Vulnerabilities > Canonical > Ubuntu Linux > 21.10

DATE CVE VULNERABILITY TITLE RISK
2022-02-17 CVE-2021-3155 Incorrect Default Permissions vulnerability in Canonical Snapd
snapd 2.54.2 and earlier created ~/snap directories in user home directories without specifying owner-only permissions.
local
low complexity
canonical CWE-276
5.5
2022-02-17 CVE-2021-44730 Link Following vulnerability in multiple products
snapd 2.54.2 did not properly validate the location of the snap-confine binary.
local
low complexity
canonical fedoraproject debian CWE-59
8.8
2022-02-17 CVE-2021-44731 Race Condition vulnerability in multiple products
A race condition existed in the snapd 2.54.2 snap-confine binary when preparing a private mount namespace for a snap.
local
high complexity
canonical fedoraproject debian CWE-362
7.8
2022-02-17 CVE-2021-4120 Improper Input Validation vulnerability in multiple products
snapd 2.54.2 fails to perform sufficient validation of snap content interface and layout paths, resulting in the ability for snaps to inject arbitrary AppArmor policy rules via malformed content interface and layout declarations and hence escape strict snap confinement.
local
low complexity
canonical fedoraproject CWE-20
7.8
2022-01-31 CVE-2021-45079 NULL Pointer Dereference vulnerability in multiple products
In strongSwan before 5.9.5, a malicious responder can send an EAP-Success message too early without actually authenticating the client and (in the case of EAP methods with mutual authentication and EAP-only authentication for IKEv2) even without server authentication.
network
low complexity
strongswan debian fedoraproject canonical CWE-476
critical
9.1
2022-01-28 CVE-2021-4034 Out-of-bounds Write vulnerability in multiple products
A local privilege escalation vulnerability was found on polkit's pkexec utility.
7.8
2022-01-20 CVE-2021-45417 Out-of-bounds Write vulnerability in multiple products
AIDE before 0.17.4 allows local users to obtain root privileges via crafted file metadata (such as XFS extended attributes or tmpfs ACLs), because of a heap-based buffer overflow.
7.8
2021-12-08 CVE-2021-44420 In Django 2.2 before 2.2.25, 3.1 before 3.1.14, and 3.2 before 3.2.10, HTTP requests for URLs with trailing newlines could bypass upstream access control based on URL paths. 7.3
2021-11-17 CVE-2021-3939 Release of Invalid Pointer or Reference vulnerability in Canonical Accountsservice and Ubuntu Linux
Ubuntu-specific modifications to accountsservice (in patch file debian/patches/0010-set-language.patch) caused the fallback_locale variable, pointing to static storage, to be freed, in the user_change_language_authorized_cb function.
local
low complexity
canonical CWE-763
7.8
2021-06-12 CVE-2021-32547 Link Following vulnerability in Canonical Ubuntu Linux
It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs.
local
low complexity
canonical CWE-59
5.5