Search Results (Refine Search)
- Keyword (text search): cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2022-3328 |
Race condition in snap-confine's must_mkdir_and_open_with_perms() Published: January 08, 2024; 1:15:45 PM -0500 |
V3.1: 7.0 HIGH V2.0:(not available) |
CVE-2022-2602 |
io_uring UAF, Unix SCM garbage collection Published: January 08, 2024; 1:15:45 PM -0500 |
V3.1: 7.0 HIGH V2.0:(not available) |
CVE-2022-2588 |
It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. Published: January 08, 2024; 1:15:44 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-2586 |
It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. Published: January 08, 2024; 1:15:44 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2022-2585 |
It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free. Published: January 08, 2024; 1:15:44 PM -0500 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-3777 |
A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. When nf_tables_delrule() is flushing table rules, it is not checked whether the chain is bound and the chain's owner rule can also release the objects in certain circumstances. We recommend upgrading past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8. Published: September 06, 2023; 10:15:10 AM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-3297 |
In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process. Published: September 01, 2023; 5:15:07 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-1523 |
Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-terminal and others are not affected - this can only be exploited when snaps are run on a virtual console. Published: September 01, 2023; 3:15:42 PM -0400 |
V3.1: 10.0 CRITICAL V2.0:(not available) |
CVE-2023-40283 |
An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free because the children of an sk are mishandled. Published: August 13, 2023; 11:15:09 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-3567 |
A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an attacker with local user access to cause a system crash or leak internal kernel information. Published: July 24, 2023; 12:15:12 PM -0400 |
V3.1: 7.1 HIGH V2.0:(not available) |
CVE-2023-31248 |
Linux Kernel nftables Use-After-Free Local Privilege Escalation Vulnerability; `nft_chain_lookup_byid()` failed to check whether a chain was active and CAP_NET_ADMIN is in any user or network namespace Published: July 05, 2023; 3:15:09 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-3389 |
A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring cancel poll request with a linked timeout can cause a UAF in a hrtimer. We recommend upgrading past commit ef7dfac51d8ed961b742218f526bd589f3900a59 (4716c73b188566865bdd79c3a6709696a224ac04 for 5.10 stable and 0e388fce7aec40992eadee654193cad345d62663 for 5.15 stable). Published: June 28, 2023; 4:15:09 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-35788 |
An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write in the flower classifier code via TCA_FLOWER_KEY_ENC_OPTS_GENEVE packets. This may result in denial of service or privilege escalation. Published: June 16, 2023; 5:15:09 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-2612 |
Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock). Published: May 30, 2023; 8:15:10 PM -0400 |
V3.1: 4.7 MEDIUM V2.0:(not available) |
CVE-2023-1786 |
Sensitive data could be exposed in logs of cloud-init before version 23.1.2. An attacker could use this information to find hashed passwords and possibly escalate their privilege. Published: April 26, 2023; 7:15:08 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2022-2084 |
Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords. Published: April 19, 2023; 6:15:10 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-1326 |
A privilege escalation attack was found in apport-cli 2.26.0 and earlier which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a local attacker can escalate privilege. It is extremely unlikely that a system administrator would configure sudo to allow unprivileged users to perform this class of exploit. Published: April 13, 2023; 7:15:07 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2020-11935 |
It was discovered that aufs improperly managed inode reference counts in the vfsub_dentry_open() method. A local attacker could use this vulnerability to cause a denial of service attack. Published: April 06, 2023; 10:15:07 PM -0400 |
V3.1: 5.5 MEDIUM V2.0:(not available) |
CVE-2023-0179 |
A buffer overflow vulnerability was found in the Netfilter subsystem in the Linux Kernel. This issue could allow the leakage of both stack and heap addresses, and potentially allow Local Privilege Escalation to the root user via arbitrary code execution. Published: March 27, 2023; 6:15:20 PM -0400 |
V3.1: 7.8 HIGH V2.0:(not available) |
CVE-2023-1380 |
A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service. Published: March 27, 2023; 5:15:10 PM -0400 |
V3.1: 7.1 HIGH V2.0:(not available) |