Vulnerabilities > Canonical > Ubuntu Linux > 20.04
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-06-04 | CVE-2021-3489 | Out-of-bounds Write vulnerability in multiple products The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf size, allowing an attacker to perform out-of-bounds writes within the kernel and therefore, arbitrary code execution. | 7.2 |
2021-06-04 | CVE-2021-3490 | Out-of-bounds Write vulnerability in multiple products The eBPF ALU32 bounds tracking for bitwise ops (AND, OR and XOR) in the Linux kernel did not properly update 32-bit bounds, which could be turned into out of bounds reads and writes in the Linux kernel and therefore, arbitrary code execution. | 7.2 |
2021-06-04 | CVE-2021-3491 | Out-of-bounds Write vulnerability in multiple products The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to negative values being usedin mem_rw when reading /proc/<PID>/mem. | 7.2 |
2021-04-26 | CVE-2020-15078 | Missing Authentication for Critical Function vulnerability in multiple products OpenVPN 2.5.1 and earlier versions allows a remote attackers to bypass authentication and access control channel data on servers configured with deferred authentication, which can be used to potentially trigger further information leaks. | 7.5 |
2021-04-17 | CVE-2021-3493 | Incorrect Authorization vulnerability in Canonical Ubuntu Linux The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. | 7.8 |
2021-03-23 | CVE-2021-3444 | Incorrect Conversion between Numeric Types vulnerability in multiple products The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. | 4.6 |
2021-03-20 | CVE-2020-27171 | Off-by-one Error vulnerability in multiple products An issue was discovered in the Linux kernel before 5.11.8. | 6.0 |
2021-03-20 | CVE-2020-27170 | Information Exposure Through Discrepancy vulnerability in multiple products An issue was discovered in the Linux kernel before 5.11.8. | 4.7 |
2021-03-07 | CVE-2021-27364 | Out-of-bounds Read vulnerability in multiple products An issue was discovered in the Linux kernel through 5.11.3. | 3.6 |
2021-02-10 | CVE-2020-16120 | Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. | 2.1 |