Lucene search
K
UbuntuMost viewed

10890 matches found

Ubuntu
Ubuntu
added 2018/02/22 8:25 a.m.80 views

USN-3581-1: Linux kernel vulnerabilities

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2017-17712 ChunYu Wang discovered that a...

7.8CVSS7.4AI score0.74041EPSS
Exploits13
Ubuntu
Ubuntu
added 2018/02/20 7:20 p.m.80 views

USN-3576-1: libvirt vulnerabilities

Vivian Zhang and Christoph Anton Mitterer discovered that libvirt incorrectly disabled password authentication when the VNC password was set to an empty string. A remote attacker could possibly use this issue to bypass authentication, contrary to expectations. This issue only affected Ubuntu 14.0...

9.8CVSS7AI score0.03623EPSS
Exploits0
Ubuntu
Ubuntu
added 2018/01/10 6:56 a.m.80 views

USN-3525-1: Linux kernel vulnerability

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory...

5.6CVSS7.1AI score0.84172EPSS
Exploits3
Ubuntu
Ubuntu
added 2018/01/10 4:46 a.m.80 views

USN-3524-2: Linux kernel (Trusty HWE) vulnerability

USN-3524-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and indirect...

5.6CVSS7.1AI score0.84172EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/12/07 11:17 p.m.80 views

USN-3509-1: Linux kernel vulnerabilities

Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem XFRM in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2017-16939 It was discovered that the Linux kernel did not...

7.8CVSS6.8AI score0.02841EPSS
Exploits12
Ubuntu
Ubuntu
added 2017/09/18 10:42 p.m.80 views

USN-3420-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3420-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a buffer overflow existed in the Bluetooth stack of the Linux...

10CVSS7.6AI score0.16181EPSS
Exploits12
Ubuntu
Ubuntu
added 2017/08/03 5:38 p.m.80 views

USN-3378-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3378-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs...

7.8CVSS6.8AI score0.03763EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/08/03 4:52 p.m.80 views

USN-3378-1: Linux kernel vulnerabilities

Fan Wu and Shixiong Zhao discovered a race condition between inotify events and vfs rename operations in the Linux kernel. An unprivileged local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2017-7533 It was discovered that the Linux kernel did n...

7.8CVSS6.8AI score0.03763EPSS
Exploits3
Ubuntu
Ubuntu
added 2017/05/17 6:25 p.m.80 views

USN-3291-3: Linux kernel (Xenial HWE) vulnerabilities

USN-3291-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Dmitry Vyukov discovered that the generic SCSI sg subsystem in the Linux kernel...

7.8CVSS7.4AI score0.00414EPSS
Exploits0
Ubuntu
Ubuntu
added 2017/04/25 12:1 p.m.80 views

USN-3268-1: QEMU vulnerabilities

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio GPU device. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2016-10028 It was discovered that QEMU incorrectly handled the JAZZ RC4030 device. A privileged attacker...

9.9CVSS7.7AI score0.04448EPSS
Exploits1
Ubuntu
Ubuntu
added 2017/04/24 11:22 p.m.80 views

USN-3264-1: Linux kernel vulnerability

Alexander Popov discovered that a race condition existed in the Stream Control Transmission Protocol SCTP implementation in the Linux kernel. A local attacker could use this to cause a denial of service system crash...

7.1CVSS6.6AI score0.01162EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/11/29 12:21 a.m.80 views

USN-3139-1: Vim vulnerability

Florian Larysch discovered that the Vim text editor did not properly validate values for the 'filetype', 'syntax', and 'keymap' options. An attacker could trick a user into opening a file with specially crafted modelines and possibly execute arbitrary code with the user's privileges...

7.8CVSS7.1AI score0.25314EPSS
Exploits2
Ubuntu
Ubuntu
added 2016/08/10 9:52 a.m.80 views

USN-3051-1: Linux kernel (Trusty HWE) vulnerabilities

It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service system crash. CVE-2016-4470 Kangjie Lu discovered an...

5.5CVSS6.6AI score0.00582EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/08/08 5:5 p.m.80 views

USN-3048-1: curl vulnerabilities

Bru Rom discovered that curl incorrectly handled client certificates when resuming a TLS session. CVE-2016-5419 It was discovered that curl incorrectly handled client certificates when reusing TLS connections. CVE-2016-5420 Marcelo Echeverria and Fernando Muñoz discovered that curl incorrectly...

