Canonical: >> Ubuntu Linux >> 22.04 Security Vulnerabilities
Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing
CVSS Score
5.5
EPSS Score
0.0
Published
2024-06-04
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack
CVSS Score
5.5
EPSS Score
0.0
Published
2024-06-04
is_closing_session() allows users to fill up apport.log
CVSS Score
5.5
EPSS Score
0.0
Published
2024-06-04
is_closing_session() allows users to create arbitrary tcp dbus connections
CVSS Score
7.1
EPSS Score
0.0
Published
2024-06-04
Apport can be tricked into connecting to arbitrary sockets as the root user
CVSS Score
7.8
EPSS Score
0.001
Published
2024-06-03
There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root.
CVSS Score
7.8
EPSS Score
0.031
Published
2024-06-03
Heap buffer overflow in WebRTC in Google Chrome prior to 125.0.6422.141 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)
CVSS Score
8.8
EPSS Score
0.007
Published
2024-05-30
The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551bab and fixed in 649c15c7691e9b13cbe9bf6c65c365350e056067.
CVSS Score
4.7
EPSS Score
0.0
Published
2024-01-08
io_uring UAF, Unix SCM garbage collection
CVSS Score
5.3
EPSS Score
0.011
Published
2024-01-08
Race condition in snap-confine's must_mkdir_and_open_with_perms()
CVSS Score
7.8
EPSS Score
0.001
Published
2024-01-08