10904 matches found
USN-4298-1: SQLite vulnerabilities
It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2019-13734, CVE-2019-13750, CVE-2019-13753 It was discovered that SQLite incorrectly handle...
USN-4221-2: libpcap vulnerability
USN-4221-1 fixed a vulnerability in libpcap. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service memory...
USN-4221-1: libpcap vulnerability
It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service memory exhaustion...
USN-4190-1: libjpeg-turbo vulnerabilities
It was discovered that libjpeg-turbo incorrectly handled certain BMP images. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. CVE-2018-14498 It was discovered that libjpeg-turbo incorrectly handled certain...
USN-4171-2: Apport vulnerabilities
USN-4171-1 fixed several vulnerabilities in apport. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered Apport would read its user-controlled settings file as the root user. This could be used by a local attacker to possibly...
USN-4164-1: Libxslt vulnerabilities
It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information. This issue not affected Ubuntu 19.10. CVE-2019-13117, CVE-2019-13118 It was discovered that Libxslt incorrectly handled certain documents. An attacker...
USN-4142-1: e2fsprogs vulnerability
It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code...
USN-3970-1: Ghostscript vulnerability
It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...
USN-3947-2: Libxslt vulnerability
USN-3947-1 fixed a vulnerability in Libxslt. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Libxslt incorrectly handled certain documents. An attacker could possibly use this issue to access sensitive information...
USN-3919-1: Firefox vulnerabilities
Two security issues were discovered in the JavaScript engine in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit this by causing a denial of service, or executing arbitrary code...
USN-3917-1: snapd vulnerability
The snapd default seccomp filter for strict mode snaps blocks the use of the ioctl system call when used with TIOCSTI as the second argument to the system call. Jann Horn discovered that this restriction could be circumvented on 64 bit architectures. A malicious snap could exploit this to bypass...
USN-3861-2: PolicyKit vulnerability
USN-3861-1 fixed a vulnerability in PolicyKit. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that PolicyKit incorrectly handled certain large user UIDs. A local attacker with a large UID could possibly use this issue to perform...
USN-3752-1: Linux kernel vulnerabilities
It was discovered that, when attempting to handle an out-of-memory situation, a null pointer dereference could be triggered in the Linux kernel in some circumstances. A local attacker could use this to cause a denial of service system crash. CVE-2018-1000200 Wen Xu discovered that the XFS...
USN-3741-3: Linux kernel regressions
USN-3741-1 introduced mitigations in the Linux kernel for Ubuntu 14.04 LTS to address L1 Terminal Fault L1TF vulnerabilities CVE-2018-3620, CVE-2018-3646. Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well as preventing Java...
USN-3692-1: OpenSSL vulnerabilities
Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. CVE-2018-0495 Guido Vranken discovered that OpenSSL incorrectly handled very large prime values during a key...
USN-3678-2: Linux kernel (Azure) vulnerabilities
Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service system crash when mounted. CVE-2018-1092 It was discovere...
USN-3641-1: Linux kernel vulnerabilities
Nick Peterson discovered that the Linux kernel did not properly handle debug exceptions following a MOV/POP to SS instruction. A local attacker could use this to cause a denial of service system crash. This issue only affected the amd64 architecture. CVE-2018-8897 Andy Lutomirski discovered that...
USN-3523-2: Linux kernel (HWE) vulnerabilities
USN-3523-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch...
USN-3177-1: Tomcat vulnerabilities
It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn't exist. A remote attacker could possibly use this issue to enumerate usernames. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-0762 Alvaro Muno...
USN-3107-1: Linux kernel vulnerability
It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges...
USN-2639-1: OpenSSL vulnerabilities
Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that OpenSSL incorrectly handled memory when buffering DTLS data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-8176 Joseph...
USN-2497-1: NTP vulnerabilities
Stephen Roettger, Sebastian Krahmer, and Harlan Stenn discovered that NTP incorrectly handled the length value in extension fields. A remote attacker could use this issue to possibly obtain leaked information, or cause the NTP daemon to crash, resulting in a denial of service. CVE-2014-9297 Steph...
USN-2362-1: Bash vulnerability
Stephane Chazelas discovered that Bash incorrectly handled trailing code in function definitions. An attacker could use this issue to bypass environment restrictions, such as SSH forced command environments...
USN-1941-1: Linux kernel vulnerabilities
Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could...
USN-1613-1: Python 2.5 vulnerabilities
It was discovered that Python would prepend an empty string to sys.path under certain circumstances. A local attacker with write access to the current working directory could exploit this to execute arbitrary code. CVE-2008-5983 It was discovered that the audioop module did not correctly perform...
USN-1505-1: OpenJDK 6 vulnerabilities
It was discovered that multiple flaws existed in the CORBA Common Object Request Broker Architecture implementation in OpenJDK. An attacker could create a Java application or applet that used these flaws to bypass Java sandbox restrictions or modify immutable object data. CVE-2012-1711,...