8.1CVSS6.5AI score0.15063EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/04 6:34 p.m.80 views

USN-2950-2: libsoup update

USN-2950-1 fixed vulnerabilities in Samba. The updated Samba packages introduced a compatibility issue with NTLM authentication in libsoup. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jouni Knuutinen discovered that Samba contained multiple flaws ...

7.1AI score0.3693EPSS
Exploits0References1
Ubuntu
Ubuntu
added 2016/04/06 6:39 a.m.80 views

USN-2946-2: Linux kernel (Trusty HWE) vulnerabilities

Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2015-8812 Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux...

10CVSS7.4AI score0.14281EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/02/27 8:58 a.m.80 views

USN-2909-2: Linux kernel (Utopic HWE) regression

USN-2909-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 14.10 backport kernel within VMWare virtual machines. This update fixes the...

7AI score
Exploits0References1
Ubuntu
Ubuntu
added 2016/02/26 9:45 p.m.80 views

USN-2908-4: Linux kernel regression

USN-2908-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 15.10 guests running within VMWare virtual machines. This update fixes the problem. We apologize for the inconvenience. Original advisory...

7.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2016/02/22 8:10 p.m.80 views

USN-2907-2: Linux kernel (Trusty HWE) vulnerabilities

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. CVE-2016-1576 halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security...

7.8CVSS6.7AI score0.0123EPSS
Exploits4
Ubuntu
Ubuntu
added 2015/11/04 9:1 p.m.80 views

USN-2791-1: NSS vulnerabilities

Tyson Smith and David Keeler discovered that NSS incorrectly handled decoding certain ASN.1 data. An remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code...

9.8CVSS7.9AI score0.10238EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/07/07 9:47 a.m.80 views

USN-2666-1: Linux kernel vulnerabilities

A race condition was discovered in the Linux kernel's filehandle size verification. A local user could exploit this flaw to read potentially sensative memory locations. CVE-2015-1420 A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote...

9CVSS6.8AI score0.08339EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/07/07 9:39 a.m.80 views

USN-2663-1: Linux kernel vulnerabilities

Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes xattrs. A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. CVE-2014-9710 A race condition was discovered in the Linux kernel's filehandle size...

9CVSS6.8AI score0.08339EPSS
Exploits0
Ubuntu
Ubuntu
added 2015/01/27 8:56 p.m.80 views

USN-2486-1: OpenJDK 6 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395,...

10CVSS6.5AI score0.99999EPSS
Exploits12
Ubuntu
Ubuntu
added 2015/01/13 12:38 p.m.80 views

USN-2468-1: Linux kernel vulnerabilities

A null pointer dereference flaw was discovered in the the Linux kernel's SCTP implementation when ASCONF is used. A remote attacker could exploit this flaw to cause a denial of service system crash via a malformed INIT chunk. CVE-2014-7841 A race condition with MMIO and PIO transactions in the KV...

6.1CVSS6.8AI score0.0523EPSS
Exploits1
Ubuntu
Ubuntu
added 2014/12/19 12:43 p.m.80 views

USN-2448-2: Linux kernel regression

USN-2448-1 fixed vulnerabilities in the Linux kernel. Due to an unrelated regression TCP Throughput drops to zero for several drivers after upgrading. This update fixes the problem. We apologize for the inconvenience. Original advisory details: An information leak in the Linux kernel was discover...

6.8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2014/12/12 7:47 a.m.80 views

USN-2447-1: Linux kernel (Utopic HWE) vulnerabilities

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 An information leak in the Linux kernel was discovered...

7.8CVSS6.8AI score0.08579EPSS
Exploits17
Ubuntu
Ubuntu
added 2014/10/09 10:55 a.m.80 views

USN-2378-1: Linux kernel (Trusty HWE) vulnerabilities

Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service system crash or possibly execute arbitrary code via specially crafted devices. CVE-2014-3181 Ben Hawkes reported...

7.8CVSS7.1AI score0.06167EPSS
Exploits8
Ubuntu
Ubuntu
added 2014/09/23 8:17 p.m.80 views

USN-2354-1: Linux kernel vulnerabilities

Chris Evans reported an flaw in the Linux kernel's handling of iso9660 compact disk filesystem images. An attacker who can mount a custom iso9660 image either via a CD/DVD drive or a loopback mount could cause a denial of service system crash or reboot. CVE-2014-5471 Chris Evans reported an flaw ...

