Lucene search
K
UbuntuRecent

10923 matches found

Ubuntu
Ubuntu
•added 2017/01/18 12:35 a.m.•49 views

USN-3173-1: NVIDIA graphics drivers vulnerability

It was discovered that the NVIDIA graphics drivers contained a flaw in the kernel mode layer. A local attacker could use this issue to cause a denial of service...

5.5CVSS6.1AI score0.00365EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/01/12 12:37 p.m.•67 views

USN-3172-1: Bind vulnerabilities

It was discovered that Bind incorrectly handled certain malformed responses to an ANY query. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. CVE-2016-9131 It was discovered that Bind incorrectly handled certain malformed responses to an AN...

7.5CVSS7.4AI score0.40556EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/01/11 6:9 p.m.•64 views

USN-3171-1: LibVNCServer vulnerabilities

Josef Gajdusek discovered that the LibVNCServer client library incorrectly handled certain FrameBufferUpdate messages. If a user were tricked into connecting to a malicious server, an attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. CVE-2016-9941,...

9.8CVSS8.6AI score0.03748EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/01/11 9:24 a.m.•92 views

USN-3170-2: Linux kernel (Raspberry Pi 2) vulnerabilities

Andrey Konovalov discovered that the ipv6 icmp implementation in the Linux kernel did not properly check data structures on send. A remote attacker could use this to cause a denial of service system crash. CVE-2016-9919 Andrey Konovalov discovered that signed integer overflows existed in the...

7.8CVSS6.6AI score0.05671EPSS
Exploits8
Ubuntu
Ubuntu
•added 2017/01/11 9:6 a.m.•77 views

USN-3170-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel memory. CVE-2016-9756 Andrey Konovalov discovered that signed integer overflows...

7.8CVSS6.5AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
•added 2017/01/11 8:26 a.m.•93 views

USN-3169-4: Linux kernel (Qualcomm Snapdragon) vulnerabilities

Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture ALSA subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2016-9794 Andrey Konovalov discovered that signed integer...

7.8CVSS6.5AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
•added 2017/01/11 8:16 a.m.•87 views

USN-3169-3: Linux kernel (Raspberry Pi 2) vulnerabilities

Baozeng Ding discovered a race condition that could lead to a use-after- free in the Advanced Linux Sound Architecture ALSA subsystem of the Linux kernel. A local attacker could use this to cause a denial of service system crash. CVE-2016-9794 Andrey Konovalov discovered that signed integer...

7.8CVSS6.5AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
•added 2017/01/11 8:7 a.m.•83 views

USN-3169-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3169-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not...

7.8CVSS6.5AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
•added 2017/01/11 7:7 a.m.•90 views

USN-3169-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel memory. CVE-2016-9756 Andrey Konovalov discovered that signed integer overflows...

7.8CVSS6.5AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
•added 2017/01/11 6:54 a.m.•95 views

USN-3168-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3168-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not...

7.8CVSS6.4AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
•added 2017/01/11 6:23 a.m.•95 views

USN-3168-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel memory. CVE-2016-9756 Andrey Konovalov discovered that signed integer overflows...

7.8CVSS6.4AI score0.01566EPSS
Exploits8
Ubuntu
Ubuntu
•added 2017/01/11 6:12 a.m.•92 views

USN-3167-2: Linux kernel (OMAP4) vulnerabilities

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel memory. CVE-2016-9756 Baozeng Ding discovered a race condition that could lead to...

7.8CVSS6.6AI score0.00443EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/01/11 6:8 a.m.•115 views

USN-3167-1: Linux kernel vulnerabilities

Dmitry Vyukov discovered that the KVM implementation in the Linux kernel did not properly initialize the Code Segment CS in certain error cases. A local attacker could use this to expose sensitive information kernel memory. Baozeng Ding discovered a race condition that could lead to a use-after-...

7.8CVSS6.7AI score0.00443EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/01/10 6:45 p.m.•87 views

USN-3166-1: WebKitGTK+ vulnerabilities

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

9.6CVSS6.8AI score0.66788EPSS
Exploits9
Ubuntu
Ubuntu
•added 2017/01/05 5:45 p.m.•65 views

USN-3164-1: Exim vulnerability

Bjoern Jacke discovered that Exim incorrectly handled DKIM keys. In certain configurations, private DKIM signing keys could be leaked to the log files...

5.9CVSS6.5AI score0.03098EPSS
Exploits0
Ubuntu
Ubuntu
•added 2017/01/04 4:32 p.m.•72 views

USN-3163-1: NSS vulnerabilities

It was discovered that NSS incorrectly handled certain invalid Diffie-Hellman keys. A remote attacker could possibly use this flaw to cause NSS to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. CVE-2016-5285 Hubert Kari...

