Vulnerabilities > Canonical > Ubuntu Linux > 18.04
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-04-13 | CVE-2020-11736 | Link Following vulnerability in multiple products fr-archive-libarchive.c in GNOME file-roller through 3.36.1 allows Directory Traversal during extraction because it lacks a check of whether a file's parent is a symlink to a directory outside of the intended extraction location. | 3.3 |
| 2020-04-10 | CVE-2020-8832 | Information Exposure vulnerability in multiple products The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information. | 5.5 |
| 2020-04-09 | CVE-2020-8834 | Race Condition vulnerability in multiple products KVM in the Linux kernel on Power8 processors has a conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry plus in kvmppc_{save,restore}_tm, leading to a stack corruption. | 6.5 |
| 2020-04-09 | CVE-2020-11655 | Improper Initialization vulnerability in multiple products SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled. | 5.0 |
| 2020-04-07 | CVE-2020-11609 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in the stv06xx subsystem in the Linux kernel before 5.6.1. | 4.9 |
| 2020-04-07 | CVE-2020-11608 | NULL Pointer Dereference vulnerability in multiple products An issue was discovered in the Linux kernel before 5.6.1. | 4.9 |
| 2020-04-06 | CVE-2020-11565 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel through 5.6.2. | 6.0 |
| 2020-04-02 | CVE-2020-11494 | Missing Initialization of Resource vulnerability in multiple products An issue was discovered in slc_bump in drivers/net/can/slcan.c in the Linux kernel 3.16 through 5.6.2. | 2.1 |
| 2020-04-02 | CVE-2020-8835 | Out-of-bounds Write vulnerability in multiple products In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. | 7.8 |
| 2020-04-02 | CVE-2020-11100 | Out-of-bounds Write vulnerability in multiple products In hpack_dht_insert in hpack-tbl.c in the HPACK decoder in HAProxy 1.8 through 2.x before 2.1.4, a remote attacker can write arbitrary bytes around a certain location on the heap via a crafted HTTP/2 request, possibly causing remote code execution. | 8.8 |