USN-3149-2: Linux kernel (Trusty HWE) vulnerability

USN-3149-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Philip Pettersson discovered a race condition in the afpacket implementation in the...

USN-3149-1: Linux kernel vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

USN-3148-1: Ghostscript vulnerabilities

Tavis Ormandy discovered multiple vulnerabilities in the way that Ghostscript processes certain Postscript files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause a denial of service or possibly execute arbitrary code. CVE-2016-7976,...

USN-3133-1: Oxide vulnerabilities

Multiple security vulnerabilities were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, cause a denial of service via application crash, or execute arbitrary code. CVE-2016-5198,...

USN-3141-1: Thunderbird vulnerabilities

Christian Holler, Jon Coppeard, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of...

USN-3140-1: Firefox vulnerabilities

It was discovered that data: URLs can inherit the wrong origin after a HTTP redirect in some circumstances. An attacker could potentially exploit this to bypass same-origin restrictions. CVE-2016-9078 A use-after-free was discovered in SVG animations. If a user were tricked in to opening a...

USN-3147-1: Linux kernel vulnerabilities

Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges. CVE-2016-7097 Marco Grassi discovered that the driver for Areca RAID...

USN-3146-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3146-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the getuserasmex implementation in the Linux kernel for x86/x86...

USN-3146-1: Linux kernel vulnerabilities

It was discovered that the getuserasmex implementation in the Linux kernel for x86/x8664 contained extended asm statements that were incompatible with the exception table. A local attacker could use this to gain administrative privileges. CVE-2016-9644 Andreas Gruenbacher and Jan Kara discovered...

USN-3145-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3145-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel...

USN-3145-1: Linux kernel vulnerabilities

Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service system crash or possibly gain privileges. CVE-2016-7425 Daxing Guo discovered a stack-based buffer overfl...

USN-3144-2: Linux kernel (OMAP4) vulnerability

Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service system crash or possibly gain privileges...

USN-3144-1: Linux kernel vulnerability

Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service system crash or possibly gain privileges...

USN-3143-1: c-ares vulnerability

Gzob Qq discovered that c-ares incorrectly handled certain hostnames. A remote attacker could use this issue to cause applications using c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-3142-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of th...

USN-3139-1: Vim vulnerability

Florian Larysch discovered that the Vim text editor did not properly validate values for the 'filetype', 'syntax', and 'keymap' options. An attacker could trick a user into opening a file with specially crafted modelines and possibly execute arbitrary code with the user's privileges...

USN-3138-1: python-cryptography vulnerability

Markus Döring discovered that python-cryptography incorrectly handled certain HKDF lengths. This could result in python-cryptography returning an empty string instead of the expected derived key...

USN-3135-2: GStreamer Good Plugins vulnerability

USN-3135-1 fixed a vulnerability in GStreamer Good Plugins. The original security fix was incomplete. This update fixes the problem. Original advisory details: Chris Evans discovered that GStreamer Good Plugins did not correctly handle malformed FLC movie files. If a user were tricked into openin...

USN-3137-1: MoinMoin vulnerabilities

It was discovered that MoinMoin did not properly sanitize certain inputs, resulting in cross-site scripting XSS vulnerabilities. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted server request, a remote attacker could exploit this to...

USN-3136-1: LXC vulnerability

Roman Fiedler discovered a directory traversal flaw in lxc-attach. An attacker with access to an LXC container could exploit this flaw to access files outside of the container...

USN-3135-1: GStreamer Good Plugins vulnerability

Chris Evans discovered that GStreamer Good Plugins did not correctly handle malformed FLC movie files. If a user were tricked into opening a crafted FLC movie file with a GStreamer application, an attacker could cause a denial of service via application crash, or execute arbitrary code with the...

USN-3134-1: Python vulnerabilities

It was discovered that the smtplib library in Python did not return an error when StartTLS fails. A remote attacker could possibly use this to expose sensitive information. CVE-2016-0772 Rémi Rampin discovered that Python would not protect CGI applications from contents of the HTTPPROXY environme...

USN-3132-1: tar vulnerability

Harry Sintonen discovered that tar incorrectly handled extracting files when path names are specified on the command line. If a user or automated system were tricked into processing a specially crafted archive, an attacker could possibly overwrite arbitrary files...

USN-3131-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of th...

USN-3124-1: Firefox vulnerabilities

Christian Holler, Andrew McCreight, Dan Minor, Tyson Smith, Jon Coppeard, Jan-Ivar Bruaroey, Jesse Ruderman, Markus Stange, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a special...

USN-3130-1: OpenJDK 7 vulnerabilities

It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without detection the content of a JAR file, affecting system integrity. CVE-2016-5542 It was discovered that the JMX component of OpenJDK did not...

