Canonical: >> Ubuntu Linux >> 21.10 Security Vulnerabilities
is_closing_session() allows users to consume RAM in the Apport process
CVSS Score
5.5
EPSS Score
0.0
Published
2024-06-04
Apport does not disable python crash handler before entering chroot
CVSS Score
7.8
EPSS Score
0.001
Published
2024-06-04
Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing
CVSS Score
5.5
EPSS Score
0.0
Published
2024-06-04
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack
CVSS Score
5.5
EPSS Score
0.0
Published
2024-06-04
is_closing_session() allows users to fill up apport.log
CVSS Score
5.5
EPSS Score
0.0
Published
2024-06-04
is_closing_session() allows users to create arbitrary tcp dbus connections
CVSS Score
7.1
EPSS Score
0.0
Published
2024-06-04
Apport can be tricked into connecting to arbitrary sockets as the root user
CVSS Score
7.8
EPSS Score
0.001
Published
2024-06-03
There is a race condition in the 'replaced executable' detection that, with the correct local configuration, allow an attacker to execute arbitrary code as root.
CVSS Score
7.8
EPSS Score
0.031
Published
2024-06-03
A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password.
CVSS Score
5.0
EPSS Score
0.0
Published
2023-12-12
Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-04-19
Page 1