Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:16.04.4:*:*:*:lts:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2021-3493 |
The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges. Published: April 17, 2021; 1:15:14 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2021-3492 |
Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (kernel memory exhaustion) or gain privileges via executing arbitrary code. AKA ZDI-CAN-13562. Published: April 17, 2021; 1:15:13 AM -0400 |
V3.1: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2019-7582 |
The readBytes function in util/read.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure. Published: February 07, 2019; 1:29:00 PM -0500 |
V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2019-7581 |
The parseSWF_ACTIONRECORD function in util/parser.c in libming through 0.4.8 allows remote attackers to have unspecified impact via a crafted swf file that triggers a memory allocation failure, a different vulnerability than CVE-2018-7876. Published: February 07, 2019; 1:29:00 PM -0500 |
V3.0: 8.8 HIGH V2.0: 6.8 MEDIUM |
CVE-2018-12931 |
ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem. Published: June 28, 2018; 10:29:00 AM -0400 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2018-12930 |
ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem. Published: June 28, 2018; 10:29:00 AM -0400 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2018-12929 |
ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem. Published: June 28, 2018; 10:29:00 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.9 MEDIUM |
CVE-2018-12928 |
In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem. Published: June 28, 2018; 10:29:00 AM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.9 MEDIUM |