Lucene search

K
CanonicalUbuntu Linux20.10

13 matches found

CVE
CVE
added 2021/06/04 2:15 a.m.388 views

CVE-2021-3490

The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. This issue was fixed via commit 049c4e13714e ("bpf: Fix ...

7.8CVSS8.1AI score0.03994EPSS
CVE
CVE
added 2021/06/04 2:15 a.m.307 views

CVE-2021-3489

The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. This issue was fixed via commit 4b81ccebaeee (...

7.8CVSS8.1AI score0.00089EPSS
CVE
CVE
added 2021/06/04 2:15 a.m.293 views

CVE-2021-3491

The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/mem. This could be used to create a heap overflow leading to arbitrary code execution in the ker...

8.8CVSS8.2AI score0.00008EPSS
CVE
CVE
added 2021/06/12 4:15 a.m.211 views

CVE-2021-32550

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00043EPSS
CVE
CVE
added 2021/04/26 2:15 p.m.199 views

CVE-2020-15078

OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks.

7.5CVSS6.7AI score0.0022EPSS
CVE
CVE
added 2021/06/12 4:15 a.m.133 views

CVE-2021-32553

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.0004EPSS
CVE
CVE
added 2021/06/12 4:15 a.m.129 views

CVE-2021-32549

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-13 package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00047EPSS
CVE
CVE
added 2021/06/12 4:15 a.m.128 views

CVE-2021-32555

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00043EPSS
CVE
CVE
added 2021/06/12 4:15 a.m.127 views

CVE-2021-32554

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00047EPSS
CVE
CVE
added 2021/06/12 4:15 a.m.123 views

CVE-2021-32552

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-16 package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00043EPSS
CVE
CVE
added 2021/06/12 4:15 a.m.122 views

CVE-2021-32551

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00043EPSS
CVE
CVE
added 2021/06/12 4:15 a.m.121 views

CVE-2021-32548

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-8 package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00047EPSS
CVE
CVE
added 2021/06/12 4:15 a.m.119 views

CVE-2021-32547

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-lts package apport hooks, it could expose private data to other local users.

7.3CVSS5.8AI score0.00047EPSS