10891 matches found
USN-3098-2: Linux kernel (Trusty HWE) vulnerabilities
USN-3098-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit...
USN-3084-1: Linux kernel vulnerabilities
Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. CVE-2016-6136 It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did...
USN-2968-2: Linux kernel (Trusty HWE) vulnerabilities
USN-2968-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kerne...
USN-2949-1: Linux kernel (Vivid HWE) vulnerabilities
Venkatesh Pottem discovered a use-after-free vulnerability in the Linux kernel's CXGB3 driver. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2015-8812 Xiaofei Rex Guo discovered a timing side channel vulnerability in the Linux...
USN-2937-1: WebKitGTK+ vulnerabilities
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...
USN-2852-1: Linux kernel (Raspberry Pi 2) vulnerability
Jann Horn discovered a ptrace issue with user namespaces in the Linux kernel. The namespace owner could potentially exploit this flaw by ptracing a root owned process entering the user namespace to elevate its privileges and potentially gain access outside of the namespace...
USN-2829-2: Linux kernel (Vivid HWE) vulnerabilities
It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service system crash. CVE-2015-5283 Dmitry Vyukov discovered that the Linux kernel's keyring handler...
USN-2794-1: Linux kernel vulnerabilities
It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. CVE-2015-2925 Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver...
USN-2784-1: OpenJDK 7 vulnerabilities
Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2015-4805, CVE-2015-4835, CVE-2015-4843, CVE-2015-4844,...
USN-2764-1: Linux kernel (Utopic HWE) vulnerability
Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service system crash...
USN-2728-1: Bind vulnerability
Hanno Böck discovered that Bind incorrectly handled certain malformed keys when configured to perform DNSSEC validation. A remote attacker could use this issue with specially crafted zone data to cause Bind to crash, resulting in a denial of service...
USN-2727-1: GnuTLS vulnerabilities
It was discovered that GnuTLS incorrectly handled parsing CRL distribution points. A remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. CVE-2015-3308 Kurt Roeckx discovered that GnuTLS incorrectly handled a long DistinguishedName DN entry in a...
USN-2602-1: Firefox vulnerabilities
Jesse Ruderman, Mats Palmgren, Byron Campen, Steve Fink, Gary Kwong, Andrew McCreight, Christian Holler, Jon Coppeard, and Milan Sreckovic discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit...
USN-2592-1: XML::LibXML vulnerability
Tilmann Haak discovered that XML::LibXML incorrectly handled the expandentities parameter in certain situations. A remote attacker could possibly use this issue to access sensitive information...
USN-2583-1: Linux kernel vulnerability
A race condition between chown and execve was discovered in the Linux kernel. A local attacker could exploit this race by using chown on a setuid-user-binary to gain administrative privileges...
USN-2573-1: OpenJDK 6 vulnerabilities
Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2015-0460, CVE-2015-0469 Alexander Cherepanov discovered that...
USN-2498-1: Kerberos vulnerabilities
It was discovered that Kerberos incorrectly sent old keys in response to a -randkey -keepold request. An authenticated remote attacker could use this issue to forge tickets by leveraging administrative access. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS...
USN-2491-1: Linux kernel (EC2) vulnerabilities
Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment SS register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. CVE-2014-9322 Lars Bull reported a race condition in the PIT...
USN-2459-1: OpenSSL vulnerabilities
Pieter Wuille discovered that OpenSSL incorrectly handled Bignum squaring. CVE-2014-3570 Markus Stenberg discovered that OpenSSL incorrectly handled certain crafted DTLS messages. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. CVE-2014-3571...
USN-2409-1: QEMU vulnerabilities
Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host memory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. CVE-2014-3615 Xavier Mehrenberger and Stephane Duverger discovered that QEMU...
USN-2328-1: GNU C Library vulnerability
Tavis Ormandy and John Haxby discovered that the GNU C Library contained an off-by-one error when performing transliteration module loading. A local attacker could exploit this to gain administrative privileges. CVE-2014-5119 USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04...
