Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2016-06-27 | CVE-2016-1583 | The ecryptfs_privileged_open function in fs/ecryptfs/kthread.c in the Linux kernel before 4.6.3 allows local users to gain privileges or cause a denial of service (stack memory consumption) via vectors involving crafted mmap calls for /proc pathnames, leading to recursive pagefault handling. | Ubuntu_linux, Debian_linux, Linux_kernel, Suse_linux_enterprise_debuginfo, Suse_linux_enterprise_desktop, Suse_linux_enterprise_live_patching, Suse_linux_enterprise_module_for_public_cloud, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Suse_linux_enterprise_workstation_extension | 7.8 | ||
| 2016-09-20 | CVE-2015-8919 | The lha_read_file_extended_header function in archive_read_support_format_lha.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds heap) via a crafted (1) lzh or (2) lha file. | Ubuntu_linux, Libarchive, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit | 7.5 | ||
| 2016-09-20 | CVE-2015-8920 | The _ar_read_header function in archive_read_support_format_ar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds stack read) via a crafted ar file. | Ubuntu_linux, Libarchive, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit | 5.5 | ||
| 2016-09-20 | CVE-2015-8921 | The ae_strtofflags function in archive_entry.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mtree file. | Ubuntu_linux, Libarchive, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit | 7.5 | ||
| 2016-09-20 | CVE-2015-8922 | The read_CodersInfo function in archive_read_support_format_7zip.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted 7z file, related to the _7z_folder struct. | Ubuntu_linux, Libarchive, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Linux | 5.5 | ||
| 2016-09-20 | CVE-2015-8923 | The process_extra function in libarchive before 3.2.0 uses the size field and a signed number in an offset, which allows remote attackers to cause a denial of service (crash) via a crafted zip file. | Ubuntu_linux, Libarchive, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit | 6.5 | ||
| 2016-09-20 | CVE-2015-8924 | The archive_read_format_tar_read_header function in archive_read_support_format_tar.c in libarchive before 3.2.0 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted tar file. | Ubuntu_linux, Libarchive, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit | 5.5 | ||
| 2020-01-31 | CVE-2015-6815 | The process_tx_desc function in hw/net/e1000.c in QEMU before 2.4.0.1 does not properly process transmit descriptor data when sending a network packet, which allows attackers to cause a denial of service (infinite loop and guest crash) via unspecified vectors. | Eos, Ubuntu_linux, Fedora, Suse_linux_enterprise_debuginfo, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Qemu, Enterprise_linux, Openstack, Xen | 3.5 | ||
| 2020-11-23 | CVE-2020-0569 | Out of bounds write in Intel(R) PROSet/Wireless WiFi products on Windows 10 may allow an authenticated user to potentially enable denial of service via local access. | Ubuntu_linux, Debian_linux, 7265_firmware, Ac_3165_firmware, Ac_3168_firmware, Ac_8260_firmware, Ac_8265_firmware, Ac_9260_firmware, Ac_9461_firmware, Ac_9462_firmware, Ac_9560_firmware, Ax200_firmware, Ax201_firmware, Leap, Qt | 5.7 | ||
| 2018-06-14 | CVE-2018-11574 | Improper input validation together with an integer overflow in the EAP-TLS protocol implementation in PPPD may cause a crash, information disclosure, or authentication bypass. This implementation is distributed as a patch for PPPD 0.91, and includes the affected eap.c and eap-tls.c files. Configurations that use the `refuse-app` option are unaffected. | Ubuntu_linux, Point\-To\-Point_protocol | 9.8 |