10876 matches found
USN-6289-1: WebKitGTK vulnerabilities
Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...
USN-5793-1: Linux kernel vulnerabilities
It was discovered that the iouring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3910 ...
USN-5470-1: Linux kernel (OEM) vulnerabilities
It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...
USN-5440-1: PostgreSQL vulnerability
Alexander Lakhin discovered that PostgreSQL incorrectly handled the security restricted operation sandbox when a privileged user is maintaining another user's objects. An attacker having permission to create non-temp objects can use this issue to execute arbitrary commands as the superuser...
USN-5354-2: Twisted vulnerability
USN-5354-1 fixed vulnerabilities in Twisted. This update provides the corresponding updates for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and Ubuntu 22.04 LTS. Original advisory details: It was discovered that Twisted incorrectly processed SSH handshake data on connection establishments. A remote attack...
USN-5373-2: Django vulnerabilities
USN-5373-1 fixed several vulnerabilities in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Django incorrectly handled certain certain column aliases in the QuerySet.annotate, aggregate, and extra...
USN-5373-1: Django vulnerabilities
It was discovered that Django incorrectly handled certain certain column aliases in the QuerySet.annotate, aggregate, and extra methods. A remote attacker could possibly use this issue to perform an SQL injection attack. CVE-2022-28346 It was discovered that Django incorrectly handled certain...
USN-5323-1: NBD vulnerabilities
It was discovered that NBD incorrectly handled name length fields. A remote attacker could use this issue to cause NBD to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-5064-2: GNU cpio vulnerability
USN-5064-1 fixed vulnerabilities in GNU cpio. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to cras...
USN-5203-1: Apache Log4j 2 vulnerability
Hideki Okamoto and Guy Lederfein discovered that Apache Log4j 2 did not protect against infinite recursion in lookup evaluation. A remote attacker could possibly use this issue to cause Apache Log4j 2 to crash, leading to a denial of service. Please see the following link for more information:...
USN-5119-1: libcaca vulnerabilities
It was discovered that libcaca incorrectly handled certain images. An attacker could possibly use this issue to cause a crash. CVE-2021-30498, CVE-2021-30499...
USN-5084-1: LibTIFF vulnerability
It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...
USN-5066-2: PySAML2 vulnerability
USN-5066-1 fixed a vulnerability in PySAML2. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Brian Wolff discovered that PySAML2 incorrectly validated cryptographic signatures. A remote attacker could possibly use this issue to alter SAML documents...
USN-5055-1: GNOME grilo vulnerability
Michael Catanzaro discovered that grilo incorrectly handled certain TLS certificate verification. An attacker could possibly use this issue to MITM attacks...
LSN-0073-1: Kernel Live Patch Security Notice
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...
USN-4486-1: Linux kernel vulnerability
Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly validate meta-data information. An attacker could use this to construct a malicious xfs image that, when mounted, could cause a denial of service system crash...
USN-4462-1: Linux kernel vulnerability
It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service...
USN-4376-1: OpenSSL vulnerabilities
Cesar Pereida GarcÃa, Sohaib ul Hassan, Nicola Tuveri, Iaroslav Gridin, Alejandro Cabrera Aldaya, and Billy Brumley discovered that OpenSSL incorrectly handled ECDSA signatures. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys...
USN-4230-2: ClamAV vulnerability
USN-4230-1 fixed a vulnerability in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: It was discovered that ClamAV incorrectly handled certain MIME messages. A remote attacker could possibly use this issue to cause ClamAV ...
USN-4186-1: Linux kernel vulnerabilities
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions TSX could expose...
USN-4123-1: npm/fstream vulnerability
It was discovered that npm/fstream incorrectly handled certain crafted tarballs. An attacker could use this vulnerability to write aritrary files to the filesystem...
USN-4120-1: systemd vulnerability
It was discovered that the systemd-resolved D-Bus interface did not enforce appropriate access controls. A local unprivileged user could exploit this to modify a system's DNS resolver settings...
USN-4110-1: Dovecot vulnerability
Nick Roessler and Rafi Rubin discovered that Dovecot incorrectly handled certain data. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...
USN-4073-1: libEBML vulnerability
It was discovered that libEBML incorrectly handled certain media files. If a user were tricked into opening a specially crafted media file, libEBML could possibly be made to crash, resulting in a denial of service...
USN-4022-1: Gunicorn vulnerability
It was discovered that gunicorn improperly handled certain input. An attacker could potentially use this issue execute a cross-site scripting XSS attack...
USN-3983-1: Linux kernel vulnerabilities
Ke Sun, Henrique Kawakami, Kekai Hu, Rodrigo Branco, Giorgi Maisuradze, Dan Horea Lutas, Andrei Lutas, Volodymyr Pikhur, Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Moritz Lipp, Michael Schwarz, and Daniel Gruss discovered...
USN-3940-1: ClamAV vulnerabilities
It was discovered that ClamAV incorrectly handled scanning certain PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2019-1787 It was discovered that ClamAV incorrectly handled scanning certain OLE2 files. A remote...
USN-3913-1: P7ZIP vulnerabilities
It was discovered that p7zip did not correctly handle certain malformed archives. If a user or automated system were tricked into processing a specially crafted archive with p7zip, then p7zip could be made to crash, possibly leading to abitrary code execution...
