USN-5210-1: Linux kernel vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Nadav Amit discovered that the hugetlb implementation in the Linux kernel did not perform TLB flushes under certain conditions. A local attacker could use this to leak or alter data from other processes tha...

USN-5133-1: ICU vulnerability | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description ICU could be made to crash if it received specially crafted input. CVEs contained in this USN include: CVE-2020-21913. Affected Cloud Foundry Products and Versions Severity is low unle...

Buffer Overflows

bionic is vulnerable to buffer overflow. The vulnerability exists due to a lack of sanitization...

Information Disclosure

chromium-browser:bionic is vulnerable to information disclosure. Insufficient policy enforcement in Autofill in Google Chrome allowed a remote attacker to leak cross-origin data via a crafted HTML page...

CVE-2021-3984

vim is vulnerable to Heap-based Buffer Overflow...

Information Disclosure

mailman:bionic is vulnerable to information disclosure. The CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password enabling brute-force attacks...

Cross-site Scripting (XSS)

mailman:bionic is vulnerable to cross-site scripting XSS attacks. A crafted URL to the user options page in Cgi/options.py results in arbitrary JavaScript executions...

Denial Of Service (DoS)

openexr:bionic is vulnerable to denial of service. The vulnerability exists in RGBtoXYZ function of ImfChromaticities.cpp due to the divisor is not checked for a 0 value which allows an attacker to crash the application via malicious input...

Denial Of Service (DoS)

openexr:bionic is vulnerable to denial of service. The vulnerability exists due to incorrectly handled EXR image files which allows an attacker to crash the application via malicious input...

Denial Of Service (DoS)

chromium-browser:bionic is vulnerable to denial of service...

Restriction Bypass

chromium-browser:bionic is vulnerable to restriction bypass. Inappropriate implementation in iFrame Sandbox in Google Chrome allowed a remote attacker to bypass navigation restrictions via a crafted HTML page...

Information Disclosure

chromium-browser:bionic is vulnerable to information disclosure. Inappropriate implementation in WebView in Google Chrome on Android allowed a remote attacker to leak cross-origin data via a crafted app...

USN-5080-1: Libgcrypt vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Libgcrypt could be made to expose sensitive information. CVEs contained in this USN include: CVE-2021-33560, CVE-2021-40528. Affected Cloud Foundry Products and Versions Severity is medium unless otherwis...

USN-5093-1: Vim vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Several security issues were fixed in Vim. CVEs contained in this USN include: CVE-2021-3770, CVE-2021-3778, CVE-2021-3796. Affected Cloud Foundry Products and Versions Severity is...

USN-5079-3: curl vulnerabilities | Cloud Foundry

Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description USN-5079-1 introduced a regression in curl. Affected Cloud Foundry Products and Versions Severity is unknown unless otherwise noted. Bionic Stemcells 1.x versions prior to 1.31 All other stemcells not...

USN-5094-1: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Several security issues were fixed in the Linux kernel. CVEs contained in this USN include: CVE-2021-22543, CVE-2021-3679, CVE-2021-37576, CVE-2021-38204, CVE-2021-38205,...

USN-5114-1: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Canonical Ubuntu 18.04 Description Several security issues were fixed in the Linux kernel. CVEs contained in this USN include: CVE-2021-38198, CVE-2021-40490, CVE-2020-3702. Affected Cloud Foundry Products and Versio...

USN-5116-1: Linux kernel vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Several security issues were fixed in the Linux kernel. CVEs contained in this USN include: CVE-2021-38198, CVE-2021-38205, CVE-2021-3732, CVE-2021-40490, CVE-2020-3702. Affected Cloud Foundry Products an...

USN-5124-1: GNU binutils vulnerabilities | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description Several security issues were fixed in GNU binutils. CVEs contained in this USN include: CVE-2020-16592, CVE-2021-3487. Affected Cloud Foundry Products and Versions Severity is low unless otherwise noted...

USN-5089-1: ca-certificates update | Cloud Foundry

Severity Unknown Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 18.04 Description A certificate about to expire was removed from ca-certificates. Affected Cloud Foundry Products and Versions Severity is unknown unless otherwise noted. Bionic Stemcells 1.x versions prior to 1.33 All...