10869 matches found
USN-6820-1: Linux kernel vulnerabilities
It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...
USN-856-1: CUPS vulnerability
Aaron Sigel discovered that the CUPS web interface incorrectly protected against cross-site scripting XSS and cross-site request forgery CSRF attacks. If an authenticated user were tricked into visiting a malicious website while logged into CUPS, a remote attacker could modify the CUPS...
USN-6836-1: SSSD vulnerability
It was discovered that SSSD did not always correctly apply the GPO policy for authenticated users, contrary to expectations. This could result in improper authorization or improper access to resources...
USN-6988-1: Twisted vulnerabilities
Ben Kallus discovered that Twisted incorrectly handled response order when processing multiple HTTP requests. A remote attacker could possibly use this issue to delay and manipulate responses. This issue only affected Ubuntu 24.04 LTS. CVE-2024-41671 It was discovered that Twisted did not properl...
USN-6718-2: curl vulnerability
USN-6718-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that curl incorrectly handled memory when limiting the amount of headers when HTTP/2 server push is allowed. A remote...
USN-3809-2: OpenSSH regression
USN-3809-1 fixed vulnerabilities in OpenSSH. The update for CVE-2018-15473 was incomplete and could introduce a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Robert Swiecki discovered that OpenSSH incorrectly...
USN-6928-1: Python vulnerabilities
It was discovered that the Python ssl module contained a memory race condition when handling the APIs to obtain the CA certificates and certificate store statistics. This could possibly result in applications obtaining wrong results, leading to various SSL issues. CVE-2024-0397 It was discovered...
USN-6588-2: PAM vulnerability
USN-6588-1 fixed a vulnerability in PAM. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: Matthias Gerstner discovered that the PAM pamnamespace module incorrectly handled special files when performing director...
USN-6930-1: OpenJDK 11 vulnerabilities
It was discovered that the Hotspot component of OpenJDK 11 was not properly bounding certain UTF-8 strings, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-21131 It was discovered that the Hotspot...
USN-6621-1: ImageMagick vulnerability
It was discovered that ImageMagick incorrectly handled certain values when processing BMP files. An attacker could exploit this to cause a denial of service...
USN-4246-1: zlib vulnerabilities
It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-9840, CVE-2016-9841 It was discovered that zlib incorrectly handled vectors involving left...
USN-2319-3: OpenJDK 7 update
USN-2319-1 fixed vulnerabilities in OpenJDK 7. This update provides stability fixes for the arm64 and ppc64el architectures. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could...
USN-6833-1: VTE vulnerability
Siddharth Dushantha discovered that VTE incorrectly handled large window resize escape sequences. An attacker could possibly use this issue to consume resources, leading to a denial of service...
USN-6660-1: OpenJDK 11 vulnerabilities
Yi Yang discovered that the Hotspot component of OpenJDK 11 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. CVE-2024-20918 It was discovered that the Hotspot...
USN-6940-1: snapd vulnerabilities
Neil McPhail discovered that snapd did not properly restrict writes to the $HOME/bin path in the AppArmor profile for snaps using the home plug. An attacker who could convince a user to install a malicious snap could use this vulnerability to escape the snap sandbox. CVE-2024-1724 Zeyad Gouda...
USN-6827-1: LibTIFF vulnerability
It was discovered that LibTIFF incorrectly handled memory when performing certain cropping operations, leading to a heap buffer overflow. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code...
USN-6968-1: PostgreSQL vulnerability
Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute arbitrary SQL functions as the superuser...
USN-3531-1: Intel Microcode update
It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. CVE-2017-5715 This...
USN-6946-1: Django vulnerabilities
It was discovered that Django incorrectly handled certain strings in floatformat function. An attacker could possibly use this issue to cause a memory exhaustion. CVE-2024-41989 It was discovered that Django incorrectly handled very large inputs. An attacker could possibly use this issue to cause...
USN-5621-1: Linux kernel vulnerabilities
It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Domingo...
USN-6851-1: Netplan vulnerabilities
Andreas Hasenack discovered that netplan incorrectly handled the permissions for netdev files containing wireguard configuration. An attacker could use this to obtain wireguard secret keys. It was discovered that netplan configuration could be manipulated into injecting arbitrary commands while...
USN-6855-1: libcdio vulnerability
Mansour Gashasbi discovered that libcdio incorrectly handled certain memory operations when parsing an ISO file, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code...
USN-4425-1: Linux kernel vulnerabilities
It was discovered that the network block device nbd implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service system crash. CVE-2019-16089 It was discovered that the kernel-user space relay...
USN-2769-1: Apache Commons HttpClient vulnerabilities
It was discovered that Apache Commons HttpClient did not properly verify the Common Name or subjectAltName fields of X.509 certificates. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications. This issue only affect...
USN-6844-2: CUPS regression
USN-6844-1 fixed vulnerabilities in the CUPS package. The update lead to the discovery of a regression in CUPS with regards to how the cupsd daemon handles Listen configuration directive. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Rory McNamara...
USN-3911-1: file vulnerabilities
It was discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code...
USN-6934-1: MySQL vulnerabilities
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.39 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. In addition to security fixes, the updated packages contain bug fixes, new...