USN-3752-3: Linux kernel (Azure, GCP, OEM) vulnerabilities
It was discovered that, when attempting to handle an out-of-memory situation, a null pointer dereference could be triggered in the Linux kernel in some circumstances. A local attacker could use this to cause a denial of service system crash. CVE-2018-1000200 Wen Xu discovered that the XFS...
USN-3756-1: Intel Microcode vulnerabilities
It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault L1TF. A local attacker in a guest virtual machine could use this to expose sensitive...
USN-3753-1: Linux kernel vulnerabilities
It was discovered that the generic SCSI driver in the Linux kernel did not properly enforce permissions on kernel memory access. A local attacker could use this to expose sensitive information or possibly elevate privileges. CVE-2017-13168 Wen Xu discovered that a use-after-free vulnerability...
USN-3725-1: MySQL vulnerabilities
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.61 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.23. In addition to security fixes, the updated...
USN-3531-3: intel-microcode update
Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. CVE-2017-5715 This...
USN-3425-1: Apache HTTP Server vulnerability
Hanno Böck discovered that the Apache HTTP Server incorrectly handled Limit directives in .htaccess files. In certain configurations, a remote attacker could possibly use this issue to read arbitrary server memory, including sensitive information. This issue is known as Optionsbleed...
USN-3256-2: Linux kernel (HWE) vulnerability
USN-3256-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel for each of the respective prior Ubuntu LTS releases. Andrey Konovalov discovered that the...
USN-2959-1: OpenSSL vulnerabilities
Huzaifa Sidhpurwala, Hanno Böck, and David Benjamin discovered that OpenSSL incorrectly handled memory when decoding ASN.1 structures. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-2108 Juraj...
USN-2869-1: OpenSSH vulnerabilities
It was discovered that the OpenSSH client experimental support for resuming connections contained multiple security issues. A malicious server could use this issue to leak client memory to the server, including private client user keys...
USN-2706-1: OpenJDK 6 vulnerabilities
Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2015-2590, CVE-2015-2628, CVE-2015-4731, CVE-2015-4732,...
USN-2419-1: Linux kernel (Trusty HWE) vulnerabilities
A flaw was discovered in how the Linux kernel's KVM Kernel Virtual Machine subsystem handles the CR4 control register at VM entry on Intel processors. A local host OS user can exploit this to cause a denial of service kill arbitrary processes, or system disruption by leveraging /dev/kvm access...
USN-2260-1: Linux kernel (Trusty HWE) vulnerabilities
A flaw was discovered in the Linux kernel's pseudo tty pty device. An unprivileged user could exploit this flaw to cause a denial of service system crash or potentially gain administrator privileges. CVE-2014-0196 Pinkie Pie discovered a flaw in the Linux kernel's futex subsystem. An unprivileged...
USN-1938-1: Linux kernel vulnerabilities
Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows specified to be run as root. A local could exploit this flaw to run commands as root when using the perf tool. user could exploit this CVE-2013-1060 A flaw was discovered in the Xen subsystem of the Linux kernel when it...
USN-1000-1: Linux kernel vulnerabilities
Dan Rosenberg discovered that the RDS network protocol did not correctly check certain parameters. A local attacker could exploit this gain root privileges. CVE-2010-3904 Al Viro discovered a race condition in the TTY driver. A local attacker could exploit this to crash the system, leading to a...
USN-7400-1: PHP vulnerabilities
It was discovered that PHP incorrectly handle certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. CVE-2024-11235 It was discovered that PHP incorrectly handle certain folded headers. An attacker could possibly use this issue to cause a crash or...
USN-6123-1: Linux kernel (OEM) vulnerabilities
Patryk Sondej and Piotr Krysiuk discovered that a race condition existed in the netfilter subsystem of the Linux kernel when processing batch requests, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrar...
USN-6039-1: OpenSSL vulnerabilities
It was discovered that OpenSSL was not properly managing file locks when processing policy constraints. If a user or automated system were tricked into processing a certificate chain with specially crafted policy constraints, a remote attacker could possibly use this issue to cause a denial of...
USN-5873-1: Go Text vulnerabilities
It was discovered that Go Text incorrectly handled certain encodings. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-14040 It was discovered that Go Text incorrectly handled certain BCP 47 language...
USN-5422-1: libxml2 vulnerabilities
Shinji Sato discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. CVE-2022-23308 It was...
USN-5397-1: curl vulnerabilities
Patrick Monnerat discovered that curl incorrectly handled certain OAUTH2. An attacker could possibly use this issue to access sensitive information. CVE-2022-22576 Harry Sintonen discovered that curl incorrectly handled certain requests. An attacker could possibly use this issue to expose sensiti...
USN-5354-1: Twisted vulnerabilities
It was discovered that Twisted incorrectly filtered HTTP headers when clients are being redirected to another origin. A remote attacker could use this issue to obtain sensitive information. CVE-2022-21712 It was discovered that Twisted incorrectly processed SSH handshake data on connection...
USN-4586-2: PHP ImageMagick vulnerability
USN-4586-1 fixed vulnerabilities in PHP ImageMagick. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that PHP ImageMagick extension didn't check the address used by an array. An attacker could use this issue to cause PHP ImageMagick...