U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
  • CPE Name Search: true
There are 444 matching records.
Displaying matches 21 through 40.
Vuln ID Summary CVSS Severity
CVE-2023-1380

A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.

Published: March 27, 2023; 5:15:10 PM -0400
V3.1: 7.1 HIGH
V2.0:(not available)
CVE-2022-40617

strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or sends an excessive amount of application data.

Published: October 31, 2022; 2:15:09 AM -0400
V3.1: 7.5 HIGH
V2.0:(not available)
CVE-2022-41222

mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.

Published: September 21, 2022; 4:15:09 AM -0400
V3.1: 7.0 HIGH
V2.0:(not available)
CVE-2022-39177

BlueZ before 5.59 allows physically proximate attackers to cause a denial of service because malformed and invalid capabilities can be processed in profiles/audio/avdtp.c.

Published: September 02, 2022; 12:15:11 AM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-39176

BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate params_len.

Published: September 02, 2022; 12:15:11 AM -0400
V3.1: 8.8 HIGH
V2.0:(not available)
CVE-2022-1184

A use-after-free flaw was found in fs/ext4/namei.c:dx_insert_block() in the Linux kernel’s filesystem sub-component. This flaw allows a local attacker with a user privilege to cause a denial of service.

Published: August 29, 2022; 11:15:10 AM -0400
V3.1: 5.5 MEDIUM
V2.0:(not available)
CVE-2022-34918

An issue was discovered in the Linux kernel through 5.18.9. A type confusion bug in nft_set_elem_init (leading to a buffer overflow) could be used by a local attacker to escalate privileges, a different vulnerability than CVE-2022-32250. (The attacker can obtain root access, but must start with an unprivileged user namespace to obtain CAP_NET_ADMIN access.) This can be fixed in nft_setelem_parse_data in net/netfilter/nf_tables_api.c.

Published: July 04, 2022; 5:15:07 PM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2022-29581

Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root. This issue affects: Linux Kernel versions prior to 5.18; version 4.14 and later versions.

Published: May 17, 2022; 1:15:08 PM -0400
V3.1: 7.8 HIGH
V2.0: 7.2 HIGH
CVE-2022-1055

A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5

Published: March 29, 2022; 11:15:08 AM -0400
V3.1: 7.8 HIGH
V2.0: 4.6 MEDIUM
CVE-2021-3748

A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process.

Published: March 23, 2022; 4:15:09 PM -0400
V3.1: 7.5 HIGH
V2.0: 6.9 MEDIUM
CVE-2021-3737

A flaw was found in python. An improperly handled HTTP response in the HTTP client code of python may allow a remote attacker, who controls the HTTP server, to make the client script enter an infinite loop, consuming CPU time. The highest threat from this vulnerability is to system availability.

Published: March 04, 2022; 2:15:08 PM -0500
V3.1: 7.5 HIGH
V2.0: 7.1 HIGH
CVE-2021-3640

A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page. A privileged local user could use this flaw to crash the system or escalate their privileges on the system.

Published: March 03, 2022; 6:15:08 PM -0500
V3.1: 7.0 HIGH
V2.0: 6.9 MEDIUM
CVE-2022-0492

A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.

Published: March 03, 2022; 2:15:08 PM -0500
V3.1: 7.8 HIGH
V2.0: 6.9 MEDIUM
CVE-2021-4115

There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and a new one being spawned

Published: February 21, 2022; 5:15:07 PM -0500
V3.1: 5.5 MEDIUM
V2.0: 2.1 LOW
CVE-2021-44142

The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes. A remote attacker with write access to extended file attributes can execute arbitrary code with the privileges of smbd, typically root.

Published: February 21, 2022; 10:15:07 AM -0500
V3.1: 8.8 HIGH
V2.0: 9.0 HIGH
CVE-2022-0543

It was discovered, that redis, a persistent key-value database, due to a packaging issue, is prone to a (Debian-specific) Lua sandbox escape, which could result in remote code execution.

Published: February 18, 2022; 3:15:17 PM -0500
V3.1: 10.0 CRITICAL
V2.0: 10.0 HIGH
CVE-2021-4093

A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs or ins) using the exit reason SVM_EXIT_IOIO. This issue results in a crash of the entire system or a potential guest-to-host escape scenario.

Published: February 18, 2022; 1:15:10 PM -0500
V3.1: 8.8 HIGH
V2.0: 7.2 HIGH
CVE-2020-25722

Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data. An attacker could use this flaw to cause total domain compromise.

Published: February 18, 2022; 1:15:08 PM -0500
V3.1: 8.8 HIGH
V2.0: 6.5 MEDIUM
CVE-2020-25719

A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found within. The result could include total domain compromise.

Published: February 18, 2022; 1:15:08 PM -0500
V3.1: 7.2 HIGH
V2.0: 9.0 HIGH
CVE-2020-25717

A flaw was found in the way Samba maps domain users to local users. An authenticated attacker could use this flaw to cause possible privilege escalation.

Published: February 18, 2022; 1:15:08 PM -0500
V3.1: 8.1 HIGH
V2.0: 8.5 HIGH