Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

canonical ubuntu linux 21.10 vulnerabilities and exploits

(subscribe to this query)

6.5
CVE-2021-3975
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the...
Redhat LibvirtCanonical Ubuntu Linux 21.10Fedoraproject Fedora 35Redhat Enterprise Linux 8.0Redhat Enterprise Linux For Power Little Endian 8.0Redhat Enterprise Linux For Ibm Z Systems 8.0Redhat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions 8.6Redhat Enterprise Linux For Ibm Z Systems Eus 8.6Redhat Enterprise Linux Server Tus 8.6Redhat Enterprise Linux Eus 8.6Redhat Enterprise Linux For Power Little Endian Eus 8.6Redhat Codeready Linux Builder -Debian Debian Linux 10.0Debian Debian Linux 11.0Netapp Ontap Select Deploy Administration Utility -
7.5
CVE-2021-3905
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments....
Openvswitch OpenvswitchRedhat Enterprise Linux Fast Datapath 7.0Canonical Ubuntu Linux 21.10Fedoraproject Fedora 35Redhat Enterprise Linux Fast Datapath 8.0
7.8
CVSSv3
CVE-2022-1055
A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5...
Linux Linux Kernel 5.17Linux Linux KernelRedhat Enterprise Linux 8.0Fedoraproject Fedora 35Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 20.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 21.10Canonical Ubuntu Linux 22.04Netapp H300s Firmware -Netapp H500s Firmware -Netapp H700s Firmware -Netapp H300e Firmware -Netapp H500e Firmware -Netapp H700e Firmware -Netapp H410s Firmware -Netapp H410c Firmware -
7.5
CVSSv3
CVE-2021-3748
A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to...
Qemu QemuDebian Debian Linux 9.0Debian Debian Linux 10.0Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 20.04Canonical Ubuntu Linux 21.10Fedoraproject Fedora 34Redhat Enterprise Linux 8.0Redhat Enterprise Linux Advanced Virtualization Eus 8.4
7
CVSSv3
CVE-2021-3640
A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable...
Linux Linux KernelDebian Debian Linux 9.0Fedoraproject Fedora 34Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 20.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 21.10Netapp H300s Firmware -Netapp H700s Firmware -Netapp H300e Firmware -Netapp H500e Firmware -Netapp H700e Firmware -Netapp H410s Firmware -Netapp H410c Firmware -Netapp H500s Firmware -
5.5
CVSSv3
CVE-2021-4115
There is a flaw in polkit which can allow an unprivileged user to cause polkit to crash, due to process file descriptor exhaustion. The highest threat from this vulnerability is to availability. NOTE: Polkit process outage duration is tied to the failing process being reaped and...
Polkit Project Polkit 0.117Redhat Enterprise Linux 8.0Fedoraproject Fedora 34Fedoraproject Fedora 35Canonical Ubuntu Linux 20.04Canonical Ubuntu Linux 21.10Debian Debian Linux 11.0Oracle Zfs Storage Appliance Kit 8.8
8.8
CVSSv3
CVE-2021-44142
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow...
Samba SambaDebian Debian Linux 10.0Debian Debian Linux 11.0Canonical Ubuntu Linux 14.04Canonical Ubuntu Linux 16.04Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 20.04Canonical Ubuntu Linux 21.10Synology Diskstation ManagerFedoraproject Fedora 34Fedoraproject Fedora 35Redhat Codeready Linux Builder -Redhat Gluster Storage 3.5Redhat Virtualization Host 4.0Redhat Enterprise Linux 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Eus 8.2Redhat Enterprise Linux Eus 8.4Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux For Ibm Z Systems 8.0Redhat Enterprise Linux For Ibm Z Systems Eus 8.2Redhat Enterprise Linux For Ibm Z Systems Eus 8.4Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux For Power Little Endian 8.0Redhat Enterprise Linux For Power Little Endian Eus 8.2Redhat Enterprise Linux For Power Little Endian Eus 8.4Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux Resilient Storage 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux Server 8.1Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Update Services For Sap Solutions 8.1Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4Redhat Enterprise Linux Workstation 7.0
7.2
CVSSv3
CVE-2020-25719
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication. The Samba AD DC, could become confused about the user a ticket represents if it did not strictly require a Kerberos PAC and always use the SIDs found...
Samba SambaDebian Debian Linux 9.0Debian Debian Linux 10.0Fedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35Canonical Ubuntu Linux 20.04Canonical Ubuntu Linux 21.04Canonical Ubuntu Linux 21.10Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Workstation 7.0Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Eus 8.2Redhat Enterprise Linux Eus 8.4Redhat Enterprise Linux For Ibm Z Systems 8.0Redhat Enterprise Linux For Ibm Z Systems Eus 8.2Redhat Enterprise Linux For Ibm Z Systems Eus 8.4Redhat Enterprise Linux For Power Little Endian 8.0Redhat Enterprise Linux For Power Little Endian Eus 8.2Redhat Enterprise Linux For Power Little Endian Eus 8.4Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux Server Tus 8.2Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
8.8
CVSSv3
CVE-2021-4093
A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES). A KVM guest using SEV-ES can trigger out-of-bounds reads and writes in the host kernel via a malicious VMGEXIT for a string I/O instruction (for example, outs...
Linux Linux KernelRedhat Enterprise Linux 8.0Fedoraproject Fedora 35Canonical Ubuntu Linux 20.04Canonical Ubuntu Linux 21.10
5.9
CVSSv3
CVE-2016-2124
A flaw was found in the way samba implemented SMB1 authentication. An attacker could use this flaw to retrieve the plaintext password sent over the wire even if Kerberos authentication was required....
Samba SambaDebian Debian Linux 9.0Debian Debian Linux 10.0Fedoraproject Fedora 33Fedoraproject Fedora 34Fedoraproject Fedora 35Redhat Codeready Linux Builder -Redhat Gluster Storage 3.0Redhat Gluster Storage 3.5Redhat Openstack 13Redhat Openstack 16.1Redhat Openstack 16.2Redhat Virtualization Host 4.0Redhat Enterprise Linux 7.0Redhat Enterprise Linux 8.0Redhat Enterprise Linux Desktop 7.0Redhat Enterprise Linux Eus 8.2Redhat Enterprise Linux Eus 8.4Redhat Enterprise Linux For Ibm Z Systems 7.0Redhat Enterprise Linux For Ibm Z Systems 8.0Redhat Enterprise Linux For Ibm Z Systems Eus 8.2Redhat Enterprise Linux For Ibm Z Systems Eus 8.4Redhat Enterprise Linux For Power Big Endian 7.0Redhat Enterprise Linux For Power Little Endian 7.0Redhat Enterprise Linux For Power Little Endian 8.0Redhat Enterprise Linux For Power Little Endian Eus 8.2Redhat Enterprise Linux For Power Little Endian Eus 8.4Redhat Enterprise Linux For Scientific Computing 7.0Redhat Enterprise Linux Resilient Storage 7.0Redhat Enterprise Linux Server 7.0Redhat Enterprise Linux Server Aus 8.2Redhat Enterprise Linux Server Aus 8.4Redhat Enterprise Linux Server Tus 8.4Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4Redhat Enterprise Linux Tus 8.2Redhat Enterprise Linux Workstation 7.0Canonical Ubuntu Linux 18.04Canonical Ubuntu Linux 20.04Canonical Ubuntu Linux 21.04Canonical Ubuntu Linux 21.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
elevation of privilegeCVE-2022-42331CVE-2023-24709CVE-2023-27569open redirectinjectionCVE-2023-27087
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook