Canonical: >> Ubuntu Linux >> 21.10 Security Vulnerabilities
is_closing_session() allows users to consume RAM in the Apport process
CVSS Score
5.5
EPSS Score
0.0
Published
2024-06-04
Apport does not disable python crash handler before entering chroot
CVSS Score
7.8
EPSS Score
0.0
Published
2024-06-04
Apport argument parsing mishandles filename splitting on older kernels resulting in argument spoofing
CVSS Score
5.5
EPSS Score
0.0
Published
2024-06-04
~/.config/apport/settings parsing is vulnerable to "billion laughs" attack
CVSS Score
5.5
EPSS Score
0.0
Published
2024-06-04
is_closing_session() allows users to fill up apport.log
CVSS Score
5.5
EPSS Score
0.0
Published
2024-06-04
is_closing_session() allows users to create arbitrary tcp dbus connections
CVSS Score
7.1
EPSS Score
0.0
Published
2024-06-04
A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password.
CVSS Score
5.0
EPSS Score
0.0
Published
2023-12-12
Sensitive data could be exposed in world readable logs of cloud-init before version 22.3 when schema failures are reported. This leak could include hashed passwords.
CVSS Score
5.5
EPSS Score
0.0
Published
2023-04-19
A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection could use this flaw to perform a denial of service attack by causing the libvirt daemon to crash.
CVSS Score
6.5
EPSS Score
0.003
Published
2022-08-23
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.
CVSS Score
7.5
EPSS Score
0.001
Published
2022-08-23
Page 1