Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.59%
  • Veröffentlicht 07.04.2020 17:15:14
  • Zuletzt bearbeitet 21.11.2024 04:58:14

An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. drivers/media/usb/gspca/stv06xx/stv06xx.c and drivers/media/usb/gspca/stv06xx/stv06xx_pb0100.c mishandle invalid descriptors, as demonstrated by a NULL pointer derefer...

  • EPSS 0.53%
  • Veröffentlicht 07.04.2020 14:15:14
  • Zuletzt bearbeitet 21.11.2024 04:58:13

An issue was discovered in the Linux kernel before 5.6.1. drivers/media/usb/gspca/ov519.c allows NULL pointer dereferences in ov511_mode_init_regs and ov518_mode_init_regs when there are zero endpoints, aka CID-998912346c0d.

  • EPSS 0.52%
  • Veröffentlicht 06.04.2020 01:15:12
  • Zuletzt bearbeitet 21.11.2024 04:58:09

An issue was discovered in the Linux kernel through 5.6.2. mpol_parse_str in mm/mempolicy.c has a stack-based out-of-bounds write because an empty nodelist is mishandled during mount option parsing, aka CID-aa9f7d5172fa. NOTE: Someone in the security...

  • EPSS 3.39%
  • Veröffentlicht 03.04.2020 13:15:13
  • Zuletzt bearbeitet 21.11.2024 04:58:01

GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 (2018-07-16) because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes...

  • EPSS 0.72%
  • Veröffentlicht 02.04.2020 21:15:13
  • Zuletzt bearbeitet 21.11.2024 04:58:00

An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. It allows attackers to read uninitialized can_frame data, potentially containing sensitive information from kernel stack memory, if the configurati...

Exploit
  • EPSS 6.06%
  • Veröffentlicht 02.04.2020 18:15:18
  • Zuletzt bearbeitet 21.11.2024 05:39:32

In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5....

  • EPSS 60.73%
  • Veröffentlicht 02.04.2020 15:15:17
  • Zuletzt bearbeitet 21.11.2024 04:56:47

In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution.

  • EPSS 56.69%
  • Veröffentlicht 02.04.2020 00:15:13
  • Zuletzt bearbeitet 21.11.2024 05:11:37

In Apache HTTP Server 2.4.0 to 2.4.41, redirects configured with mod_rewrite that were intended to be self-referential might be fooled by encoded newlines and redirect instead to an an unexpected URL within the request URL.

  • EPSS 51.95%
  • Veröffentlicht 01.04.2020 20:15:15
  • Zuletzt bearbeitet 21.11.2024 05:11:38

In Apache HTTP Server 2.4.0 to 2.4.41, mod_proxy_ftp may use uninitialized memory when proxying to a malicious FTP server.

Exploit
  • EPSS 4.3%
  • Veröffentlicht 01.04.2020 04:15:13
  • Zuletzt bearbeitet 21.11.2024 05:36:36

In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.4, while parsing EXIF data with exif_read_data() function, it is possible for malicious data to cause PHP to read one byte of uninitialized memory. This could potentially lead ...