CVE reports
The Common Vulnerabilities and Exposures (CVE) system is used to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. Canonical keeps track of all CVEs affecting Ubuntu, and releases a security notice when an issue is fixed. You can find additional guidance for high-profile vulnerabilities in the Ubuntu Vulnerability Knowledge Base section
Search CVEs
By Ubuntu release
Recent CVEs
In the Linux kernel, the following vulnerability has been resolved: fs/omfs: reject s_sys_blocksize smaller than OMFS_DIR_START omfs_fill_super() rejects oversized s_sys_blocksize values (> PAGE_SIZE), but it does not reject...
160 affected packages
linux, linux-hwe, linux-hwe-5.4, linux-hwe-5.8, linux-hwe-5.11...
[Unknown description]
3 affected packages
containerd, containerd-app, containerd-stable
[Unknown description]
3 affected packages
containerd, containerd-app, containerd-stable
Some fixes available 12 of 13
[Unknown description]
3 affected packages
containerd, containerd-app, containerd-stable
[Unknown description]
3 affected packages
containerd, containerd-app, containerd-stable
Resources
Join the discussion
Ubuntu Pro
Up to 15 years of security coverage for Ubuntu and your full stack of open-source applications and toolchains.
Get Ubuntu Pro 30-day free trialFrom our blog
- Ubuntu Explained: How to ensure security and stability in cloud instances—part 3
- Ubuntu Explained: How to ensure security and stability in cloud instances—part 2
- Running OpenSSL 1.1.1 after EOL? Stay secure with Ubuntu Pro.
- Restricted unprivileged user namespaces are coming to Ubuntu 23.10
- Securing open source software dependencies in the public cloud