Canonical

Ubuntu Linux

4122 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.46%
  • Veröffentlicht 24.07.2023 16:15:12
  • Zuletzt bearbeitet 21.11.2024 08:17:33

A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information.

  • EPSS 2.03%
  • Veröffentlicht 05.07.2023 19:15:09
  • Zuletzt bearbeitet 21.11.2024 08:01:42

Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace

  • EPSS 0.72%
  • Veröffentlicht 28.06.2023 20:15:09
  • Zuletzt bearbeitet 13.02.2025 17:16:56

A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past comm...

Exploit
  • EPSS 0.53%
  • Veröffentlicht 16.06.2023 21:15:09
  • Zuletzt bearbeitet 05.05.2025 16:15:41

An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service o...

  • EPSS 0.28%
  • Veröffentlicht 31.05.2023 00:15:10
  • Zuletzt bearbeitet 21.11.2024 07:58:55

Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).

  • EPSS 0.26%
  • Veröffentlicht 26.04.2023 23:15:08
  • Zuletzt bearbeitet 21.11.2024 07:39:54

Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege.

  • EPSS 0.24%
  • Veröffentlicht 19.04.2023 22:15:10
  • Zuletzt bearbeitet 05.02.2025 15:15:15

Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.

  • EPSS 0.87%
  • Veröffentlicht 13.04.2023 23:15:07
  • Zuletzt bearbeitet 21.11.2024 07:38:55

A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal siz...

  • EPSS 0.2%
  • Veröffentlicht 07.04.2023 02:15:07
  • Zuletzt bearbeitet 21.11.2024 04:58:56

It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack.

Exploit
  • EPSS 1.94%
  • Veröffentlicht 27.03.2023 22:15:20
  • Zuletzt bearbeitet 21.11.2024 07:36:41

A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execut...