4CVSS6.8AI score0.00505EPSS
Exploits2
Ubuntu
Ubuntu
added 2014/08/26 1:0 a.m.80 views

USN-2319-2: OpenJDK 7 regression

USN-2319-1 fixed vulnerabilities in OpenJDK 7. Due to an upstream regression, verifying of the init method call would fail when it was done from inside a branch when stack frames are activated. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several...

7AI score0.06118EPSS
Exploits1References1
Ubuntu
Ubuntu
added 2014/06/27 8:53 a.m.80 views

USN-2263-1: Linux kernel (OMAP4) vulnerabilities

Salva Peiró discovered an information leak in the Linux kernel's media- device driver. A local attacker could exploit this flaw to obtain sensitive information from kernel memory. CVE-2014-1739 A bounds check error was discovered in the socket filter subsystem of the Linux kernel. A local user...

4.9CVSS6.8AI score0.01121EPSS
Exploits4
Ubuntu
Ubuntu
added 2014/06/23 11:52 a.m.80 views

USN-2232-3: OpenSSL regression

USN-2232-1 fixed vulnerabilities in OpenSSL. The upstream fix for CVE-2014-0224 caused a regression for certain applications that use renegotiation, such as PostgreSQL. This update fixes the problem. Original advisory details: Jüri Aedla discovered that OpenSSL incorrectly handled invalid DTLS...

7.6AI score
Exploits0References1
Ubuntu
Ubuntu
added 2014/03/07 12:6 p.m.80 views

USN-2141-1: Linux kernel (OMAP4) vulnerabilities

Mathy Vanhoef discovered an error in the the way the ath9k driver was handling the BSSID masking. A remote attacker could exploit this error to discover the original MAC address after a spoofing atack. CVE-2013-4579 Andrew Honig reported a flaw in the Linux Kernel's kvmvmioctlcreatevcpu function ...

7.2CVSS7AI score0.10209EPSS
Exploits9
Ubuntu
Ubuntu
added 2014/01/03 10:52 a.m.80 views

USN-2069-1: Linux kernel (Raring HWE) vulnerabilities

Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload UFO. An unprivileged local user could exploit this flaw to cause a denial of service system crash or possibly gain administrative privileges. CVE-2013-4470 Multiple integer overflow flaws were discovered in the...

6.9CVSS7.1AI score0.01485EPSS
Exploits8
Ubuntu
Ubuntu
added 2014/01/03 10:29 a.m.80 views

USN-2065-1: Linux kernel (EC2) vulnerabilities

Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. CVE-2013-4345 A flaw was discovered in the Linux kernel's IP Virtual Server IPVS support. A local user with the CAPNETADMI...

7CVSS6.7AI score0.03181EPSS
Exploits1
Ubuntu
Ubuntu
added 2013/12/03 7:44 p.m.80 views

USN-2046-1: Linux kernel (OMAP4) vulnerabilities

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. CVE-2013-4299 Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload UFO. An unprivileged...

6.9CVSS7.3AI score0.0381EPSS
Exploits2
Ubuntu
Ubuntu
added 2013/11/08 9:41 p.m.80 views

USN-2018-1: Linux kernel (OMAP4) vulnerabilities

A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. CVE-2012-5374 A denial of service flaw was discovered in the Btrfs file system in...

4CVSS6.6AI score0.00858EPSS
Exploits2
Ubuntu
Ubuntu
added 2013/08/20 12:23 p.m.80 views

USN-1934-1: Linux kernel (OMAP4) vulnerabilities

Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...

7.8CVSS6.9AI score0.04546EPSS
Exploits1
Ubuntu
Ubuntu
added 2013/07/29 10:23 p.m.80 views

USN-1919-1: Linux kernel vulnerability

Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local user could exploit this flaw to gain administrative privileges. CVE-2013-2852 Marcus Moeller and Ken Fallon discovered that the CIFS incorrectly built certain paths. A local attack...

7.8CVSS6.5AI score0.03644EPSS
Exploits2
Ubuntu
Ubuntu
added 2013/05/15 5:17 p.m.81 views

USN-1824-1: Linux kernel vulnerabilities

Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6549 Mathias Krause discovered a flaw in xfrmuser in the Linux kernel. A local attacker with NETADMIN...

6.9CVSS6.9AI score0.0082EPSS
Exploits2
Ubuntu
Ubuntu
added 2013/04/23 9:0 p.m.80 views

USN-1806-1: OpenJDK 7 vulnerabilities

Ben Murphy discovered a vulnerability in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to execute arbitrary code. CVE-2013-0401 James Forshaw discovered a vulnerability in the OpenJDK JRE related to information disclosure, data integrity and...

