Canonical Ubuntu Linux 6.06.1 LTS Edition

CPE Details

Canonical Ubuntu Linux 6.06.1 LTS Edition
canonical
ubuntu_linux
6.06.1
2019-01-24
15h07 +00:00
2019-01-24
15h07 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:o:canonical:ubuntu_linux:6.06.1:*:*:*:lts:*:*:*

Informations

Vendor

canonical

Product

ubuntu_linux

Version

6.06.1

Software Edition

lts

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-5536 2023-12-12
01h51 +00:00		 A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password.
6.4
Medium
CVE-2021-3493 2021-04-17
04h20 +00:00		 The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
8.8
High
CVE-2021-3492 2021-04-17
04h20 +00:00		 Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free situation or memory not being freed at all. An attacker could use this to cause a denial of service (kernel memory exhaustion) or gain privileges via executing arbitrary code. AKA ZDI-CAN-13562.
8.8
High
CVE-2017-9525 2017-06-09
14h00 +00:00		 In the cron package through 3.0pl1-128 on Debian, and through 3.0pl1-128ubuntu2 on Ubuntu, the postinst maintainer script allows for group-crontab-to-root privilege escalation via symlink attacks against unsafe usage of the chown and chmod programs.
6.7
Medium
CVE-2016-9949 2016-12-17
02h34 +00:00		 An issue was discovered in Apport before 2.20.4. In apport/ui.py, Apport reads the CrashDB field and it then evaluates the field as Python code if it begins with a "{". This allows remote attackers to execute arbitrary Python code.
7.8
High
CVE-2016-9950 2016-12-17
02h34 +00:00		 An issue was discovered in Apport before 2.20.4. There is a path traversal issue in the Apport crash file "Package" and "SourcePackage" fields. These fields are used to build a path to the package specific hook files in the /usr/share/apport/package-hooks/ directory. An attacker can exploit this path traversal to execute arbitrary Python files from the local system.
7.8
High
CVE-2015-1328 2016-11-28
02h01 +00:00		 The overlayfs implementation in the linux (aka Linux kernel) package before 3.19.0-21.21 in Ubuntu through 15.04 does not properly check permissions for file creation in the upper filesystem directory, which allows local users to obtain root access by leveraging a configuration in which overlayfs is permitted in an arbitrary mount namespace.
7.8
High