Vulnerabilities > Canonical > Ubuntu Linux > High

DATE CVE VULNERABILITY TITLE RISK
2017-12-20 CVE-2017-17785 Out-of-bounds Write vulnerability in multiple products
In GIMP 2.8.22, there is a heap-based buffer overflow in the fli_read_brun function in plug-ins/file-fli/fli.c.
local
low complexity
gimp debian canonical CWE-787
7.8
2017-12-20 CVE-2017-17784 Out-of-bounds Read vulnerability in multiple products
In GIMP 2.8.22, there is a heap-based buffer over-read in load_image in plug-ins/common/file-gbr.c in the gbr import parser, related to mishandling of UTF-8 data.
local
low complexity
gimp debian canonical CWE-125
7.8
2017-12-11 CVE-2017-1000407 Improper Check for Unusual or Exceptional Conditions vulnerability in multiple products
The Linux Kernel 2.6.32 and later are affected by a denial of service, by flooding the diagnostic port 0x80 an exception can be triggered leading to a kernel panic.
7.4
2017-12-06 CVE-2017-13168 Incorrect Permission Assignment for Critical Resource vulnerability in multiple products
An elevation of privilege vulnerability in the kernel scsi driver.
local
low complexity
google canonical CWE-732
7.8
2017-12-05 CVE-2017-15868 Improper Input Validation vulnerability in multiple products
The bnep_add_connection function in net/bluetooth/bnep/core.c in the Linux kernel before 3.19 does not ensure that an l2cap socket is available, which allows local users to gain privileges via a crafted application.
local
low complexity
linux canonical debian CWE-20
7.8
2017-12-01 CVE-2017-16612 Integer Overflow or Wraparound vulnerability in multiple products
libXcursor before 1.1.15 has various integer overflows that could lead to heap buffer overflows when processing malicious cursors, e.g., with programs like GIMP.
network
low complexity
debian canonical x CWE-190
7.5
2017-11-27 CVE-2017-15275 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Samba before 4.7.3 might allow remote attackers to obtain sensitive information by leveraging failure of the server to clear allocated heap memory.
network
low complexity
samba redhat debian canonical CWE-119
7.5
2017-11-27 CVE-2017-14176 Bazaar through 2.7.0, when Subprocess SSH is used, allows remote attackers to execute arbitrary commands via a bzr+ssh URL with an initial dash character in the hostname, a related issue to CVE-2017-9800, CVE-2017-12836, CVE-2017-12976, CVE-2017-16228, CVE-2017-1000116, and CVE-2017-1000117.
network
low complexity
debian canonical
8.8
2017-11-20 CVE-2017-16544 Code Injection vulnerability in multiple products
In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal.
network
low complexity
busybox debian vmware redlion canonical CWE-94
8.8
2017-11-15 CVE-2017-15115 Use After Free vulnerability in multiple products
The sctp_do_peeloff function in net/sctp/socket.c in the Linux kernel before 4.14 does not check whether the intended netns is used in a peel-off action, which allows local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via crafted system calls.
local
low complexity
linux debian suse canonical CWE-416
7.8