Vulnerabilities > Canonical > Ubuntu Linux > High

DATE CVE VULNERABILITY TITLE RISK
2022-03-23 CVE-2021-3748 Use After Free vulnerability in multiple products
A use-after-free vulnerability was found in the virtio-net device of QEMU.
7.5
2022-03-04 CVE-2021-3737 Infinite Loop vulnerability in multiple products
A flaw was found in python.
7.5
2022-03-03 CVE-2021-3640 A flaw use-after-free in function sco_sock_sendmsg() of the Linux kernel HCI subsystem was found in the way user calls ioct UFFDIO_REGISTER or other way triggers race condition of the call sco_conn_del() together with the call sco_sock_sendmsg() with the expected controllable faulting memory page.
local
high complexity
linux debian fedoraproject canonical netapp
7.0
2022-03-03 CVE-2022-0492 Missing Authorization vulnerability in multiple products
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function.
7.8
2022-02-21 CVE-2021-44142 Out-of-bounds Write vulnerability in multiple products
The Samba vfs_fruit module uses extended file attributes (EA, xattr) to provide "...enhanced compatibility with Apple SMB clients and interoperability with a Netatalk 3 AFP fileserver." Samba versions prior to 4.13.17, 4.14.12 and 4.15.5 with vfs_fruit configured allow out-of-bounds heap read and write via specially crafted extended file attributes.
8.8
2022-02-18 CVE-2020-25717 Improper Input Validation vulnerability in multiple products
A flaw was found in the way Samba maps domain users to local users.
network
low complexity
samba debian fedoraproject redhat canonical CWE-20
8.1
2022-02-18 CVE-2020-25719 Race Condition vulnerability in multiple products
A flaw was found in the way Samba, as an Active Directory Domain Controller, implemented Kerberos name-based authentication.
7.2
2022-02-18 CVE-2020-25722 Incorrect Authorization vulnerability in multiple products
Multiple flaws were found in the way samba AD DC implemented access and conformance checking of stored data.
network
low complexity
samba debian fedoraproject canonical CWE-863
8.8
2022-02-18 CVE-2021-4093 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the KVM's AMD code for supporting the Secure Encrypted Virtualization-Encrypted State (SEV-ES).
local
low complexity
linux redhat fedoraproject canonical CWE-787
8.8
2022-02-17 CVE-2021-44730 Link Following vulnerability in multiple products
snapd 2.54.2 did not properly validate the location of the snap-confine binary.
local
low complexity
canonical fedoraproject debian CWE-59
8.8