Ubuntu Linux Security Vulnerabilities and Issues — Ubuntu Linux CVE List

Lucene search

CanonicalUbuntu Linux

8 matches found

CVE•added 2014/06/07 2:55 p.m.•1067 views

CVE-2014-3153

The futex_requeue function in kernel/futex.c in the Linux kernel through 3.14.5 does not ensure that calls have two different futex addresses, which allows local users to gain privileges via a crafted FUTEX_REQUEUE command that facilitates unsafe waiter modification.

7.8CVSS6.5AI score0.82581EPSS

CVE•added 2014/06/23 11:21 a.m.•113 views

CVE-2014-4508

arch/x86/kernel/entry_32.S in the Linux kernel through 3.15.1 on 32-bit x86 platforms, when syscall auditing is enabled and the sep CPU feature flag is set, allows local users to cause a denial of service (OOPS and system crash) via an invalid syscall number, as demonstrated by number 1000.

4.7CVSS5.9AI score0.00043EPSS

CVE•added 2014/06/23 11:21 a.m.•103 views

CVE-2014-4171

mm/shmem.c in the Linux kernel through 3.15.1 does not properly implement the interaction between range notification and hole punching, which allows local users to cause a denial of service (i_mutex hold) by using the mmap system call to access a hole, as demonstrated by interfering with intended s...

4.7CVSS5.8AI score0.00043EPSS

CVE•added 2014/06/23 11:21 a.m.•93 views

CVE-2014-1739

The media_device_enum_entities function in drivers/media/media-device.c in the Linux kernel before 3.14.6 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel memory by leveraging /dev/media0 read access for a MEDIA_IOC_ENUM_ENTITIES ioc...

2.1CVSS5.5AI score0.00107EPSS

CVE•added 2014/06/23 11:21 a.m.•88 views

CVE-2014-4027

The rd_build_device_space function in drivers/target/target_core_rd.c in the Linux kernel before 3.14 does not properly initialize a certain data structure, which allows local users to obtain sensitive information from ramdisk_mcp memory by leveraging access to a SCSI initiator.

2.3CVSS6.6AI score0.00091EPSS

CVE•added 2014/06/02 3:55 p.m.•65 views

CVE-2013-6433

The default configuration in the Red Hat openstack-neutron package before 2013.2.3-7 does not properly set a configuration file for rootwrap, which allows remote attackers to gain privileges via a crafted configuration file.

7.6CVSS6.6AI score0.01556EPSS

CVE•added 2014/06/19 3:55 p.m.•57 views

CVE-2013-1068

The OpenStack Nova (python-nova) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.2 and 1:2014.1-0 before 1:2014.1-0ubuntu1.2 and Openstack Cinder (python-cinder) package 1:2013.2.3-0 before 1:2013.2.3-0ubuntu1.1 and 1:2014.1-0 before 1:2014.1-0ubuntu1.1 for Ubuntu 13.10 and 14.04 LTS does not prope...

5CVSS6.5AI score0.00222EPSS

CVE•added 2014/06/01 4:29 a.m.•51 views

CVE-2014-3925

sosreport in Red Hat sos 1.7 and earlier on Red Hat Enterprise Linux (RHEL) 5 produces an archive with an fstab file potentially containing cleartext passwords, and lacks a warning about reviewing this archive to detect included passwords, which might allow remote attackers to obtain sensitive info...

5CVSS7.2AI score0.00344EPSS