Ubuntu Linux@14.04 Security Vulnerabilities and Issues — Ubuntu Linux@14.04 CVE List

Lucene search

CanonicalUbuntu Linux14.04

8 matches found

CVE•added 2021/03/07 5:15 a.m.•443 views

CVE-2021-27364

An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.

7.1CVSS7AI score0.00041EPSS

CVE•added 2021/03/20 10:15 p.m.•403 views

CVE-2020-27171

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c has an off-by-one error (with a resultant integer underflow) affecting out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information f...

6CVSS6.6AI score0.00162EPSS

CVE•added 2021/03/23 6:15 p.m.•314 views

CVE-2021-3444

The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel me...

7.8CVSS7.5AI score0.00055EPSS

CVE•added 2021/03/20 10:15 p.m.•301 views

CVE-2020-27170

An issue was discovered in the Linux kernel before 5.11.8. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory, aka CID-f232326f6966. This affe...

4.7CVSS6AI score0.00048EPSS

CVE•added 2021/01/14 1:15 a.m.•213 views

CVE-2020-16119

Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-...

7.8CVSS6.4AI score0.00052EPSS

CVE•added 2021/02/10 8:15 p.m.•191 views

CVE-2020-16120

Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpo...

5.1CVSS5.8AI score0.00056EPSS

CVE•added 2021/04/07 8:15 p.m.•44 views

CVE-2013-1054

The unity-firefox-extension package could be tricked into destroying the Unity webapps context, causing Firefox to crash. This could be achieved by spinning the event loop inside the webapps initialization callback. Fixed in 3.0.0+14.04.20140416-0ubuntu1.14.04.1 by shipping an empty package, thus d...

6.5CVSS5.2AI score0.00219EPSS

CVE•added 2021/04/07 8:15 p.m.•42 views

CVE-2013-1055

The unity-firefox-extension package could be tricked into dropping a C callback which was still in use, which Firefox would then free, causing Firefox to crash. This could be achieved by adding an action to the launcher and updating it with new callbacks until the libunity-webapps rate limit was hi...

4.3CVSS4.4AI score0.00213EPSS