Software Detail
Title
CRITICAL
HIGH
MEDIUM
LOW
CVE
CWE
Number of items displayed
Ubuntu Number Of NVD 4062 CRITICAL 332 HIGH 1583 MEDIUM 1932 LOW 215
URL https://ubuntu.com/
Explanation A release without LTS is a normal release and provides support for 9 months after it is released.
LTS (Long Term Support) provides support for five years.
After the end of LTS, we also offer a service that provides extended support (about 5 years) for a fee.
Tag
  • Linux
Add Information URL
No Type Name URL
1 https://ubuntu.com/about/release-cycle
2 https://wiki.ubuntu.com/
3 https://wiki.ubuntu.com/Releases
4 https://ubuntu.com/licensing
5 https://ubuntu.com/security/notices
List Of Product  [ Click to show release history and vulnerability information ]
No Name Latest Version Release date Initial release Normal Support Security Support
Service Pack Support		 Extended
for a fee		 Critical High Medium Low
1 Ubuntu 23.04 23.04 April 24, 2023 April 24, 2023 April 30, 2024 1 3 2 0
2 Ubuntu 22.04 LTS 22.04.1 LTS April 21, 2022 April 21, 2022 April 30, 2027 April 30, 2032 1 21 7 0
3 Ubuntu 21.10 21.10 Oct. 14, 2021 Oct. 14, 2021 June 14, 2022 June 14, 2022 1 16 15 0
4 Ubuntu 21.04 21.04 April 22, 2021 April 22, 2021 Jan. 30, 2022 0 12 11 0
5 Ubuntu 20.10 20.10 Oct. 22, 2020 Oct. 22, 2020 July 30, 2021 0 5 13 1
6 Ubuntu 20.04 LTS 20.04.6 March 23, 2023 April 23, 2020 April 30, 2025 April 30, 2030 21 142 235 32
7 Ubuntu 19.10 Oct. 17, 2019 July 30, 2020 32 133 226 44
8 Ubuntu 19.04 April 18, 2019 Jan. 30, 2020 45 126 183 23
9 Ubuntu 18.10 Oct. 18, 2018 July 31, 2019 66 174 182 5
10 Ubuntu 18.04 LTS 18.04.6 Sept. 17, 2021 April 26, 2018 April 30, 2023 April 30, 2028 202 642 885 80
11 Ubuntu 17.10 Oct. 18, 2017 July 19, 2018 4 18 14 0
12 Ubuntu 17.04 April 13, 2017 July 20, 2017 4 18 14 0
13 Ubuntu 16.10 Oct. 13, 2016 July 28, 2016 6 24 8 0
14 Ubuntu 16.04 LTS 16.04.7 Aug. 13, 2020 April 21, 2016 April 30, 2021 April 30, 2024 237 850 1057 83
15 Ubuntu 15.10 Oct. 22, 2015 Feb. 4, 2016 19 148 162 24
16 Ubuntu 15.04 April 23, 2015 July 23, 2015 4 99 130 29
17 Ubuntu 14.10 Oct. 23, 2014 July 14, 2014 0 3 1 0
18 Ubuntu 14.04 LTS 14.04.6 March 7, 2019 April 17, 2014 April 30, 2019 April 30, 2022 212 841 1012 82
19 Ubuntu 13.10 Oct. 17, 2013 July 14, 2014 15 56 68 15
20 Ubuntu 13.04 April 25, 2013 Jan. 27, 2014 6 15 59 9
21 Ubuntu 12.04 LTS April 26, 2012 April 28, 2017 April 30, 2019 86 573 666 83
22 Ubuntu 11.10 Oct. 13, 2011 May 9, 2013 0 111 108 13
23 Ubuntu 11.04 April 28, 2011 Oct. 28, 2012 0 56 56 8
24 Ubuntu 10.10 Oct. 10, 2010 April 10, 2012 1 46 52 17
25 Ubuntu 9.10 Oct. 29, 2009 April 30, 2011 3 55 56 16
26 Ubuntu 9.04 April 23, 2009 Oct. 23, 2010 2 46 57 8
27 Ubuntu 8.10 Oct. 30, 2008 April 30, 2010 1 49 47 6
28 Ubuntu 8.04 LTS 8.04.4 Jan. 28, 2010 April 24, 2008 May 9, 2013 5 97 119 18
29 Ubuntu 7.10 Oct. 18, 2007 April 18, 2009 3 47 37 5
30 Ubuntu 7.04 April 19, 2007 Oct. 19, 2008 4 44 28 4
31 Ubuntu 6.10 Oct. 26, 2006 April 26, 2008 2 32 32 4
32 Ubuntu 5.10 Oct. 13, 2005 April 13, 2007 0 22 19 1
33 Ubuntu 5.04 April 8, 2005 Oct. 31, 2006 0 14 13 2
34 Ubuntu 4.10 Oct. 20, 2004 April 30, 2006 1 13 8 2
NVD Vulnerability Information
  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW
No CVSS3
CVSS2		 Level
Attach Vector		 Title CWE CVE cpe23Uri or higher or less more than less than Update date
Published date		 Show Affected Exploit
PoC
Search
1 5.5
- 		MEDIUM
