Ubuntu Linux Security Vulnerabilities and Issues — Ubuntu Linux CVE List

Lucene search

CanonicalUbuntu Linux

12 matches found

CVE•added 2017/05/23 4:29 a.m.•909 views

CVE-2016-9843

The crc32_big function in crc32.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving big-endian CRC calculation.

9.8CVSS9.9AI score0.05001EPSS

CVE•added 2017/05/23 4:29 a.m.•544 views

CVE-2016-9841

inffast.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

9.8CVSS9.9AI score0.11868EPSS

CVE•added 2017/05/23 4:29 a.m.•449 views

CVE-2016-9840

inftrees.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact by leveraging improper pointer arithmetic.

8.8CVSS9.6AI score0.0554EPSS

CVE•added 2017/05/23 4:29 a.m.•426 views

CVE-2016-9842

The inflateMark function in inflate.c in zlib 1.2.8 might allow context-dependent attackers to have unspecified impact via vectors involving left shifts of negative integers.

8.8CVSS9.5AI score0.06254EPSS

CVE•added 2017/05/01 1:59 a.m.•307 views

CVE-2017-6519

avahi-daemon in Avahi through 0.6.32 and 0.7 inadvertently responds to IPv6 unicast queries with source addresses that are not on-link, which allows remote attackers to cause a denial of service (traffic amplification) and may cause information leakage by obtaining potentially sensitive information...

9.1CVSS8.8AI score0.01618EPSS

CVE•added 2017/05/26 10:29 a.m.•138 views

CVE-2017-9239

An issue was discovered in Exiv2 0.26. When the data structure of the structure ifd is incorrect, the program assigns pValue_ to 0x0, and the value of pValue() is 0x0. TiffImageEntry::doWriteImage will use the value of pValue() to cause a segmentation fault. To exploit this vulnerability, someone m...

6.5CVSS6.2AI score0.00133EPSS

CVE•added 2017/05/08 6:29 a.m.•130 views

CVE-2017-8831

The saa7164_bus_get function in drivers/media/pci/saa7164/saa7164-bus.c in the Linux kernel through 4.11.5 allows local users to cause a denial of service (out-of-bounds array access) or possibly have unspecified other impact by changing a certain sequence-number value, aka a "double fetch" vulnera...

6.9CVSS6.7AI score0.00089EPSS

CVE•added 2017/05/21 7:29 p.m.•88 views

CVE-2017-9117

In LibTIFF 4.0.6 and possibly other versions, the program processes BMP images without verifying that biWidth and biHeight in the bitmap-information header match the actual input, as demonstrated by a heap-based buffer over-read in bmp2tiff. NOTE: mentioning bmp2tiff does not imply that the activat...

9.8CVSS6.8AI score0.00098EPSS

CVE•added 2017/05/23 4:29 a.m.•87 views

CVE-2017-9208

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to releaseResolved functions, aka qpdf-infiniteloop1.

5.5CVSS5.2AI score0.00432EPSS

CVE•added 2017/05/23 4:29 a.m.•85 views

CVE-2017-9210

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to unparse functions, aka qpdf-infiniteloop3.

5.5CVSS5.2AI score0.00283EPSS

CVE•added 2017/05/23 4:29 a.m.•84 views

CVE-2017-9209

libqpdf.a in QPDF 6.0.0 allows remote attackers to cause a denial of service (infinite recursion and stack consumption) via a crafted PDF document, related to QPDFObjectHandle::parseInternal, aka qpdf-infiniteloop2.

5.5CVSS5.2AI score0.00232EPSS

CVE•added 2017/05/18 6:29 a.m.•47 views

CVE-2017-9058

In libytnef in ytnef through 1.9.2, there is a heap-based buffer over-read due to incorrect boundary checking in the SIZECHECK macro in lib/ytnef.c.

9.8CVSS9.2AI score0.00389EPSS