Vulnerabilities > Canonical > Ubuntu Linux > 17.10
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-12-12 | CVE-2023-5536 | Incorrect Default Permissions vulnerability in Canonical Ubuntu Linux A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password. | 6.4 |
| 2021-04-17 | CVE-2021-3493 | Incorrect Authorization vulnerability in Canonical Ubuntu Linux The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. | 7.8 |
| 2021-04-17 | CVE-2021-3492 | Memory Leak vulnerability in Canonical Ubuntu Linux Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. | 7.8 |
| 2019-01-16 | CVE-2018-5733 | Integer Overflow or Wraparound vulnerability in multiple products A malicious client which is allowed to send very large amounts of traffic (billions of packets) to a DHCP server can eventually overflow a 32-bit reference counter, potentially causing dhcpd to crash. | 7.5 |
| 2019-01-16 | CVE-2017-3144 | Resource Exhaustion vulnerability in multiple products A vulnerability stemming from failure to properly clean up closed OMAPI connections can lead to exhaustion of the pool of socket descriptors available to the DHCP server. | 7.5 |
| 2019-01-11 | CVE-2018-4181 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. | 5.5 |
| 2019-01-11 | CVE-2018-4180 | In macOS High Sierra before 10.13.5, an issue existed in CUPS. | 7.8 |
| 2018-12-07 | CVE-2018-5802 | Out-of-bounds Read vulnerability in multiple products An error within the "kodak_radc_load_raw()" function (internal/dcraw_common.cpp) related to the "buf" variable in LibRaw versions prior to 0.18.7 can be exploited to cause an out-of-bounds read memory access and subsequently cause a crash. | 8.8 |
| 2018-12-07 | CVE-2018-5801 | NULL Pointer Dereference vulnerability in multiple products An error within the "LibRaw::unpack()" function (src/libraw_cxx.cpp) in LibRaw versions prior to 0.18.7 can be exploited to trigger a NULL pointer dereference. | 6.5 |
| 2018-12-07 | CVE-2018-5800 | Off-by-one Error vulnerability in multiple products An off-by-one error within the "LibRaw::kodak_ycbcr_load_raw()" function (internal/dcraw_common.cpp) in LibRaw versions prior to 0.18.7 can be exploited to cause a heap-based buffer overflow and subsequently cause a crash. | 6.5 |