Local 		The Linux kernel io_uring IORING_OP_SOCKET operation contained a double free in function __sys_socket_file() in file net/socket.c. This issue was introduced in da214a475f8bd1d3e9e7a19ddfeb4d1617551ba… CWE-415
 Double Free 		CVE-2023-1032 cpe:2.3:o:canonical:ubuntu_linux:22.10:*
cpe:2.3:o:canonical:ubuntu_linux:22.04:* 		2024-01-12 03:39
2024-01-9 		Show GitHub Exploit DB Packet Storm
2 7.8
- 		HIGH
Local 		It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use th… CWE-125
CWE-787
Out-of-bounds Read
 Out-of-bounds Write 		CVE-2021-3600 cpe:2.3:o:canonical:ubuntu_linux:18.04:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-01-12 03:40
2024-01-9 		Show GitHub Exploit DB Packet Storm
3 7.0
- 		HIGH
Local 		Race condition in snap-confine's must_mkdir_and_open_with_perms() CWE-362
Race Condition 		CVE-2022-3328 cpe:2.3:o:canonical:ubuntu_linux:22.10:*
cpe:2.3:o:canonical:ubuntu_linux:22.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-01-13 01:09
2024-01-9 		Show GitHub Exploit DB Packet Storm
4 7.0
- 		HIGH
Local 		io_uring UAF, Unix SCM garbage collection CWE-416
 Use After Free 		CVE-2022-2602 cpe:2.3:o:canonical:ubuntu_linux:22.10:*
cpe:2.3:o:canonical:ubuntu_linux:22.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-01-13 01:15
2024-01-9 		Show GitHub Exploit DB Packet Storm
5 7.8
- 		HIGH
Local 		It was discovered that the cls_route filter implementation in the Linux kernel would not remove an old filter from the hashtable before freeing it if its handle had the value 0. CWE-415
 Double Free 		CVE-2022-2588 cpe:2.3:o:canonical:ubuntu_linux:22.04:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-01-13 01:47
2024-01-9 		Show GitHub Exploit DB Packet Storm
6 7.8
- 		HIGH
Local 		It was discovered that a nft object or expression could reference a nft set on a different nft table, leading to a use-after-free once that table was deleted. CWE-416
 Use After Free 		CVE-2022-2586 cpe:2.3:o:canonical:ubuntu_linux:22.04:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-01-13 01:21
2024-01-9 		Show GitHub Exploit DB Packet Storm
7 7.8
- 		HIGH
Local 		It was discovered that when exec'ing from a non-leader thread, armed POSIX CPU timers would be left on a list but freed, leading to a use-after-free. CWE-416
 Use After Free 		CVE-2022-2585 cpe:2.3:o:canonical:ubuntu_linux:22.04:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:* 		2024-01-20 02:14
2024-01-9 		Show GitHub Exploit DB Packet Storm
8 6.4
- 		MEDIUM
Local 		A feature in LXD (LP#1829071), affects the default configuration of Ubuntu Server which allows privileged users in the lxd group to escalate their privilege to root without requiring a sudo password. CWE-276
Incorrect Default Permissions  		CVE-2023-5536 cpe:2.3:o:canonical:ubuntu_linux:*:* 24.04 2023-12-19 05:01
2023-12-12 		Show GitHub Exploit DB Packet Storm
9 6.3
- 		MEDIUM
Adjacent 		Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting inject… CWE-287
Improper Authentication 		CVE-2023-45866 cpe:2.3:o:canonical:ubuntu_linux:23.10:*
cpe:2.3:o:canonical:ubuntu_linux:22.04:*
cpe:2.3:o:canonical:ubuntu_linu… 		2024-01-5 22:15
2023-12-8 		Show GitHub Exploit DB Packet Storm
10 5.3
- 		MEDIUM
Network 		PVRIC (PowerVR Image Compression) on Imagination 2018 and later GPU devices offers software-transparent compression that enables cross-origin pixel-stealing attacks against feTurbulence and feBlend i… CWE-203
 Information Exposure Through Discrepancy 		CVE-2023-44216 cpe:2.3:o:canonical:ubuntu_linux:22.04:* 2023-10-5 23:36
2023-09-28 		Show GitHub Exploit DB Packet Storm