USN-6622-1: OpenSSL vulnerabilities
David Benjamin discovered that OpenSSL incorrectly handled excessively long X9.42 DH keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. CVE-2023-5678 Sverker Eriksson discovered that OpenSSL incorrectly handled POLY1304 MAC...
USN-5316-1: Redis vulnerability
Reginaldo Silva discovered that due to a packaging issue, a remote attacker with the ability to execute arbitrary Lua scripts could possibly escape the Lua sandbox and execute arbitrary code on the host...
USN-5333-1: Apache HTTP Server vulnerabilities
Chamal De Silva discovered that the Apache HTTP Server modlua module incorrectly handled certain crafted request bodies. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. CVE-2022-22719 James Kettle discovered that the Apache HTTP Serv...
USN-3619-2: Linux kernel (Xenial HWE) vulnerabilities
USN-3619-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that the Berkeley Packet Filter BPF implementation in the Linux...
USN-6973-1: Linux kernel vulnerabilities
It was discovered that a race condition existed in the Bluetooth subsystem in the Linux kernel, leading to a null pointer dereference vulnerability. A privileged local attacker could use this to possibly cause a denial of service system crash. CVE-2024-24860 Several security issues were discovere...
USN-3819-1: Linux kernel vulnerability
Felix Wilhelm discovered that the Xen netback driver in the Linux kernel did not properly perform input validation in some situations. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...
USN-946-1: Net-SNMP vulnerability
The SNMP server did not correctly validate certain UDP clients when using TCP wrappers. Under some situations, a remote attacker could bypass access restrictions and communicate with the SNMP server, potentially leading to a loss of privacy or a denial of service...
USN-210-1: netpbm vulnerability
A buffer overflow was found in the "pnmtopng" conversion program. By tricking an user or automated system to process a specially crafted PNM image with pnmtopng, this could be exploited to execute arbitrary code with the privileges of the user running pnmtopng...
USN-5526-1: PyJWT vulnerability
Aapo Oksman discovered that PyJWT incorrectly handled signatures constructed from SSH public keys. A remote attacker could use this to forge a JWT signature...
USN-5371-2: nginx vulnerability
USN-5371-1 fixed several vulnerabilities in nginx. This update provides the fix for CVE-2021-3618 for Ubuntu 22.04 LTS. Original advisory details: It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling...
USN-3788-1: Tex Live vulnerabilities
Jakub Wilk discovered that Tex Live incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. CVE-2015-5700 It was discovered that Tex Live incorrectly handled certain files. An attacker could possibly use th...
USN-3937-1: Apache HTTP Server vulnerabilities
Charles Fol discovered that the Apache HTTP Server incorrectly handled the scoreboard shared memory area. A remote attacker able to upload and run scripts could possibly use this issue to execute arbitrary code with root privileges. CVE-2019-0211 It was discovered that the Apache HTTP Server HTTP...
USN-3899-1: OpenSSL vulnerability
Juraj Somorovsky, Robert Merget, and Nimrod Aviram discovered that certain applications incorrectly used OpenSSL and could be exposed to a padding oracle attack. A remote attacker could possibly use this issue to decrypt data...
USN-3789-1: ClamAV vulnerability
It was discovered that ClamAV incorrectly handled unpacking MEW executables. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service...
USN-2726-1: Expat vulnerability
It was discovered that Expat incorrectly handled malformed XML data. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code...
USN-6793-2: Git vulnerability
USN-6793-1 fixed vulnerabilities in Git. The CVE-2024-32002 was pending further investigation. This update fixes the problem. Original advisory details: It was discovered that Git incorrectly handled certain submodules. An attacker could possibly use this issue to execute arbitrary code. This iss...
USN-6963-1: GNOME Shell vulnerability
It was discovered that GNOME Shell incorrectly opened the portal helper automatically when detecting a captive network portal. A remote attacker could possibly use this issue to load arbitrary web pages containing JavaScript, leading to resource consumption or other attacks...
USN-6851-2: Netplan regression
USN-6851-1 fixed vulnerabilities in Netplan. The update lead to the discovery of a regression in netplan which caused systemctl enable to fail on systems where systemd is not running. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Andreas Hasenack...
USN-6898-1: Linux kernel vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Gui-Dong Han discovered that the...
USN-6593-1: GnuTLS vulnerabilities
It was discovered that GnuTLS had a timing side-channel when processing malformed ciphertexts in RSA-PSK ClientKeyExchange. A remote attacker could possibly use this issue to recover sensitive information. CVE-2024-0553 It was discovered that GnuTLS incorrectly handled certain certificate chains...
USN-4987-1: ExifTool vulnerability
It was discovered that ExifTool did not properly sanitize user data for the DjVu file format. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code...
USN-1793-1: Linux kernel vulnerabilities
Emese Revfy discovered that in the Linux kernel signal handlers could leak address information across an exec, making it possible to by pass ASLR Address Space Layout Randomization. A local user could use this flaw to by pass ASLR to reliably deliver an exploit payload that would otherwise be...
USN-6896-1: Linux kernel vulnerabilities
It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the Atheros 802.11ac...