10904 matches found
USN-30-1: Linux kernel vulnerabilities
CAN-2004-0883, CAN-2004-0949: During an audit of the smb file system implementation within Linux, several vulnerabilities were discovered ranging from out of bounds read accesses to kernel level buffer overflows. To exploit any of these vulnerabilities, an attacker needs control over the answers ...
USN-29-1: samba vulnerability
During an audit of the Samba 3.x code base Stefan Esser discovered a Unicode file name buffer overflow within the handling of TRANSACT2QFILEPATHINFO replies. A malicious samba user with write access to a share could exploit this by creating specially crafted path names files with very long names...
USN-25-1: libgd2 vulnerability
CAN-2004-0990 described several more buffer overflows which had been discovered in libgd2's PNG handling functions. However, it was determined that the update from USN-11-1 was not sufficient to prevent every possible attack, so another update is required. If an attacker tricked a user into loadi...
USN-6979-1: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - M68K architecture; - User-Mode Linux UML; - x86 architecture; - Accessibility subsystem; -...
USN-6895-2: Linux kernel vulnerabilities
It was discovered that the ATA over Ethernet AoE driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2023-6270 It was discovered that the HugeTLB file syst...
USN-6886-1: Go vulnerabilities
It was discovered that the Go net/http module did not properly handle the requests when request's headers exceed MaxHeaderBytes. An attacker could possibly use this issue to cause a panic resulting into a denial of service. This issue only affected Go 1.21 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS...
USN-6703-1: Firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2024-2609, CVE-2024-2611,...
USN-6680-2: Linux kernel vulnerabilities
黄思聪 discovered that the NFC Controller Interface NCI implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash...
USN-6626-2: Linux kernel vulnerabilities
Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-32250, CVE-2023-32252, CVE-2023-32257...
USN-6598-1: Paramiko vulnerability
Fabian Bäumer, Marcus Brinkmann, Jörg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being...
USN-6541-2: GNU C Library regression
USN-6541-1 fixed vulnerabilities in the GNU C Library. Unfortunately, changes made to allow proper application of the fix for CVE-2023-4806 in Ubuntu 22.04 LTS introduced an issue in the NSCD service IPv6 processing functionalities. This update fixes the problem. We apologize for the inconvenienc...
USN-6495-2: Linux kernel vulnerabilities
Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Manfred Rudigier discovered that the IntelR PCI-Express Gigab...
USN-6525-1: pysha3 vulnerability
Nicky Mouha discovered that pysha incorrectly handled certain SHA-3 operations. An attacker could possibly use this issue to cause pysha3 to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-6482-1: Quagga vulnerabilities
It was discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service...
USN-6462-2: Linux kernel (IoT) vulnerabilities
Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information kernel memory or in conjunction with another kernel vulnerability. CVE-2023-0597 Yu Hao and Weite...
USN-6465-2: Linux kernel (Raspberry Pi) vulnerabilities
Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-31083 Lin Ma discovered that the Netlink...
USN-6454-3: Linux kernel (ARM laptop) vulnerabilities
Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service system crash. CVE-2023-42756 Alex Birnberg discovered that the netfilter subsystem in the Linux...
USN-6440-3: Linux kernel (HWE) vulnerabilities
Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information kernel memory or in conjunction with another kernel vulnerability. CVE-2023-0597 It was discovere...
USN-6438-2: .Net regressions
USN-6438-1 fixed vulnerabilities in .Net. It was discovered that the fix for CVE-2023-36799 was incomplete. This update fixes the problem. Original advisory details: Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to...
USN-6422-2: Ring vulnerabilities
It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-37706 It was discovered that Ring incorrectly handled...
USN-6381-1: GNU binutils vulnerabilities
It was discovered that a memory leak existed in certain GNU binutils modules. An attacker could possibly use this issue to cause a denial of service memory exhaustion. CVE-2020-19724, CVE-2020-21490 It was discovered that GNU binutils was not properly performing bounds checks in several functions...
USN-6290-1: LibTIFF vulnerabilities
It was discovered that LibTIFF could be made to write out of bounds when processing certain malformed image files with the tiffcrop utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcrop to crash, resulting in a...
USN-6281-1: Velocity Engine vulnerability
Alvaro Munoz discovered that Velocity Engine incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code...
USN-6256-1: Linux kernel (IoT) vulnerabilities
Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon GPU devices did not properly validate memory allocation in certain situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2022-3108...
USN-6229-1: LibTIFF vulnerabilities
It was discovered that LibTIFF was not properly handling variables used to perform memory management operations when processing an image through tiffcrop, which could lead to a heap buffer overflow. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...
