USN-3741-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3741-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04...

USN-3690-1: AMD Microcode update | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker...

USN-3690-2: AMD Microcode regression | Cloud Foundry

Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3690-1 provided updated microcode for AMD processors to address CVE-2017-5715 aka Spectre. Unfortunately, the update caused some systems to fail to boot. This update reverts the update for Ubuntu 14.04 LTS. We...

USN-3689-1: Libgcrypt vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Affected Cloud Foundry Products and Versions Severity is medium unless otherwise noted. Cloud Foundry BOSH stemcells are vulnerable, including: 3586.x versions prior to 3586.25 3541.x versions prior to...

USN-3696-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3696-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.0...

USN-3676-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3676-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.0...

USN-3684-1: Perl vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Affected Cloud Foundry Products and Versions Severity is medium unless otherwise noted. Cloud Foundry BOSH stemcells are vulnerable, including: 3586.x versions prior to 3586.24 3541.x versions prior to...

USN-3686-1: file vulnerabilities | Cloud Foundry

Severity Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Alexander Cherepanov discovered that file incorrectly handled a large number of notes. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2014-9620...

USN-3643-1: Wget vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Affected Cloud Foundry Products and Versions Severity is medium unless otherwise noted. Cloud Foundry BOSH stemcells are vulnerable, including: 3363.x versions prior to 3363.62 3421.x versions prior to...

USN-3641-1: Linux kernel vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Nick Peterson discovered that the Linux kernel did not properly handle debug exceptions following a MOV/POP to SS instruction. A local attacker could use this to cause a denial of service system crash. This...

USN-3631-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3631-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.0...

USN-3625-1: Perl vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description It was discovered that Perl incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Perl to hang, resulting in a denial of service. This issue only affected...

USN-3628-1: OpenSSL vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to...

USN-3624-1: Patch vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description It was discovered that Patch incorrectly handled certain files. An attacker could possibly use this to cause a denial of service. CVE-2016-10713 It was discovered that Patch incorrectly handled certain...

USN-3586-1: DHCP vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Konstantin Orekhov discovered that the DHCP server incorrectly handled a large number of concurrent TCP sessions. A remote attacker could possibly use this issue to cause a denial of service. This issue...

USN-3584-1: sensible-utils vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Affected Cloud Foundry Products and Versions Severity is medium unless otherwise noted. Cloud Foundry BOSH stemcells are vulnerable, including: 3363.x versions prior to 3363.51 3421.x versions prior to...

USN-3611-1: OpenSSL vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Affected Cloud Foundry Products and Versions Severity is medium unless otherwise noted. Cloud Foundry BOSH stemcells are vulnerable, including: 3363.x versions prior to 3363.53 3421.x versions prior to...

USN-3346-2: Bind regression | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3346-1 fixed vulnerabilities in Bind. The fix for CVE-2017-3142 introduced a regression in the ability to receive an AXFR or IXFR in the case where TSIG is used and not every message is signed. This...

USN-3598-1: curl vulnerabilities | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description Phan Thanh discovered that curl incorrectly handled certain FTP paths. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2018-1000120 Dario Weisser discovered...

USN-3582-2: Linux kernel (Xenial HWE) vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 Description USN-3582-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04...