Ubuntu_linux - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Ubuntu_linux
(Canonical)

Repositories

• https://github.com/torvalds/linux
• https://github.com/ImageMagick/ImageMagick
• https://github.com/LibRaw/LibRaw
• https://github.com/neomutt/neomutt
• https://github.com/xkbcommon/libxkbcommon

• https://github.com/file/file
• https://github.com/FreeRDP/FreeRDP
• https://github.com/kyz/libmspack
• https://github.com/gpac/gpac
• https://github.com/curl/curl
• https://github.com/krb5/krb5
• https://github.com/apache/httpd
• https://github.com/madler/zlib
• https://github.com/dbry/WavPack
• https://github.com/audreyt/module-signature
• https://github.com/tats/w3m
• https://github.com/libarchive/libarchive
• https://github.com/Perl/perl5
• https://github.com/libgd/libgd
• https://github.com/ntp-project/ntp
• https://github.com/LibVNC/libvncserver
• https://github.com/openvswitch/ovs
• https://github.com/newsoft/libvncserver
• https://github.com/rubygems/rubygems
• https://github.com/mm2/Little-CMS
• https://github.com/memcached/memcached
• https://github.com/erikd/libsndfile
• https://github.com/dosfstools/dosfstools
• https://github.com/php/php-src
• https://github.com/WebKit/webkit
• https://github.com/lxc/lxcfs
• https://github.com/bagder/curl
• https://github.com/vrtadmin/clamav-devel
• https://github.com/bcgit/bc-java
• git://git.openssl.org/openssl.git
• https://github.com/mdadams/jasper
• https://github.com/pyca/cryptography
• https://github.com/opencontainers/runc
• https://git.kernel.org/pub/scm/git/git.git
• https://github.com/openbsd/src
• https://github.com/openssh/openssh-portable
• https://github.com/openstack/glance
• https://github.com/mongodb/mongo-python-driver
• https://github.com/jpirko/libndp
• https://github.com/FFmpeg/FFmpeg
• https://github.com/requests/requests
• https://github.com/glennrp/libpng
• https://github.com/vim/vim
• https://github.com/rdoc/rdoc
• https://github.com/ansible/ansible
• https://github.com/hexchat/hexchat
• https://github.com/GNOME/pango
• https://github.com/stoth68000/media-tree
• https://github.com/ImageMagick/ImageMagick6
• https://github.com/kennethreitz/requests
• https://github.com/lxml/lxml
• https://github.com/beanshell/beanshell
• https://github.com/git/git
• https://github.com/libjpeg-turbo/libjpeg-turbo
• https://github.com/mysql/mysql-server
• https://github.com/dovecot/core
• https://github.com/openstack/nova-lxd
• https://github.com/apple/cups
• https://github.com/derickr/timelib
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/puppetlabs/puppet
• https://github.com/lxc/lxc
• https://github.com/flori/json
• https://github.com/qpdf/qpdf
• https://github.com/TeX-Live/texlive-source
• https://github.com/liblouis/liblouis
• https://github.com/lavv17/lftp
• https://github.com/Cisco-Talos/clamav-devel
• https://github.com/moinwiki/moin-1.9
• https://github.com/libimobiledevice/libimobiledevice
• https://github.com/wikimedia/mediawiki
• https://github.com/kohler/t1utils
• https://github.com/khaledhosny/ots
• https://github.com/jmacd/xdelta-devel
• https://github.com/quassel/quassel
• https://github.com/openstack/nova

#Vulnerabilities

4108

Date	Id	Summary	Products	Score	Patch	Annotated
2023-09-01	CVE-2023-3297	In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.	Accountsservice, Ubuntu_linux	7.8
2023-09-27	CVE-2023-44216	PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend in the SVG Filter specification, aka a GPU.zip issue. For example, attackers can sometimes accurately determine text contained on a web page from one origin if they control a resource from a different origin.	Ryzen_5_7600x, Ryzen_7_4800u, M1_mac_mini, Macos, Ubuntu_linux, Android, Pixel_6, Core_i7\-10510u, Core_i7\-10610u, Core_i7\-11800h, Core_i7\-12700k, Core_i7\-8700, Windows_10, Windows_11, Geforce_rtx_2080_super, Geforce_rtx_3060	5.3
2023-12-12	CVE-2023-5536	A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password.	Ubuntu_linux	6.4
2024-01-08	CVE-2022-2585	It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.	Ubuntu_linux, Linux_kernel	7.8
2024-01-08	CVE-2022-2588	It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0.	Ubuntu_linux, Linux_kernel	7.8
2024-01-08	CVE-2022-3328	Race condition in snap-confine's must_mkdir_and_open_with_perms()	Snapd, Ubuntu_linux	7.0
2024-01-08	CVE-2022-2602	io_uring UAF, Unix SCM garbage collection	Ubuntu_linux, Linux_kernel	7.0
2024-01-08	CVE-2021-3600	It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code.	Ubuntu_linux, Fedora, Linux_kernel, Enterprise_linux	7.8
2024-01-08	CVE-2023-1032	The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067.	Ubuntu_linux, Linux_kernel	5.5
2024-06-04	CVE-2022-28654	is_closing_session() allows users to fill up apport.log	Apport, Ubuntu_linux	5.5