512 matches found
USN-2842-1/USN-2842-2 Linux kernel vulnerability | Cloud Foundry
USN-2842-1/USN-2842-2 Linux kernel vulnerability Medium Vendor Linux kernel Versions Affected Ubuntu 14.04 Description Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual...
USN-2820-1 GnuTLS vulnerability | Cloud Foundry
USN-2820-1 GnuTLS vulnerability High Vendor GnuTLS Versions Affected Ubuntu 14.04 Description It was discovered that GnuTLS incorrectly validated the first byte of padding in CBC modes. A remote attacker could possibly use this issue to perform a padding oracle attack. The Cloud Foundry project...
USN-2788-1 and USN-2788-2 unzip vulnerability | Cloud Foundry
USN-2788-1 and USN-2788-2 unzip vulnerability Medium Vendor unzip Versions Affected Ubuntu 14.04 Description Gustavo Grieco discovered that unzip incorrectly handled certain password protected archives. If a user or automated system were tricked into processing a specially crafted zip archive, an...
USN-2778-1 Linux kernel vulnerabilities | Cloud Foundry
USN-2778-1 Linux kernel vulnerabilities Medium Vendor Vivid Versions Affected Ubuntu 14.04 Description It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a...
USN-2756-1 rpcbind Vulnerability | Cloud Foundry
USN-2756-1 rpcbind Vulnerability Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 LTS Description rpcbind could be made to crash or run programs if it received specially crafted network traffic. It was discovered that rpcbind incorrectly handled certain memory structures. A...
USN-2751-1 Linux Kernel (Vivid HWE) Vulnerability | Cloud Foundry
USN-2751-1 Linux Kernel Vivid HWE Vulnerability Medium to Low Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 LTS Description Several security issues were fixed in the kernel. Benjamin Randazzo discovered an information leak in the md multiple device driver when the bitmapinfo.fi...
USN-2710-1 OpenSSH Vulnerabilities | Cloud Foundry
USN-2710-1 OpenSSH Vulnerabilities Medium Vendor OpenSSH Versions Affected Ubuntu 14.04 Description Moritz Jodeit discovered that OpenSSH incorrectly handled usernames when using PAM authentication. If an additional vulnerability were discovered in the OpenSSH unprivileged child process, this iss...
CVE-2015-3290 Linux Kernel NMI Vulnerability | Cloud Foundry
CVE-2015-3290 Linux Kernel NMI Vulnerability High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu – Kernel 3.19 Description A flaw was found in Linux kernel’s handling of nested non-maskable interrupts NMIs. This flaw could allow an unprivileged local user to escalate their privileges ...
CVE-2015-1330 Unattended-Upgrades Vulnerability | Cloud Foundry
CVE-2015-1330 Unattended-Upgrades Vulnerability Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 14.04 LTS Description It was found that for some configurations, unattended-upgrades would not properly perform authentication checks on packages prior to installation. An attacker...
CVE-2015-3636 - ipv4 use-after-free | Cloud Foundry
CVE-2015-3636 – ipv4 use-after-free Medium Vendor Ubuntu Versions Affected Ubuntu 14.04 Description A use-after-free flaw was discovered in the Linux kernel’s ipv4 ping support. A local user could exploit this flaw to gain administrative privileges on the system. The Cloud Foundry project is...
CVE-2014-7186 and CVE-2014-7187 - Bash Out of Bounds | Cloud Foundry
CVE-2014-7186 and CVE-2014-7187 – Bash Out of Bounds Moderate Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 10.04 LTS and 14.04 LTS that include bash through 4.3 bash43-026 Description Off-by-one error in the readtokenword function in parse.y in GNU Bash through 4.3 bash43-026 allows...
CVE-2014-6271 and CVE-2014-7169 - ShellShock | Cloud Foundry
CVE-2014-6271 and CVE-2014-7169 – ShellShock Important Vendor Canonical Ubuntu, CentOS Versions Affected Canonical Ubuntu 10.04 LTS that include bash CentOS 6.5 that include bash Description GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment...