canonical ubuntu linux 18.10 vulnerabilities and exploits

(subscribe to this query)

An integer overflow in whoopsie prior to 0.2.52.5ubuntu0.1, 0.2.62ubuntu0.1, 0.2.64ubuntu0.1, 0.2.66, results in an out-of-bounds write to a heap allocated buffer when processing large crash dumps. This results in a crash or possible code-execution in the context of the whoopsie ...

Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 18.10 Canonical Ubuntu Linux 19.04

The Linux kernel, as used in Ubuntu 18.04 LTS and Ubuntu 18.10, allows local users to obtain names of files in which they would not normally be able to access via an overlayfs mount inside of a user namespace.

Linux Linux Kernel -Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 18.10

In the Linux kernel 4.15.x up to and including 4.19.x prior to 4.19.2, map_write() in kernel/user_namespace.c allows privilege escalation because it mishandles nested user namespaces with more than 5 UID or GID ranges. A user who has CAP_SYS_ADMIN in an affected user namespace ca...

Linux Linux Kernel Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 18.10

5 EDB exploits6 Github repositories

A vulnerability in the seccomp filters of Canonical snapd before version 2.37.4 allows a strict mode snap to insert characters into a terminal on a 64-bit host. The seccomp rules were generated to match 64-bit ioctl(2) commands on a 64-bit platform; however, the Linux kernel only...

Canonical Snapd Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 18.10

1 EDB exploit

Canonical snapd before version 2.37.1 incorrectly performed socket owner validation, allowing an malicious user to run arbitrary commands as root. This issue affects: Canonical snapd versions before 2.37.1.

Canonical Snapd Canonical Ubuntu Linux 14.04 Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 18.10

2 EDB exploits5 Github repositories1 Article

A flaw was found in the Linux kernel's handle_rx() function in the [vhost_net] driver. A malicious virtual guest, under specific conditions, can trigger an out-of-bounds write in a kmalloc-8 slab on a virtual host which may lead to a kernel memory corruption and a system pan...

Linux Linux Kernel Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 18.10

In the Linux Kernel prior to 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.

Linux Linux Kernel Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 18.10

3 Github repositories

In memcached prior to 1.5.14, a NULL pointer dereference was found in the "lru mode" and "lru temp_ttl" commands. This causes a denial of service when parsing crafted lru command messages in process_lru_command in memcached.c.

Memcached Memcached Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 18.10 Canonical Ubuntu Linux 19.04

A flaw was found in the way civetweb frontend was handling requests for ceph RGW server with SSL enabled. An unauthenticated attacker could create multiple connections to ceph RADOS gateway to exhaust file descriptors for ceph-radosgw service resulting in a remote denial of servi...

Ceph Civetweb Canonical Ubuntu Linux 16.04 Canonical Ubuntu Linux 18.10 Canonical Ubuntu Linux 19.04

GnuPG version 2.1.12 - 2.2.11 contains a Cross ite Request Forgery (CSRF) vulnerability in dirmngr that can result in Attacker controlled CSRF, Information Disclosure, DoS. This attack appear to be exploitable via Victim must perform a WKD request, e.g. enter an email address in ...

Gnupg Gnupg Canonical Ubuntu Linux 18.04 Canonical Ubuntu Linux 18.10

1 2 3 4 5 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook