SUSE CVE-2019-15791

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl completes this fd is closed, whi...

SUSE CVE-2020-16119

Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccpshctxccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and...

SUSE CVE-2021-3493

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow...

UBUNTU-CVE-2023-25012

The Linux kernel through 6.1.9 has a Use-After-Free in bigbenremove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long...

UBUNTU-CVE-2023-23455

atmtcenqueue in net/sched/schatm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion non-negative numbers can sometimes indicate a TCACTSHOT condition rather than valid classification results...

UBUNTU-CVE-2022-44033

An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open, aka a race condition between cm4040open and readerdetach...

UBUNTU-CVE-2022-3625

A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlinkparamset/devlinkparamget of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The...

UBUNTU-CVE-2022-3563

A vulnerability classified as problematic has been found in Linux Kernel. Affected is the function read50controllercapcomplete of the file tools/mgmt-tester.c of the component BlueZ. The manipulation of the argument caplen leads to null pointer dereference. It is recommended to apply a patch to f...

CVE-2022-39188

An issue was discovered in include/asm-generic/tlb.h in the Linux kernel before 5.19. Because of a race condition unmapmappingrange versus munmap, a device driver can free a page while it still has stale TLB entries. This only occurs in situations with VMPFNMAP VMAs...

UBUNTU-CVE-2022-3078

An issue was discovered in the Linux kernel through 5.16-rc6. There is a lack of check after calling vzalloc and lack of free after allocation in drivers/media/test-drivers/vidtv/vidtvs302m.c...

UBUNTU-CVE-2022-2588

It was discovered that the clsroute filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0...

UBUNTU-CVE-2022-28796

jbd2journalwaitupdates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transactiont race condition...

UBUNTU-CVE-2021-45868

In the Linux kernel before 5.15.3, fs/quota/quotatree.c does not validate the block number in the quota tree on disk. This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file...

Vulnerabilities fixed in Ubuntu Linux kernel

Vulnerabilities have been fixed in the Ubuntu Linux kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS. Remote code execution Administrator/Root privileges Access to sensitive data...

UBUNTU-CVE-2022-25265

In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 e.g., with GCC 3.2.2 and Linux kernel 2.4.20. This can cause execution of bytes located in supposedly non-executable regions of a file...

Exploit for Improper Input Validation in Linux Linux_Kernel

This is a PoC exploit for CVE-2021-3490, a Linux kernel vulnerability. The exploit targets the eBPF subsystem and leverages a bug in the verifier to gain arbitrary read and write access to kernel memory. The exploit is designed to work on Ubuntu 20.04.02 and 20.10 Groovy Gorilla kernels 5.8.0-25....

Vulnerabilities fixed in Ubuntu kernel

Vulnerabilities have been fixed in Ubuntu kernel. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Accessing sensitive data Accessing system data -= Ubuntu ...

Vulnerabilities fixed in Ubuntu kernel

Vulnerabilities have been fixed in Ubuntu kernel. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User rights Access to system data -...

Vulnerabilities fixed in Ubuntu kernel

Vulnerabilities have been fixed in Ubuntu's kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Remote code execution User Rights Access to sensitive data Canonical has released updates to...

Privilege Escalation

linux-gkeop is vulnerable to privilege escalation. The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a...