Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Ubuntu_linux
(Canonical)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-09-15 | CVE-2020-14345 | A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Out-Of-Bounds access in XkbSetNames function may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | Ubuntu_linux, X_server | 7.8 | ||
| 2020-09-15 | CVE-2020-14346 | A flaw was found in xorg-x11-server before 1.20.9. An integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | Ubuntu_linux, Enterprise_linux, Xorg\-Server | 7.8 | ||
| 2020-09-15 | CVE-2020-14361 | A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | Ubuntu_linux, Enterprise_linux, Xorg\-Server | 7.8 | ||
| 2020-09-15 | CVE-2020-14362 | A flaw was found in X.Org Server before xorg-x11-server 1.20.9. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | Ubuntu_linux, Enterprise_linux, Xorg\-Server | 7.8 | ||
| 2020-09-15 | CVE-2020-14314 | A memory out-of-bounds read flaw was found in the Linux kernel before 5.9-rc2 with the ext3/ext4 file system, in the way it accesses a directory with broken indexing. This flaw allows a local user to crash the system if the directory exists. The highest threat from this vulnerability is to system availability. | Ubuntu_linux, Debian_linux, Linux_kernel, Starwind_virtual_san | 5.5 | ||
| 2020-09-15 | CVE-2020-14385 | A flaw was found in the Linux kernel before 5.9-rc4. A failure of the file system metadata validator in XFS can cause an inode with a valid, user-creatable extended attribute to be flagged as corrupt. This can lead to the filesystem being shutdown, or otherwise rendered inaccessible until it is remounted, leading to a denial of service. The highest threat from this vulnerability is to system availability. | Ubuntu_linux, Debian_linux, Linux_kernel | 5.5 | ||
| 2020-09-16 | CVE-2020-14392 | An untrusted pointer dereference flaw was found in Perl-DBI < 1.643. A local attacker who is able to manipulate calls to dbd_db_login6_sv() could cause memory corruption, affecting the service's availability. | Ubuntu_linux, Debian_linux, Fedora, Leap, Database_interface | 5.5 | ||
| 2020-09-16 | CVE-2020-14382 | A vulnerability was found in upstream release cryptsetup-2.2.0 where, there's a bug in LUKS2 format validation code, that is effectively invoked on every device/image presenting itself as LUKS2 container. The bug is in segments validation code in file 'lib/luks2/luks2_json_metadata.c' in function hdr_validate_segments(struct crypt_device *cd, json_object *hdr_jobj) where the code does not check for possible overflow on memory allocation used for intervals array (see statement "intervals =... | Ubuntu_linux, Cryptsetup, Fedora, Enterprise_linux | 7.8 | ||
| 2020-09-23 | CVE-2020-25739 | An issue was discovered in the gon gem before gon-6.4.0 for Ruby. MultiJson does not honor the escape_mode parameter to escape fields as an XSS protection mechanism. To mitigate, json_dumper.rb in gon now does escaping for XSS by default without relying on MultiJson. | Ubuntu_linux, Debian_linux, Gon | 6.1 | ||
| 2020-09-24 | CVE-2020-26088 | A missing CAP_NET_RAW check in NFC socket creation in net/nfc/rawsock.c in the Linux kernel before 5.8.2 could be used by local attackers to create raw sockets, bypassing security mechanisms, aka CID-26896f01467a. | Ubuntu_linux, Debian_linux, Linux_kernel, Leap | 5.5 |