Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2017-07-27 | CVE-2017-11683 | There is a reachable assertion in the Internal::TiffReader::visitDirectory function in tiffvisitor.cpp of Exiv2 0.26 that will lead to a remote denial of service attack via crafted input. | Ubuntu_linux, Debian_linux, Exiv2 | 6.5 | ||
2012-08-14 | CVE-2012-2135 | The utf-16 decoder in Python 3.1 through 3.3 does not update the aligned_end variable after calling the unicode_decode_call_errorhandler function, which allows remote attackers to obtain sensitive information (process memory) or cause a denial of service (memory corruption and crash) via unspecified vectors. | Ubuntu_linux, Debian_linux, Python | N/A | ||
2016-02-17 | CVE-2016-0766 | PostgreSQL before 9.1.20, 9.2.x before 9.2.15, 9.3.x before 9.3.11, 9.4.x before 9.4.6, and 9.5.x before 9.5.1 does not properly restrict access to unspecified custom configuration settings (GUCS) for PL/Java, which allows attackers to gain privileges via unspecified vectors. | Ubuntu_linux, Debian_linux, Postgresql | 8.8 | ||
2016-04-27 | CVE-2015-8812 | drivers/infiniband/hw/cxgb3/iwch_cm.c in the Linux kernel before 4.5 does not properly identify error conditions, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free) via crafted packets. | Ubuntu_linux, Linux_kernel, Suse_linux_enterprise_real_time_extension | 9.8 | ||
2016-10-10 | CVE-2016-7117 | Use-after-free vulnerability in the __sys_recvmmsg function in net/socket.c in the Linux kernel before 4.5.2 allows remote attackers to execute arbitrary code via vectors involving a recvmmsg system call that is mishandled during error processing. | Ubuntu_linux, Debian_linux, Linux_kernel | 9.8 | ||
2017-07-20 | CVE-2017-11473 | Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 3.2 allows local users to gain privileges via a crafted ACPI table. | Ubuntu_linux, Linux_kernel | 7.8 | ||
2017-08-09 | CVE-2017-12762 | In /drivers/isdn/i4l/isdn_net.c: A user-controlled buffer is copied into a local buffer of constant size using strcpy without a length check which can cause a buffer overflow. This affects the Linux kernel 4.9-stable tree, 4.12-stable tree, 3.18-stable tree, and 4.4-stable tree. | Ubuntu_linux, Linux_kernel | 9.8 | ||
2017-11-04 | CVE-2017-16526 | drivers/uwb/uwbd.c in the Linux kernel before 4.13.6 allows local users to cause a denial of service (general protection fault and system crash) or possibly have unspecified other impact via a crafted USB device. | Ubuntu_linux, Debian_linux, Linux_kernel | 7.8 | ||
2017-11-15 | CVE-2017-15115 | The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls. | Ubuntu_linux, Debian_linux, Linux_kernel, Linux_enterprise_server | 7.8 | ||
2017-12-05 | CVE-2017-15868 | The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application. | Ubuntu_linux, Debian_linux, Linux_kernel | 7.8 |