USN-3126-2: Linux kernel (OMAP4) vulnerabilities

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash. CVE-2016-7042 Dmitry Vyukov discovered a use-after-free...

USN-3126-1: Linux kernel vulnerabilities

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash. CVE-2016-7042 Dmitry Vyukov discovered a use-after-free...

USN-3129-2: Linux kernel (Raspberry Pi 2) vulnerabilities

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash. CVE-2016-7042...

USN-3129-1: Linux kernel vulnerability

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash...

USN-3128-3: Linux kernel (Qualcomm Snapdragon) vulnerability

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash...

USN-3128-2: Linux kernel (Xenial HWE) vulnerability

USN-3128-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a...

USN-3128-1: Linux kernel vulnerability

Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service system crash...

USN-3127-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3127-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. It was discovered that the compression handling code in the Advanced Linux Sound...

USN-3127-1: Linux kernel vulnerabilities

It was discovered that the compression handling code in the Advanced Linux Sound Architecture ALSA subsystem in the Linux kernel did not properly check for an integer overflow. A local attacker could use this to cause a denial of service system crash. CVE-2014-9904 Kirill A. Shutemov discovered...

USN-3125-1: QEMU vulnerabilities

Zhenhao Hong discovered that QEMU incorrectly handled the Virtio module. A privileged attacker inside the guest could use this issue to cause QEMU to consume resources, resulting in a denial of service. CVE-2016-5403 Li Qiang discovered that QEMU incorrectly handled VMWARE VMXNET3 network card...

USN-3123-1: curl vulnerabilities

It was discovered that curl incorrectly reused client certificates when built with NSS. A remote attacker could possibly use this issue to hijack the authentication of a TLS connection. CVE-2016-7141 Nguyen Vu Hoang discovered that curl incorrectly handled escaping certain strings. A remote...

USN-3122-1: NVIDIA graphics drivers vulnerabilities

It was discovered that the NVIDIA graphics drivers incorrectly sanitized user mode inputs. A local attacker could use this issue to possibly gain root privileges...

USN-3121-1: OpenJDK 8 vulnerabilities

It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy function in certain cases. An attacker could use this to bypass Java sandbox restrictions. CVE-2016-5582 It was discovered that OpenJDK did not restrict the set of algorithms used for...

USN-3113-1: Oxide vulnerabilities

It was discovered that a long running unload handler could cause an incognito profile to be reused in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information. CVE-2016-1586 Multiple security...

USN-3120-1: Memcached vulnerabilities

Aleksandar Nikolic discovered that Memcached incorrectly handled certain malformed commands. A remote attacker could use this issue to cause Memcached to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-3119-1: Bind vulnerability

Tony Finch and Marco Davids discovered that Bind incorrectly handled certain responses containing a DNAME answer. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service...

USN-3118-1: Mailman vulnerabilities

It was discovered that the Mailman administrative web interface did not protect against cross-site request forgery CSRF attacks. If an authenticated user were tricked into visiting a malicious website while logged into Mailman, a remote attacker could perform administrative actions. This issue on...

USN-3117-1: GD library vulnerabilities

Ibrahim El-Sayed discovered that the GD library incorrectly handled certain malformed Tiff images. If a user or automated system were tricked into processing a specially crafted Tiff image, an attacker could cause a denial of service. CVE-2016-6911 Ke Liu discovered that the GD library incorrectl...

USN-3116-1: DBus vulnerabilities

It was discovered that DBus incorrectly validated the source of ActivationFailure signals. A local attacker could use this issue to cause a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2015-0245 It was discovered that DBus incorrectly handled certain...

USN-3115-1: Django vulnerabilities

Marti Raudsepp discovered that Django incorrectly used a hardcoded password when running tests on an Oracle database. A remote attacker could possibly connect to the database while the tests are running and prevent the test user with the hardcoded password from being removed. CVE-2016-9013 Aymeri...

USN-3112-1: Thunderbird vulnerabilities

Catalin Dumitru discovered that URLs of resources loaded after a navigation start could be leaked to the following page via the Resource Timing API. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit this to obtain sensiti...

USN-3111-1: Firefox vulnerabilities

A use-after-free was discovered in service workers. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via program crash, or execute arbitrary code. CVE-2016-5287 It was discovered that web content could access...

USN-3114-2: nginx regression

USN-3114-1 fixed a vulnerability in nginx. A packaging issue prevented nginx from being reinstalled or upgraded to a subsequent release. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Dawid Golunski discovered that the nginx package incorrectly handl...

USN-3114-1: nginx vulnerability

Dawid Golunski discovered that the nginx package incorrectly handled log file permissions. A remote attacker could possibly use this issue to obtain root privileges...