4147 results (0.007 seconds)

CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0

Ubuntu's implementation of pulseaudio can be crashed by a malicious program if a bluetooth headset is connected. • https://bugs.launchpad.net/ubuntu/+source/pulseaudio/+bug/2078822 https://www.cve.org/CVERecord?id=CVE-2024-11586 • CWE-404: Improper Resource Shutdown or Release •

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 0

An issue was discovered in provd before version 0.1.5 with a setuid binary, which allows a local attacker to escalate their privilege. Se descubrió un problema en provd anterior a la versión 0.1.5 con un binario setuid, que permite a un atacante local escalar sus privilegios. • https://bugs.launchpad.net/ubuntu/+source/provd/+bug/2071574 https://github.com/canonical/ubuntu-desktop-provision/commit/8d9086de0f82894ff27a9e429ff4f45231020092 https://www.cve.org/CVERecord?id=CVE-2024-6714 • CWE-73: External Control of File Name or Path •

CVSS: 8.1EPSS: 0%CPEs: 54EXPL: 44

A security regression (CVE-2006-5051) was discovered in OpenSSH's server (sshd). There is a race condition which can lead sshd to handle some signals in an unsafe manner. An unauthenticated, remote attacker may be able to trigger it by failing to authenticate within a set time period. Se encontró una condición de ejecución del controlador de señales en el servidor de OpenSSH (sshd), donde un cliente no se autentica dentro de los segundos de LoginGraceTime (120 de forma predeterminada, 600 en versiones anteriores de OpenSSH), luego se llama al controlador SIGALRM de sshd de forma asincrónica. Sin embargo, este controlador de señales llama a varias funciones que no son seguras para señales asíncronas, por ejemplo, syslog(). • https://github.com/l0n3m4n/CVE-2024-6387 https://github.com/thegenetic/CVE-2024-6387-exploit https://github.com/d0rb/CVE-2024-6387 https://github.com/devarshishimpi/CVE-2024-6387-Check https://github.com/AiGptCode/ssh_exploiter_CVE-2024-6387 https://github.com/Symbolexe/CVE-2024-6387 https://github.com/xonoxitron/regreSSHion https://github.com/PrincipalAnthony/CVE-2024-6387-Updated-x64bit https://github.com/4lxprime/regreSSHive https://github.com/shamo0/CVE-2024-6387_PoC https:&# • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') CWE-364: Signal Handler Race Condition •

CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0

Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon, before version 1.12, leaks the Pro token to unprivileged users by passing the token as an argument in plaintext. • https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/2068944 https://github.com/canonical/ubuntu-advantage-desktop-daemon/pull/24 https://www.cve.org/CVERecord?id=CVE-2024-6388 • CWE-497: Exposure of Sensitive System Information to an Unauthorized Control Sphere •

CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0

An insecure default to allow UEFI Shell in EDK2 was left enabled in Ubuntu's EDK2. This allows an OS-resident attacker to bypass Secure Boot. Un valor predeterminado inseguro para permitir UEFI Shell en EDK2 se dejó habilitado en EDK2 de Ubuntu. Esto permite que un atacante residente en el sistema operativo omita el arranque seguro. • https://bugs.launchpad.net/ubuntu/+source/edk2/+bug/2040137 https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/2040139 https://lists.debian.org/debian-lts-announce/2024/06/msg00028.html https://nvd.nist.gov/vuln/detail/CVE-2023-48733 https://www.openwall.com/lists/oss-security/2024/02/14/4 •