Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
canonical ubuntu linux vulnerabilities and exploits
(subscribe to this query)
10
CVSSv3
CVE-2023-1523
Using the TIOCLINUX ioctl request, a malicious snap could inject contents into the input of the controlling terminal which could allow it to cause arbitrary commands to be executed outside of the snap sandbox after the snap exits. Graphical terminal emulators like xterm, gnome-te...
Canonical Snapd
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
Canonical Ubuntu Linux 23.04
NA
CVE-2010-2946
fs/jfs/xattr.c in the Linux kernel prior to 2.6.35.2 does not properly handle a certain legacy format for storage of extended attributes, which might allow local users by bypass intended xattr namespace restrictions via an "os2." substring at the beginning of a name.
Linux Linux Kernel
Canonical Ubuntu Linux 10.10
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 9.10
7.8
CVSSv3
CVE-2016-1575
The overlayfs implementation in the Linux kernel up to and including 4.5.2 does not properly maintain POSIX ACL xattr data, which allows local users to gain privileges by leveraging a group-writable setgid directory.
Linux Linux Kernel
Canonical Ubuntu Touch 15.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 16.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Core 15.04
1 EDB exploit
7.8
CVSSv3
CVE-2016-1576
The overlayfs implementation in the Linux kernel up to and including 4.5.2 does not properly restrict the mount namespace, which allows local users to gain privileges by mounting an overlayfs filesystem on top of a FUSE filesystem, and then executing a crafted setuid program.
Canonical Ubuntu Core 15.04
Canonical Ubuntu Touch 15.04
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 14.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 15.10
Canonical Ubuntu Linux 16.10
Linux Linux Kernel
1 EDB exploit
7
CVSSv3
CVE-2022-3328
Race condition in snap-confine's must_mkdir_and_open_with_perms()
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 22.04
Canonical Ubuntu Linux 22.10
Canonical Snapd
1 Github repository
5.5
CVSSv3
CVE-2021-32550
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-14 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
5.5
CVSSv3
CVE-2021-32555
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg-hwe-18.04 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
NA
CVE-2013-1060
A certain Ubuntu build procedure for perf, as distributed in the Linux kernel packages in Ubuntu 10.04 LTS, 12.04 LTS, 12.10, 13.04, and 13.10, sets the HOME environment variable to the ~buildd directory and consequently reads the system configuration file from the ~buildd direct...
Canonical Ubuntu Linux 13.04
Canonical Ubuntu Linux 12.10
Canonical Ubuntu Linux 12.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 13.10
5.5
CVSSv3
CVE-2021-32551
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-15 package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
5.5
CVSSv3
CVE-2021-32554
It exists that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the xorg package apport hooks, it could expose private data to other local users.
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 20.04
Canonical Ubuntu Linux 20.10
Canonical Ubuntu Linux 21.04
Canonical Ubuntu Linux 21.10
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
NEXT »