Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical ubuntu linux 22.04 vulnerabilities and exploits
(subscribe to this query)
4.7
CVSSv3
CVE-2023-2612
Jean-Baptiste Cayrou discovered that the shiftfs file system in the Ubuntu Linux kernel contained a race condition when handling inode locking in some situations. A local attacker could use this to cause a denial of service (kernel deadlock).
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
7.8
CVSSv3
CVE-2022-2585
It exists that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free.
Linux Linux Kernel
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 22.04
1 Github repository
7.8
CVSSv3
CVE-2023-3297
In Ubuntu's accountsservice an unprivileged local attacker can trigger a use-after-free vulnerability in accountsservice by sending a D-Bus message to the accounts-daemon process.
Canonical Accountsservice
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
Canonical Ubuntu Linux 23.04
7.8
CVSSv3
CVE-2023-1326
A privilege escalation attack was found in apport-cli 2.26.0 and previous versions which is similar to CVE-2023-26604. If a system is specially configured to allow unprivileged users to run sudo apport-cli, less is configured as the pager, and the terminal size can be set: a loca...
Canonical Apport
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
5 Github repositories
7
CVSSv3
CVE-2022-2602
io_uring UAF, Unix SCM garbage collection
Linux Linux Kernel
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
2 Github repositories
5.5
CVSSv3
CVE-2022-2084
Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.
Canonical Cloud-init
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.10
Canonical Ubuntu Linux 22.04
7
CVSSv3
CVE-2022-3328
Race condition in snap-confine's must_mkdir_and_open_with_perms()
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
Canonical Snapd
1 Github repository
5.5
CVSSv3
CVE-2022-28652
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack
Apport Project Apport
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 21.10
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
5.5
CVSSv3
CVE-2022-28654
is_closing_session() allows users to fill up apport.log
Apport Project Apport
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 21.10
7.1
CVSSv3
CVE-2022-28655
is_closing_session() allows users to create arbitrary tcp dbus connections
Apport Project Apport
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 21.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
deserialization
CVE-2024-4541
CVE-2024-3080
CVE-2024-4787
log injection
CVE-2024-5967
inject
CVE-2024-30078
CVE-2024-5899
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »