setxattr on Ubuntu kernels