UBUNTU-CVE-2021-35477

In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled...

Linux kernel elevation of privilege vulnerability (CNVD-2021-29853)

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the linux kernel that stems from a combination of unprivileged user namespaces and patches in the Ubuntu kernel that allow for unprivileged...

Design/Logic Flaw

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow...

CVE-2021-3493

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow...

CVE-2021-3493

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow...

UBUNTU-CVE-2021-3492

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copyfromuser correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service kerne...

Vulnerabilities fixed in the Ubuntu kernel

Vulnerabilities have been fixed in the Ubuntu kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Circumvention of security measure Remote code execution User rights...

Vulnerability fixed in the Ubuntu kernel

A vulnerability has been fixed in Ubuntu's kernel. The vulnerability allows a local malicious person to run programs run as administrator, execute arbitrary code as root or cause a denial-of-service. Canonical has released updates to fix the vulnerability. fix. More information can be found on th...

Vulnerability fixed in Ubuntu kernel

Canonical has fixed a vulnerability in the Ubuntu kernel. The vulnerability allows an authenticated remote malicious party to opportunity to obtain sensitive information and to manipulate data manipulate. -= Ubuntu =- Canonical has made updates available for Ubuntu 16.04 LTS, 18.04 LTS, 20.04 LTS...

Vulnerabilities fixed in Ubuntu kernel

Vulnerabilities have been fixed in the Ubuntu kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Access to system data Increased user...

UBUNTU-CVE-2020-27786

A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change...

Vulnerabilities fixed in Ubuntu kernel

Vulnerabilities have been fixed in Ubuntu kernel. The vulnerabilities allow a malicious person to perform attacks that lead to the following categories of damage: Denial-of-Service DoS Manipulation of data Access to sensitive data Access to system data -= Ubuntu =- Canonical has made updates...

Vulnerabilities fixed in Ubuntu kernel

Canonical has fixed vulnerabilities in the Ubuntu kernel. The vulnerabilities allow a remote malicious person to opportunity to obtain system data via Bluetooth and to cause a denial-of-service potentially resulting in the execution of arbitrary code as a result. -= Ubuntu =- Canonical has made...

Vulnerabilities fixed in Ubuntu kernel

Vulnerabilities have been fixed in Ubuntu's kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that lead to the following categories of damage: Denial-of-Service DoS Circumvention of security measure Access to system data Increased user privileges Canonical...

UBUNTU-CVE-2020-0432

In skbtomamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID:...

Vulnerabilities fixed in Ubuntu Linux kernel

Canonical has fixed several vulnerabilities in the Ubuntu Linux kernel. The vulnerabilities potentially enable a malicious person to able to perform attacks that result in the following categories of damage: Denial-of-Service Manipulation of data Access to sensitive data Increased user privileges...

CVE-2019-15793

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, several locations which shift ids translate user/group ids before performing operations in the lower filesystem were translating them into inituserns, whereas they should have been translated in...

CVE-2019-15791

In shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, shiftfsbtrfsioctlfdreplace installs an fd referencing a file from the lower filesystem without taking an additional reference to that file. After the btrfs ioctl completes this fd is closed, whi...

CVE-2019-15794 Reference counting error in overlayfs/shiftfs error path when used in conjuction with aufs

Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma-vmfile in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vmfile points. On...

USN-4287-2 linux-azure vulnerabilities

USN-4287-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 ESM. It was discovered that the Linux kernel did not properly clear data structures on context switches...