USN-6096-1: Linux kernel vulnerabilities
It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. CVE-2022-27672 Ziming Zhang discovered that the VMware Virtual GPU DR...
USN-6086-1: minimatch vulnerability
It was discovered that minimatch incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service...
USN-6051-1: Linux kernel vulnerabilities
It was discovered that the Traffic-Control Index TCINDEX implementation in the Linux kernel did not properly perform filter deactivation in some situations. A local attacker could possibly use this to gain elevated privileges. Please note that with the fix for this CVE, kernel support for the...
USN-6018-1: Apport vulnerability
Chen Lu, Lei Wang, and YiQi Sun discovered a privilege escalation vulnerability in apport-cli when viewing crash reports and unprivileged users are allowed to run sudo less. A local attacker on a specially configured system could use this to escalate their privilege...
USN-6007-1: Linux kernel (GCP) vulnerabilities
It was discovered that the Upper Level Protocol ULP subsystem in the Linux kernel did not properly handle sockets entering the LISTEN state in certain protocols, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execut...
USN-5970-1: Linux kernel vulnerabilities
It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs. CVE-2022-2196 It was discovered...
USN-5870-1: apr-util vulnerability
Ronald Crane discovered that APR-util did not properly handled memory when encoding or decoding certain input data. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code...
USN-5859-1: Linux kernel (OEM) vulnerabilities
Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-0179 It was discovered that the Netronome...
USN-5858-1: Linux kernel (OEM) vulnerabilities
Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-0179 It was discovered that the Netronome...
USN-5782-3: Firefox regressions
USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use th...
USN-5704-1: DBus vulnerabilities
It was discovered that DBus incorrectly handled messages with invalid type signatures. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. CVE-2022-42010 It was discovered that DBus was incorrectly validating the length of arrays of fixed-lengt...
USN-5644-1: Linux kernel (GCP) vulnerabilities
It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-33655 Duoming...
USN-5628-1: etcd vulnerabilities
It was discovered that etcd incorrectly handled certain specially crafted WAL files. An attacker could possibly use this issue to cause a denial of service. CVE-2020-15106, CVE-2020-15112 It was discovered that etcd incorrectly handled directory permissions when trying to create a directory that...
USN-5536-1: Firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, bypass Subresource Integrity protections, obtain sensitive information,...
USN-5516-1: Vim vulnerabilities
It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution...
USN-5428-1: libXrandr vulnerabilities
Tobias Stoeckmann discovered that libXrandr incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2016-7947, CVE-2016-7948...
USN-5195-1: Mumble vulnerability
It was discovered that the Mumble client supported websites for public servers with arbitrary URL schemes. If a user were tricked into visiting a malicious website from the public server list, a remote attacker could possibly execute arbitrary code...
USN-4823-1: Mosquitto vulnerability
It was discovered that Mosquitto incorrectly handled certain inputs. A remote attacker could possibly use this issue to cause a denial of service...
USN-4787-1: jq vulnerability
It was discovered that jq did not perform sufficient bounds checking, resulting in unbounded resource consumption. An attacker could use this vulnerability to cause a denial of service...
USN-4665-2: curl vulnerabilities
USN-4665-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 12.04 ESM and Ubuntu 14.04 ESM. Original advisory details: Varnavas Papaioannou discovered that curl incorrectly handled FTP PASV responses. An attacker could possibly use this issue to tric...
USN-4649-1: xdg-utils vulnerability
Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information...
USN-4605-1: Blueman vulnerability
Vaisha Bernard discovered that blueman did not properly sanitize input on the d-bus interface to blueman-mechanism. A local attacker could possibly use this issue to escalate privileges and run arbitrary code or cause a denial of service. CVE-2020-15238...
USN-4598-1: LibEtPan vulnerability
It was discovered that LibEtPan incorrectly handled STARTTLS when using IMAP, SMTP and POP3. A remote attacker could possibly use this issue to perform a response injection attack. CVE-2020-15953...
USN-4595-1: Grunt vulnerability
It was discovered that Grunt did not properly load yaml files. An attacker could possibly use this to execute arbitrary code. CVE-2020-7729...
USN-4541-1: Gnuplot vulnerabilities
Tim Blazytko, Cornelius Aschermann, Sergej Schumilo and Nils Bars discovered that Gnuplot did not properly validate string sizes in the dfgenerateasciiarrayentry function. An attacker could possibly use this issue to cause a heap buffer overflow, resulting in a denial of service attack or arbitra...