10894 matches found
USN-5210-2: Linux kernel regression
USN-5210-1 fixed vulnerabilities in the Linux kernel. Unfortunately, that update introduced a regression that caused failures to boot in environments with AMD Secure Encrypted Virtualization SEV enabled. This update fixes the problem. We apologize for the inconvenience. Original advisory details:...
USN-5111-2: strongSwan vulnerability
USN-5111-1 fixed a vulnerability in strongSwan. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that strongSwan incorrectly handled replacing certificates in the cache. A remote attacker could use this issue to...
USN-5052-1: MongoDB vulnerability
MongoDB would fail to properly invalidate existing sessions for deleted users. This could allow a remote authenticated attacker to gain elevated privileges if their user account was recreated with elevated privileges...
USN-5012-1: containerd vulnerabilities
It was discovered that containerd incorrectly handled file permission changes. If a user or automated system were tricked into launching a specially crafted container image, a remote attacker could change permissions on files on the host filesystem and possibly escalate privileges...
USN-5008-1: Avahi vulnerabilities
Thomas Kremer discovered that Avahi incorrectly handled termination signals on the Unix socket. A local attacker could possibly use this issue to cause Avahi to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. CVE-2021-3468 It...
USN-4928-1: GStreamer Good Plugins vulnerabilities
It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause access sensitive information or cause a crash. CVE-2021-3497 It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could...
USN-4903-1: curl vulnerability
Viktor Szakats discovered that curl did not strip off user credentials from referrer header fields. A remote attacker could possibly use this issue to obtain sensitive information...
USN-4561-2: Rack vulnerabilities
USN-4561-1 fixed vulnerabilities in Rack. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10. Original advisory details: It was discovered that Rack incorrectly handled certain paths. An attacker could possibly use this issue to obtain sensitive...
USN-4897-1: Pygments vulnerability
Ben Caller discovered that Pygments incorrectly handled parsing certain files. If a user or automated system were tricked into parsing a specially crafted file, a remote attacker could cause Pygments to hang or consume resources, resulting in a denial of service...
USN-4772-1: VNC4 vulnerabilities
USN-2500-1 addressed CVE-2015-0255 for xorg-server. This update provides the corresponding fix for VNC4 on Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2015-0255 USN-2726-1 addressed CVE-2015-1283 for Expat. This update provides the corresponding fix for VNC4 on Ubuntu 14.04 ESM and Ubuntu 16.04 ES...
USN-4733-1: GNOME Autoar vulnerability
Yiğit Can Yılmaz discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution...
USN-4628-1: Intel Microcode vulnerabilities
Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Daniel Gruss discovered that the Intel Running Average Power Limit RAPL feature of some Intel processors allowed a side- channel attack based on power consumption measurements. A local attacker coul...
USN-4576-1: Linux kernel vulnerabilities
Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-16119 Jay Shin...
USN-4575-1: dom4j vulnerability
It was discovered that dom4j incorrectly handled reading XML data. A remote attacker could exploit this with a crafted XML file to expose sensitive data or possibly execute arbitrary code. CVE-2020-10683...
USN-4439-1: Linux kernel vulnerabilities
It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the btrfs file system...
LSN-0069-1: Kernel Live Patch Security Notice
Relayopen in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service such as relay blockage by triggering a NULL allocpercpu result. CVE-2019-19462 Fan Yang discovered that the mremap implementation in the Linux kernel did not properly handle DAX Huge Page...
LSN-0067-1: Kernel Live Patch Security Notice
It was discovered that the Serial CAN interface driver in the Linux kernel did not properly initialize data. A local attacker could use this to expose sensitive information kernel memory. CVE-2020-11494...
USN-4365-1: Bind vulnerabilities
Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. CVE-2020-8616 Tobias...
USN-4264-1: Django vulnerability
Simon Charette discovered that Django incorrectly handled input in the PostgreSQL module. A remote attacker could possibly use this to perform SQL injection attacks...
USN-4199-1: libvpx vulnerabilities
It was discovered that libvpx did not properly handle certain malformed WebM media files. If an application using libvpx opened a specially crafted WebM file, a remote attacker could cause a denial of service, or possibly execute arbitrary code...
USN-4185-2: Linux kernel (Azure) vulnerabilities
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...
USN-4129-1: curl vulnerabilities
Thomas Vegas discovered that curl incorrectly handled memory when using Kerberos over FTP. A remote attacker could use this issue to crash curl, resulting in a denial of service. CVE-2019-5481 Thomas Vegas discovered that curl incorrectly handled memory during TFTP transfers. A remote attacker...
USN-3953-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled certain exif tags in JPEG images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-3257-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-2653-1: Python vulnerabilities
It was discovered that multiple Python protocol libraries incorrectly limited certain data when connecting to servers. A malicious ftp, http, imap, nntp, pop or smtp server could use this issue to cause a denial of service. CVE-2013-1752 It was discovered that the Python xmlrpc library did not...