USN-1246-1: Linux kernel vulnerabilities
Dan Rosenberg discovered that the IPv4 diagnostic routines did not correctly validate certain requests. A local attacker could exploit this to consume CPU resources, leading to a denial of service. CVE-2011-2213 Dan Rosenberg discovered that the Bluetooth stack incorrectly handled certain L2CAP...
USN-1105-1: Linux kernel vulnerabilities
Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4075 Dan Rosenberg discovered that the socket filters did not correctly...
USN-957-1: Firefox and Xulrunner vulnerabilities
Several flaws were discovered in the browser engine of Firefox. If a user were tricked into viewing a malicious site, a remote attacker could use this to crash the browser or possibly run arbitrary code as the user invoking the program. CVE-2010-1208, CVE-2010-1209, CVE-2010-1211, CVE-2010-1212 A...
USN-947-1: Linux kernel vulnerabilities
It was discovered that the Linux kernel did not correctly handle memory protection of the Virtual Dynamic Shared Object page when running a 32-bit application on a 64-bit kernel. A local attacker could exploit this to cause a denial of service. Only affected Ubuntu 6.06 LTS. CVE-2009-4271 It was...
USN-593-1: Dovecot vulnerabilities
It was discovered that the default configuration of dovecot could allow access to any email files with group "mail" without verifying that a user had valid rights. An attacker able to create symlinks in their mail directory could exploit this to read or delete another user's email. CVE-2008-1199 ...
USN-7378-1: Ghostscript vulnerabilities
It was discovered that Ghostscript incorrectly serialized DollarBlend in certain fonts. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-27830 It was discovered that Ghostscript incorrectly handled the...
USN-6955-1: Linux kernel (OEM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - M68K architecture; - OpenRISC architecture; - PowerPC architecture; -...
USN-6652-1: Linux kernel (Azure) vulnerabilities
Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service paravirtualized device unavailability. CVE-2023-34324 Zheng Wang discovered...
USN-5804-1: Linux kernel vulnerabilities
It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Tamás Koczka discovered that th...
USN-5169-1: oddjob vulnerability
Matthias Gerstner discovered that there was a race condition in the mkhomedir tool shipped with the oddjob package. An authenticated attacker could use this to setup a symlink attack and change permissions on files on the host filesystem...
USN-5471-1: Linux kernel (OEM) vulnerabilities
It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...
USN-5442-2: Linux kernel vulnerabilities
Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...
USN-5394-1: WebKitGTK vulnerabilities
A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-5379-1: klibc vulnerabilities
It was discovered that klibc did not properly perform some mathematical operations, leading to an integer overflow. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-31870 It was discovered that klibc did not...
USN-5336-1: libjpeg9 vulnerabilities
Aladdin Mubaied discovered that the cjpeg utility in libjpeg9 did not properly validate the input image's size. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2016-3616 It was discovered that the cjpeg utility in libjpeg9 incorrectly handled...
USN-5264-1: Graphviz vulnerabilities
It was discovered that graphviz contains null pointer dereference vulnerabilities. Exploitation via a specially crafted input file can cause a denial of service. CVE-2018-10196, CVE-2019-11023 It was discovered that graphviz contains a buffer overflow vulnerability. Exploitation via a specially...
USN-5193-2: X.Org X Server vulnerabilities
USN-5193-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause t...
USN-5164-1: Linux kernel vulnerabilities
It was discovered that the Option USB High Speed Mobile device driver in the Linux kernel did not properly handle error conditions. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-37159 It was discovered that th...
USN-5158-1: ImageMagick vulnerabilities
It was discovered that ImageMagick incorrectly handled certain values when processing visual effects based image files. By tricking a user into opening a specially crafted image file, an attacker could crash the application causing a denial of service. CVE-2021-20244 It was discovered that...
USN-5132-1: Thunderbird vulnerabilities
Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, spoof another origin, or execute arbitrary code...
USN-5077-1: Apport vulnerabilities
Maik Münch and Stephen Röttger discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use this issue to gain read access to arbitrary files, possibly containing sensitive information...
USN-4969-3: DHCP regression
USN-4969-1 fixed a vulnerability in DHCP. The package for Ubuntu 21.04 introduced a regression causing it to reject certain valid configuration files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jon Franklin and Pawel Wieczorkiewicz discovered tha...
USN-4649-2: xdg-utils regression
USN-4649-1 fixed vulnerabilities in xdg-utils. That update caused a regression by removing the --attach functionality in thunderbird and others applications. This update fix the problem by reverting these changes. Original advisory details: Jens Mueller discovered that xdg-utils incorrectly handl...
USN-4646-1: poppler vulnerabilities
It was discovered that Poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service...