USN-2311-2: OpenStack Ceilometer vulnerability
USN-2311-1 fixed vulnerabilities in pyCADF. This update provides the corresponding updates for OpenStack Ceilometer. Original advisory details: Zhi Kun Liu discovered that pyCADF incorrectly filtered certain tokens. An attacker could possibly use this issue to obtain authentication tokens used in...
USN-2312-1: OpenJDK 6 vulnerabilities
Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4262 Several...
USN-2283-1: Linux kernel vulnerabilities
Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Michael S. Tsirkin discovered an information leak in the Linux kernel's...
USN-2196-1: Linux kernel vulnerability
A flaw was discovered in the Linux kernel's pseudo tty pty device. An unprivileged user could exploit this flaw to cause a denial of service system crash or potentially gain administrator privileges...
USN-2137-1: Linux kernel (Saucy HWE) vulnerabilities
An information leak was discovered in the Linux kernel when built with the NetFilter Connection Tracking NFCONNTRACK support for IRC protocol NFNATIRC. A remote attacker could exploit this flaw to obtain potentially sensitive kernel information when communicating over a client- to-client IRC...
USN-2102-2: Firefox regression
USN-2102-1 fixed vulnerabilities in Firefox. The update introduced a regression which could make Firefox crash under some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christian Holler, Terrence Cole, Jesse Ruderman, Gary Kwong, Eric...
USN-2061-1: OpenStack Keystone vulnerability
Steven Hardy discovered that Keystone did not properly enforce trusts when using the ec2tokens API. An authenticated attacker could exploit this to retrieve a token not scoped to the trust and elevate privileges to the trustor's roles...
USN-2044-1: Linux kernel (OMAP4) vulnerabilities
A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. CVE-2013-4299 Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload UFO. An unprivileged...
USN-1985-1: Python 3.3 vulnerabilities
Florian Weimer discovered that Python incorrectly handled matching multiple wildcards in ssl certificate hostnames. An attacker could exploit this to cause Python to consume resources, resulting in a denial of service. CVE-2013-2099 Ryan Sleevi discovered that Python did not properly handle...
USN-1970-1: Linux kernel (Quantal HWE) vulnerabilities
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...
USN-1882-1: Linux kernel (OMAP4) vulnerabilities
Kees Cook discovered a flaw in the Linux kernel's iSCSI subsystem. A remote unauthenticated attacker could exploit this flaw to cause a denial of service system crash or potentially gain administrative privileges. CVE-2013-2850 Andy Lutomirski discover an error in the Linux kernel's credential...
USN-1876-1: Linux kernel vulnerabilities
Andrew Honig reported a flaw in the way KVM Kernel-based Virtual Machine emulated the IOAPIC. A privileged guest user could exploit this flaw to read host memory or cause a denial of service crash the host. CVE-2013-1798 An information leak was discovered in the Linux kernel's rcvmsg path for ATM...
USN-1812-1: Linux kernel (Quantal HWE) vulnerabilities
Mathias Krause discovered an information leak in the Linux kernel's UDF file system implementation. A local user could exploit this flaw to examine some of the kernel's heap memory. CVE-2012-6548 Mathias Krause discovered an information leak in the Linux kernel's ISO 9660 CDROM file system driver...
USN-1533-1: Linux kernel vulnerabilities
An error was discovered in the Linux kernel's network TUN/TAP device implementation. A local user with access to the TUN/TAP interface which is not available to unprivileged users until granted by a root user could exploit this flaw to crash the system or potential gain administrative privileges...
USN-1504-1: Qt vulnerabilities
It was discovered that Qt did not properly handle wildcard domain names or IP addresses in the Common Name field of X.509 certificates. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications. This issue only affecte...
USN-1493-1: Linux kernel vulnerabilities
Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. CVE-2012-2313 Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user...
