Canonical Ltd. - CVE CyberSecurity Database News

Jun 4, 2024 Canonical Ltd. apport

CVE-2022-28652 - Apport's ~/.config/apport/settings Parsing Vulnerability to "Billion Laughs" Attack

A newly discovered vulnerability, CVE-2022-28652, affects the parsing of the ~/.config/apport/settings file in Apport, the default crash reporting tool in many Linux distributions,

Jan 8, 2024 Exploit Canonical Ltd. snapd

CVE-2022-3328: Unpacking a Critical Race Condition in Snap-confine's must_mkdir_and_open_with_perms() Function

Security vulnerabilities can leave systems exposed to attacks, potentially compromising sensitive data and leading to unexpected behavior. One such vulnerability, CVE-2022-3328, has recently been identified

Oct 7, 2023 Exploit Canonical Ltd. subiquity

CVE-2023-5182: Sensitive Data Exposure in Subiquity Logs Leads to Privilege Escalation

Privacy and security are at the forefront of modern technology. As we continue to rely on software to perform more and more essential tasks, it

CVE-2023-1523: Exploiting the TIOCLINUX ioctl Request to Execute Arbitrary Commands Outside of Snap Sandbox

Sep 1, 2023 Exploit Canonical Ltd. snapd

CVE-2023-1523: Exploiting the TIOCLINUX ioctl Request to Execute Arbitrary Commands Outside of Snap Sandbox

In today's post, we will be discussing CVE-2023-1523 - a recently discovered vulnerability that impacts the handling of TIOCLINUX ioctl request in malicious

Apr 26, 2023 Exploit Canonical Ltd.

CVE-2023-1786: Unveiling Sensitive Data Exposure Vulnerability in Cloud-init Logs before Version 23.1.2

In this long-read post, we'll dive deep into a vulnerability named "CVE-2023-1786" discovered in cloud-init before version 23.1.2. This