VYPR

Linux

by Ubuntu

CVEs (83)

  • CVE-2026-47333HigMay 28, 2026
    risk 0.51cvss 7.8epss 0.00

    Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which can potentially incorrectly compute the size of an internal buffer, leading to a heap memory out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can…

  • CVE-2026-47331HigMay 28, 2026
    risk 0.51cvss 7.8epss 0.00

    Ubuntu Linux 6.8 contains AppArmor SAUCE patches which fail to acquire a lock when modifying a linked list. An unprivileged local user could trigger the race condition that can lead to a use-after-free (UAF) and, theoretically, arbitrary code execution.

  • CVE-2026-47328MedMay 28, 2026
    risk 0.40cvss 6.1epss 0.00

    Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly attempt to free a pointer which was not previously kmalloc()d, while at the same time leaking allocated memory. The bug can be triggered by an unprivileged local user and can result in the corruption…

  • CVE-2026-47335MedMay 28, 2026
    risk 0.36cvss 5.5epss 0.00

    Ubuntu Linux 6.8 contains SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel panic.

  • CVE-2026-47334MedMay 28, 2026
    risk 0.36cvss 5.5epss 0.00

    Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.

  • CVE-2026-47332MedMay 28, 2026
    risk 0.36cvss 5.5epss 0.00

    Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly validate the size of an internal structure, leading to an out-of-bounds read in notification handling code. The bug can be triggered by an unprivileged local user and can result in information…

  • CVE-2026-47326MedMay 28, 2026
    risk 0.36cvss 5.5epss 0.00

    Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.

  • CVE-2006-5648MedDec 14, 2006
    risk 0.36cvss 5.5epss 0.00

    Ubuntu Linux 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (resource consumption) by using the (1) sys_get_robust_list and (2) sys_set_robust_list functions to create processes that cannot be killed.

  • CVE-2006-5649MedDec 14, 2006
    risk 0.36cvss 5.5epss 0.00

    Unspecified vulnerability in the "alignment check exception handling" in Ubuntu 5.10, 6.06 LTS, and 6.10 for the PowerPC (PPC) allows local users to cause a denial of service (kernel panic) via unspecified vectors.

  • CVE-2005-0109MedMar 5, 2005
    risk 0.36cvss 5.6epss 0.01

    Hyper-Threading technology, as used in FreeBSD and other operating systems that are run on Intel Pentium and other processors, allows local users to use a malicious thread to create covert channels, monitor the execution of other threads, and obtain sensitive information such as…

  • CVE-2026-47337LowMay 28, 2026
    risk 0.21cvss 3.3epss 0.00

    Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AF_INET/AF_INET6 socket mediation. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.

  • CVE-2026-47330LowMay 28, 2026
    risk 0.21cvss 3.3epss 0.00

    Ubuntu Linux 6.8, 7.17 and 7.0 contain AppArmor SAUCE patches which can, under certain circumstances, use an uninitialized variable in notification handling code. The bug can be triggered by an unprivileged local user and can result in the incorrect caching of AppArmor…

  • CVE-2026-47329LowMay 28, 2026
    risk 0.21cvss 3.3epss 0.00

    Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches which fail to validate invalid sizes of the name field in AppAmor notification responses. The bug can be triggered by an unprivileged local user and could result in handling of crafted responses.

  • CVE-2026-47327LowMay 28, 2026
    risk 0.21cvss 3.3epss 0.00

    Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a possible NULL pointer dereference in the handling of AppArmor notifications. The bug can be triggered by an unprivileged local user. This can lead to a kernel oops.

  • CVE-2007-5365Oct 11, 2007
    risk 0.09cvss epss 0.80

    Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2, and some other dhcpd implementations based on ISC dhcp-2, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request…

  • CVE-2004-0989Mar 1, 2005
    risk 0.05cvss epss 0.22

    Multiple buffer overflows in libXML 2.6.12 and 2.6.13 (libxml2), and possibly other versions, may allow remote attackers to execute arbitrary code via (1) a long FTP URL that is not properly handled by the xmlNanoFTPScanURL function, (2) a long proxy URL containing FTP data that…

  • CVE-2004-1137Jan 10, 2005
    risk 0.05cvss epss 0.21

    Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the…

  • CVE-2011-4613Feb 5, 2014
    risk 0.03cvss epss 0.01

    The X.Org X wrapper (xserver-wrapper.c) in Debian GNU/Linux and Ubuntu Linux does not properly verify the TTY of a user who is starting X, which allows local users to bypass intended access restrictions by associating stdin with a file that is misinterpreted as the console TTY.

  • CVE-2006-1183Mar 13, 2006
    risk 0.03cvss epss 0.03

    The Ubuntu 5.10 installer does not properly clear passwords from the installer log file (questions.dat), and leaves the log file with world-readable permissions, which allows local users to gain privileges.

  • CVE-2004-1235Apr 14, 2005
    risk 0.03cvss epss 0.03

    Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.

Page 1 of 5