7.5CVSS7.6AI score0.02452EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/20 9:55 p.m.•76 views

USN-3162-2: Linux kernel (Raspberry Pi 2) vulnerabilities

CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service system crash. CVE-2016-6213 Andreas Gruenbacher and Jan Kara discovered that the...

10CVSS6.7AI score0.09144EPSS
Exploits1
Ubuntu
Ubuntu
•added 2016/12/20 9:43 p.m.•86 views

USN-3162-1: Linux kernel vulnerabilities

CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service system crash. CVE-2016-6213 It was discovered that the KVM implementation for x86/x8664 ...

10CVSS6.7AI score0.09144EPSS
Exploits1
Ubuntu
Ubuntu
•added 2016/12/20 9:35 p.m.•101 views

USN-3161-4: Linux kernel (Qualcomm Snapdragon) vulnerabilities

Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to expose sensitive information kernel memory. CVE-2015-8964 It was discovered that the Video For Linux Two v4l2 implementation in the Linux kernel d...

10CVSS7.3AI score0.09144EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/20 9:31 p.m.•61 views

USN-3161-3: Linux kernel (Raspberry Pi 2) vulnerabilities

Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to expose sensitive information kernel memory. CVE-2015-8964 It was discovered that the Video For Linux Two v4l2 implementation in the Linux kernel d...

10CVSS7.3AI score0.09144EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/20 9:17 p.m.•97 views

USN-3161-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3161-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY...

10CVSS7.2AI score0.09144EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/20 9:3 p.m.•95 views

USN-3161-1: Linux kernel vulnerabilities

Tilman Schmidt and Sasha Levin discovered a use-after-free condition in the TTY implementation in the Linux kernel. A local attacker could use this to expose sensitive information kernel memory. CVE-2015-8964 It was discovered that the Video For Linux Two v4l2 implementation in the Linux kernel d...

10CVSS7.2AI score0.09144EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/20 7:56 p.m.•72 views

USN-3160-2: Linux kernel (Trusty HWE) vulnerabilities

USN-3160-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. CAI Qian discovered that shared bind mounts in a mount namespace exponentially added...

5.5CVSS6.2AI score0.00388EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/20 7:54 p.m.•64 views

USN-3160-1: Linux kernel vulnerabilities

CAI Qian discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. A local attacker could use this to cause a denial of service system crash. CVE-2016-6213 It was discovered that a race condition existed in the procf...

5.5CVSS6.1AI score0.00388EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/20 7:53 p.m.•70 views

USN-3159-2: Linux kernel (OMAP4) vulnerability

It was discovered that a race condition existed in the procfs environread function in the Linux kernel, leading to an integer underflow. A local attacker could use this to expose sensitive information kernel memory...

5.5CVSS6.9AI score0.00388EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/20 7:50 p.m.•62 views

USN-3159-1: Linux kernel vulnerability

It was discovered that a race condition existed in the procfs environread function in the Linux kernel, leading to an integer underflow. A local attacker could use this to expose sensitive information kernel memory...

5.5CVSS6.9AI score0.00388EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/19 5:34 p.m.•84 views

USN-3158-1: Samba vulnerabilities

Frederic Besler and others discovered that the ndrpulldnspnam function in Samba contained an integer overflow. An authenticated attacker could use this to gain administrative privileges. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. CVE-2016-2123 Simo Sorce...

8.8CVSS6.7AI score0.09199EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/17 2:23 a.m.•44 views

USN-3156-2: APT regression

USN-3156-1 fixed vulnerabilities in APT. It also caused a bug in unattended-upgrades on that may require manual intervention to repair. Users on Ubuntu 16.10 should run the following commands at a terminal: sudo dpkg --configure --pending sudo apt-get -f install This update fixes the problem. We...

5.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2016/12/14 10:15 p.m.•76 views

USN-3157-1: Apport vulnerabilities

Donncha O Cearbhaill discovered that the crash file parser in Apport improperly treated the CrashDB field as python code. An attacker could use this to convince a user to open a maliciously crafted crash file and execute arbitrary code with the privileges of that user. This issue only affected...

9.3CVSS7.7AI score0.17726EPSS
Exploits8
Ubuntu
Ubuntu
•added 2016/12/13 10:5 p.m.•72 views

USN-3155-1: Firefox vulnerabilities

Multiple security vulnerabilities were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to conduct cross-site scripting XSS attacks, obtain sensitive information, cause a denial of service via application crash, o...

9.8CVSS7.9AI score0.21401EPSS
Exploits12
Ubuntu
Ubuntu
•added 2016/12/13 6:35 p.m.•64 views

USN-3156-1: APT vulnerability

Jann Horn discovered that APT incorrectly handled InRelease files. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could potentially be used to install altered packages...

