Ubuntu: Security Advisory (USN-3199-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3475-1 openssl vulnerabilities

It was discovered that OpenSSL incorrectly parsed the IPAddressFamily extension in X.509 certificates, resulting in an erroneous display of the certificate in text format. CVE-2017-3735 It was discovered that OpenSSL incorrectly performed the x8664 Montgomery squaring procedure. While unlikely, a...

Ubuntu 16.10 : linux, linux-raspi2 vulnerabilities (USN-3359-1)

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 Dmitry Vyukov, Andrey Konovalov, Florian Westphal, and Eric Dumazet discovered that the netfiler subsyste...

USN-3359-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A local attacker could use this to expose sensitive information kernel memory. CVE-2014-9900 Dmitry Vyukov, Andrey Konovalov, Florian Westphal, and Eric Dumazet discovered that the netfiler subsyste...

Ubuntu: Security Advisory (USN-3348-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3350-1: poppler vulnerabilities

Aleksandar Nikolic discovered that poppler incorrectly handled JPEG 2000 images. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service or possibly execute arbitrary code with privileges of the user invoking the program. CVE-2017-28...

USN-3348-1: Samba vulnerability

It was discovered that Samba incorrectly handled dangling symlinks. A remote attacker could possibly use this issue to cause Samba to hang, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2017-9461 In addition, this update fixes a regression...

Ubuntu 16.10 : linux, linux-raspi2 vulnerabilities (USN-3342-1)

USN 3326-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux...

USN-3342-1: Linux kernel vulnerabilities

USN 3326-1 fixed a vulnerability in the Linux kernel. However, that fix introduced regressions for some Java applications. This update addresses the issue. We apologize for the inconvenience. It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux...

USN-3327-1: Linux kernel (Raspberry Pi 2) vulnerability

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges...

USN-3326-1: Linux kernel vulnerability

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges...

Ubuntu 16.10 : linux-meta-raspi2, linux-raspi2 vulnerabilities (USN-3327-1) (Stack Clash)

It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2017-7374 It was discovered that the stack guard page for processes in the Linux kernel was not...

Ubuntu: Security Advisory (USN-3327-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.10 : linux, linux-meta vulnerabilities (USN-3326-1) (Stack Clash)

It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2017-7374 It was discovered that the stack guard page for processes in the Linux kernel was not...

Ubuntu: Security Advisory (USN-3323-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3320-1: zziplib vulnerabilities

Agostino Sarubbo discovered that zziplib incorrectly handled certain malformed ZIP files. If a user or automated system were tricked into opening a specially crafted ZIP file, a remote attacker could cause zziplib to crash, resulting in a denial of service, or possibly execute arbitrary code...

Ubuntu: Security Advisory (USN-3318-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.10 : linux, linux-raspi2 vulnerability (USN-3313-1) (deprecated)

CVE-2017-0605 was deemed 'Rejected', and withdrawn from the NIST database as further investigation showed that it was not a true security risk. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2018/10/15. include"compat.inc"; if description scriptid100666; scriptversion"3.7";...

USN-3313-1: Linux kernel vulnerability

It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker could use this to execute arbitrary code...

Ubuntu: Security Advisory (USN-3303-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...