This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Canonical First view 2020-08-27
Product Ubuntu Linux Last view 2021-04-17
Version 20.04 Type Os
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:o:canonical:ubuntu_linux

Activity : Overall

Related : CVE

  Date Alert Description
7.8 2021-04-17 CVE-2021-3493

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.

7.8 2021-04-17 CVE-2021-3492

Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (kernel memory exhaustion) or gain privileges via executing arbitrary code. AKA ZDI-CAN-13562.

3.3 2020-08-27 CVE-2020-14415

oss_write in audio/ossaudio.c in QEMU before 5.0.0 mishandles a buffer position.

CWE : Common Weakness Enumeration

%idName
25% (1) CWE-415 Double Free
25% (1) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
25% (1) CWE-369 Divide By Zero
25% (1) CWE-269 Improper Privilege Management