10CVSS7.5AI score0.86963EPSS
Exploits21
Ubuntu
Ubuntu
added 2013/03/05 11:1 p.m.80 views

USN-1755-1: OpenJDK 6 vulnerabilities

It was discovered that OpenJDK did not properly validate certain types of images. A remote attacker could exploit this to cause OpenJDK to crash. CVE-2013-0809 It was discovered that OpenJDK did not properly check return values when performing color conversion for images. If a user were tricked...

10CVSS8.6AI score0.85882EPSS
Exploits10
Ubuntu
Ubuntu
added 2013/02/13 5:45 p.m.80 views

USN-1722-1: jQuery vulnerability

It was discovered that jQuery incorrectly handled selecting elements using location.hash, resulting in a possible cross-site scripting XSS issue. With cross-site scripting vulnerabilities, if a user were tricked into viewing a specially crafted page, a remote attacker could exploit this to modify...

4.3CVSS7AI score0.19191EPSS
Exploits1
Ubuntu
Ubuntu
added 2013/01/18 4:20 a.m.80 views

USN-1700-1: Linux kernel (OMAP4) vulnerabilities

A flaw was discovered in the Linux kernel's handling of script execution when module loading is enabled. A local attacker could exploit this flaw to cause a leak of kernel stack contents. CVE-2012-4530 Florian Weimer discovered that hypervkvpd, which is distributed in the Linux kernel, was not...

4.9CVSS5.7AI score0.00882EPSS
Exploits2
Ubuntu
Ubuntu
added 2012/10/12 10:12 a.m.80 views

USN-1610-1: Linux kernel vulnerability

Pablo Neira Ayuso discovered a flaw in the credentials of netlink messages. An unprivileged local attacker could exploit this by getting a netlink based service, that relies on netlink credentials, to perform privileged actions. CVE-2012-3520 Mathias Krause discovered information leak in the Linu...

7.8CVSS6.6AI score0.0048EPSS
Exploits3
Ubuntu
Ubuntu
added 2012/09/10 9:55 p.m.80 views

USN-1562-1: Linux kernel (Natty backport) vulnerability

Some errors where discovered in the Linux kernel's UDF file system, which is used to mount some CD-ROMs and DVDs. An unprivileged local user could use these flaws to crash the system...

7.6CVSS7.8AI score0.08738EPSS
Exploits1
Ubuntu
Ubuntu
added 2012/07/17 10:5 p.m.80 views

USN-1509-1: Firefox vulnerabilities

Benoit Jacob, Jesse Ruderman, Christian Holler, Bill McCloskey, Brian Smith, Gary Kwong, Christoph Diehl, Chris Jones, Brad Lassey, and Kyle Huey discovered memory safety issues affecting Firefox. If the user were tricked into opening a specially crafted page, an attacker could possibly exploit...

10CVSS8.7AI score0.05488EPSS
Exploits1References2
Ubuntu
Ubuntu
added 2012/05/31 9:38 p.m.80 views

USN-1457-1: Linux kernel vulnerabilities

Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server attacker could exploit this flaw to cause a denial of service. CVE-2011-4131 A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user could exploit...

7.2CVSS6.7AI score0.00775EPSS
Exploits2
Ubuntu
Ubuntu
added 2012/03/23 3:48 a.m.80 views

USN-1403-1: FreeType vulnerabilities

Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed BDF font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash. CVE-2012-1126 Mateusz Jurczyk discovered that FreeType did not correctly handle...

10CVSS5.8AI score0.05637EPSS
Exploits0
Ubuntu
Ubuntu
added 2012/03/07 5:12 p.m.80 views

USN-1394-1: linux-ti-omap4 vulnerabilities

Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. CVE-2011-1927 Vegard Nossum discovered a leak in the kernel's inotifyinit system call. A local, unprivileged user could exploit...

7.8CVSS6.7AI score0.02591EPSS
Exploits9
Ubuntu
Ubuntu
added 2011/12/13 1:5 p.m.80 views

USN-1302-1: Linux kernel (OMAP4) vulnerabilities

A bug was discovered in the XFS filesystem's handling of pathnames. A local attacker could exploit this to crash the system, leading to a denial of service, or gain root privileges. CVE-2011-4077 Nick Bowler discovered the kernel GHASH message digest algorithm incorrectly handled error conditions...

7.2CVSS6.2AI score0.03212EPSS
Exploits6
Total number of security vulnerabilities5000