USN-1492-1: Linux kernel vulnerabilities
Stephan Mueller reported a flaw in the Linux kernel's dl2k network driver's handling of ioctls. An unprivileged local user could leverage this flaw to cause a denial of service. CVE-2012-2313 Timo Warns reported multiple flaws in the Linux kernel's hfsplus filesystem. An unprivileged local user...
USN-1472-1: Linux kernel vulnerabilities
Andy Adamson discovered a flaw in the Linux kernel's NFSv4 implementation. A remote NFS server attacker could exploit this flaw to cause a denial of service. CVE-2011-4131 A flaw was discovered in the Linux kernel's KVM kernel virtual machine. An administrative user in the guest OS could leverage...
USN-1455-1: Linux kernel (Oneiric backport) vulnerabilities
A flaw was found in the Linux kernel's KVM Kernel Virtual Machine virtual cpu setup. An unprivileged local user could exploit this flaw to crash the system leading to a denial of service. CVE-2012-1601 Steve Grubb reported a flaw with Linux fscaps file system base capabilities when used to increa...
USN-1451-1: OpenSSL vulnerabilities
Ivan Nestlerode discovered that the Cryptographic Message Syntax CMS and PKCS 7 implementations in OpenSSL returned early if RSA decryption failed. This could allow an attacker to expose sensitive information via a Million Message Attack MMA. CVE-2012-0884 It was discovered that an integer...
USN-1450-1: Net-SNMP vulnerability
It was discovered that Net-SNMP incorrectly performed entry lookups in the extension table. A remote attacker could send a specially crafted request and cause the SNMP server to crash, leading to a denial of service...
USN-1400-4: Thunderbird regressions
USN-1400-3 fixed vulnerabilities in Thunderbird. The new Thunderbird version caused a regression in IMAP connections and mail filtering. This update fixes the problem. Original advisory details: Soroush Dalili discovered that Firefox did not adequately protect against dropping JavaScript links on...
USN-1378-1: PostgreSQL vulnerabilities
It was discovered that PostgreSQL incorrectly checked permissions on functions called by a trigger. An attacker could attach a trigger to a table they owned and possibly escalate privileges. CVE-2012-0866 It was discovered that PostgreSQL incorrectly truncated SSL certificate name checks to 32...
USN-1343-1: Thunderbird vulnerabilities
Alexandre Poirot, Chris Blizzard, Kyle Huey, Scoobidiver, Christian Holler, David Baron, Gary Kwong, Jim Blandy, Bob Clary, Jesse Ruderman, Marcia Knous, and Rober Longson discovered several memory safety issues which could possibly be exploited to crash Thunderbird or execute arbitrary code as t...
USN-1328-1: Linux kernel (Marvell DOVE) vulnerabilities
Clement Lecigne discovered a bug in the HFS filesystem. A local attacker could exploit this to cause a kernel oops. CVE-2011-2203 A flaw was found in how the Linux kernel handles user-defined key types. An unprivileged local user could exploit this to crash the system. CVE-2011-4110...
USN-1272-1: Linux kernel vulnerabilities
It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. CVE-2011-1585 Andrea Righi discovered a race condition in the KSM memory merging support...
USN-1268-1: Linux kernel vulnerabilities
It was discovered that CIFS incorrectly handled authentication. When a user had a CIFS share mounted that required authentication, a local user could mount the same share without knowing the correct password. CVE-2011-1585 It was discovered that the GRE protocol incorrectly handled netns...
USN-1111-1: Linux kernel vulnerabilities
Dan Rosenberg discovered multiple flaws in the X.25 facilities parsing. If a system was using X.25, a remote attacker could exploit this to crash the system, leading to a denial of service. CVE-2010-4164 Vegard Nossum discovered that memory garbage collection was not handled correctly for active...
USN-1109-1: GIMP vulnerabilities
It was discovered that GIMP incorrectly handled malformed data in certain plugin configuration files. If a user were tricked into opening a specially crafted plugin configuration file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges. The defaul...