5.9CVSS5.5AI score0.07308EPSS
Exploits2
Ubuntu
Ubuntu
•added 2016/12/09 1:38 p.m.•116 views

USN-3153-1: Oxide vulnerabilities

Multiple vulnerabilities were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to conduct cross-site scripting XSS attacks, read uninitialized memory, obtain sensitive information, spoof the webview URL, bypass...

10CVSS7.2AI score0.11182EPSS
Exploits5
Ubuntu
Ubuntu
•added 2016/12/08 12:30 a.m.•109 views

USN-3154-1: OpenJDK 6 vulnerabilities

It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. An attacker could use this to modify without detection the content of a JAR file, affecting system integrity. CVE-2016-5542 It was discovered that the JMX component of OpenJDK did not...

9.6CVSS7.2AI score0.05437EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/06 12:11 a.m.•70 views

USN-3152-2: Linux kernel (Raspberry Pi 2) vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/12/06 12:3 a.m.•66 views

USN-3150-2: Linux kernel (OMAP4) vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/12/05 11:58 p.m.•74 views

USN-3151-4: Linux kernel (Raspberry Pi 2) vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/12/05 1:6 p.m.•83 views

USN-3151-3: Linux kernel (Qualcomm Snapdragon) vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/12/05 12:44 p.m.•78 views

USN-3152-1: Linux kernel vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/12/05 12:35 p.m.•86 views

USN-3151-2: Linux kernel (Xenial HWE) vulnerability

USN-3151-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Philip Pettersson discovered a race condition in the afpacket implementation in the...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/12/05 12:24 p.m.•77 views

USN-3151-1: Linux kernel vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/12/05 12:8 p.m.•67 views

USN-3150-1: Linux kernel vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/12/05 11:38 a.m.•74 views

USN-3149-2: Linux kernel (Trusty HWE) vulnerability

USN-3149-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Philip Pettersson discovered a race condition in the afpacket implementation in the...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/12/05 11:6 a.m.•76 views

USN-3149-1: Linux kernel vulnerability

Philip Pettersson discovered a race condition in the afpacket implementation in the Linux kernel. A local unprivileged attacker could use this to cause a denial of service system crash or run arbitrary code with administrative privileges...

7.8CVSS7.5AI score0.11127EPSS
Exploits16
Ubuntu
Ubuntu
•added 2016/12/02 2:5 a.m.•75 views

USN-3148-1: Ghostscript vulnerabilities

Tavis Ormandy discovered multiple vulnerabilities in the way that Ghostscript processes certain Postscript files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause a denial of service or possibly execute arbitrary code. CVE-2016-7976,...

9.8CVSS7.4AI score0.23453EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/12/01 7:42 p.m.•66 views

USN-3133-1: Oxide vulnerabilities

Multiple security vulnerabilities were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, cause a denial of service via application crash, or execute arbitrary code. CVE-2016-5198,...

9.1CVSS8.5AI score0.34703EPSS
Exploits1
Ubuntu
Ubuntu
•added 2016/12/01 12:56 a.m.•121 views

USN-3141-1: Thunderbird vulnerabilities

Christian Holler, Jon Coppeard, Olli Pettay, Ehsan Akhgari, Gary Kwong, Tooru Fujisawa, and Randell Jesup discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of...

9.8CVSS8.4AI score0.87598EPSS
Exploits17
Ubuntu
Ubuntu
•added 2016/11/30 11:26 p.m.•66 views

USN-3140-1: Firefox vulnerabilities

It was discovered that data: URLs can inherit the wrong origin after a HTTP redirect in some circumstances. An attacker could potentially exploit this to bypass same-origin restrictions. CVE-2016-9078 A use-after-free was discovered in SVG animations. If a user were tricked in to opening a...

8.8CVSS8.5AI score0.87598EPSS
Exploits15
Ubuntu
Ubuntu
•added 2016/11/30 8:45 p.m.•76 views

USN-3147-1: Linux kernel vulnerabilities

Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges. CVE-2016-7097 Marco Grassi discovered that the driver for Areca RAID...

7.8CVSS6.4AI score0.0043EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/11/30 8:27 p.m.•76 views

USN-3146-2: Linux kernel (Xenial HWE) vulnerabilities

USN-3146-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the getuserasmex implementation in the Linux kernel for x86/x86...

9.3CVSS6.8AI score0.01454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2016/11/30 8:16 p.m.•73 views

USN-3146-1: Linux kernel vulnerabilities

It was discovered that the getuserasmex implementation in the Linux kernel for x86/x8664 contained extended asm statements that were incompatible with the exception table. A local attacker could use this to gain administrative privileges. CVE-2016-9644 Andreas Gruenbacher and Jan Kara discovered...

9.3CVSS6.8AI score0.01454EPSS
Exploits0
Total number of security vulnerabilities10923