USN-1199-1: Apache vulnerability
A flaw was discovered in the byterange filter in Apache. A remote attacker could exploit this to cause a denial of service via resource exhaustion...
USN-6556-1: Budgie Extras vulnerabilities
It was discovered that Budgie Extras incorrectly handled certain temporary file paths. An attacker could possibly use this issue to inject false information or deny access to the application. CVE-2023-49342, CVE-2023-49343, CVE-2023-49347 Matthias Gerstner discovered that Budgie Extras incorrectl...
USN-5227-1: Pillow vulnerabilities
It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to hang, resulting in a denial of service. CVE-2021-23437 It was discovered that Pillow incorrectly handled...
USN-5087-1: WebKitGTK vulnerabilities
A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-5056-1: APR vulnerability
It was discovered that APR incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information...
USN-5034-1: c-ares vulnerability
Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly validated certain hostnames returned by DNS servers. A remote attacker could possibly use this issue to perform Domain Hijacking attacks...
USN-5007-1: libuv vulnerability
Eric Sesterhenn discovered that libuv incorrectly handled certain strings. An attacker could possibly use this issue to access sensitive information or cause a crash...
USN-4993-1: Dovecot vulnerabilities
Kirin discovered that Dovecot incorrectly escaped kid and azp fields in JWT tokens. A local attacker could possibly use this issue to validate tokens using arbitrary keys. This issue only affected Ubuntu 20.10 and Ubuntu 21.04. CVE-2021-29157 Fabian Ising and Damian Poddebniak discovered that...
USN-4932-2: Django vulnerability
USN-4932-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwri...
USN-4919-1: OpenSLP vulnerability
It was discovered that OpenSLP did not properly validate URLs. A remote attacker could use this issue to cause OpenSLP to crash or possibly execute arbitrary code...
USN-4886-1: Privoxy vulnerabilities
It was discovered that Privoxy incorrectly handled CGI requests. An attacker could possibly use this issue to cause a denial of service or obtain sensitive information. CVE-2020-35502, CVE-2021-20209, CVE-2021-20210, CVE-2021-20213, CVE-2021-20215, CVE-2021-20216, CVE-2021-20217, CVE-2021-20272,...
USN-4885-1: Pygments vulnerability
It was discovered that Pygments incorrectly handled parsing SML files. If a user or automated system were tricked into parsing a specially crafted SML file, a remote attacker could cause Pygments to hang, resulting in a denial of service...
USN-4747-2: GNU Screen vulnerability
USN-4747-1 fixed a vulnerability in screen. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Felix Weinmann discovered that GNU Screen incorrectly handled certain character sequences. A remote attacker could use this issue to cause GNU Screen to crash...
USN-4648-1: WebKitGTK vulnerabilities
A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-4628-2: Intel Microcode regression
USN-4628-1 provided updated Intel Processor Microcode. Unfortunately, that update prevented certain processors in the Intel Tiger Lake family from booting successfully. This update reverts the microcode update for the Tiger Lake processor family. Please note that the 'disucodeldr' kernel command...
USN-4579-1: Linux kernel vulnerabilities
Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-16119 Wen Xu discover...
USN-4360-1: json-c vulnerability
It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to execute arbitrary code...
USN-4303-2: Linux kernel (HWE) vulnerability
USN-4303-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Paulo Bonzini discovered that the KVM hypervisor implementation in the Linux kernel...
USN-4239-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, 16.04 LTS, 18.04 LTS, 19.04 and 19.10. CVE-2019-11045 It was discovered that PHP incorrectly handled certain inputs. An...
USN-4096-1: Linux kernel (AWS) vulnerability
Andrei Vlad Lutas and Dan Lutas discovered that some x86 processors incorrectly handle SWAPGS instructions during speculative execution. A local attacker could use this to expose sensitive information kernel memory...
USN-3923-1: QEMU vulnerabilities
Michael Hanselmann discovered that QEMU incorrectly handled the Media Transfer Protocol MTP. An attacker inside the guest could use this issue to read or write arbitrary files and cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.10. CVE-2018-16867...
USN-3860-2: libcaca vulnerabilities
USN-3860-1 fixed a vulnerability in libcaca. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. CVE-2018-20544 It...
USN-3678-1: Linux kernel vulnerabilities
Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 filesystem that caused a denial of service system crash when mounted. CVE-2018-1092 It was discovered...
USN-3485-3: Linux kernel (AWS) vulnerabilities
It was discovered that a race condition existed in the ALSA subsystem of the Linux kernel when creating and deleting a port via ioctl. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-15265 Eric Biggers discovered that the key...
USN-3463-1: Werkzeug vulnerability
It was discovered that Werkzeug did not properly handle certain web scripts. A remote attacker could use this to inject arbitrary code via a field that contains an exception message...