10923 matches found
USN-3029-1: NSS vulnerability
Tyson Smith and Jed Davis discovered that NSS incorrectly handled memory. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. This update refreshes the NSS package to version 3.23 which includes the latest CA...
USN-3028-1: NSPR vulnerability
It was discovered that NSPR incorrectly handled memory allocation. A remote attacker could use this issue to cause NSPR to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-3027-1: Tomcat vulnerability
It was discovered that the Tomcat Fileupload library incorrectly handled certain upload requests. A remote attacker could possibly use this issue to cause a denial of service...
USN-3026-2: libusbmuxd vulnerability
It was discovered that libusbmuxd incorrectly handled socket permissions. A remote attacker could use this issue to access services on iOS devices, contrary to expectations...
USN-3026-1: libimobiledevice vulnerability
It was discovered that libimobiledevice incorrectly handled socket permissions. A remote attacker could use this issue to access services on iOS devices, contrary to expectations...
USN-3025-1: GIMP vulnerability
It was discovered that GIMP incorrectly handled malformed XCF files. If a user were tricked into opening a specially crafted XCF file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges...
USN-3024-1: Tomcat vulnerabilities
It was discovered that Tomcat incorrectly handled pathnames used by web applications in a getResource, getResourceAsStream, or getResourcePaths call. A remote attacker could use this issue to possibly list a parent directory . This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu...
USN-3015-1: Oxide vulnerabilities
Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service via application crash, or execute arbitrary code. CVE-2016-1704...
USN-3022-1: LibreOffice vulnerability
It was discovered that LibreOffice incorrectly handled RTF document files. If a user were tricked into opening a specially crafted RTF document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code...
USN-3021-2: Linux kernel (OMAP4) vulnerabilities
Andrey Konovalov discovered that the CDC Network Control Model USB driver in the Linux kernel did not cancel work events queued if a later error occurred, resulting in a use-after-free. An attacker with physical access could use this to cause a denial of service system crash. CVE-2016-3951 Kangji...
USN-3021-1: Linux kernel vulnerabilities
Andrey Konovalov discovered that the CDC Network Control Model USB driver in the Linux kernel did not cancel work events queued if a later error occurred, resulting in a use-after-free. An attacker with physical access could use this to cause a denial of service system crash. CVE-2016-3951 Kangji...
USN-3020-1: Linux kernel (Vivid HWE) vulnerabilities
Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...
USN-3019-1: Linux kernel (Utopic HWE) vulnerabilities
Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...
USN-3018-2: Linux kernel (Trusty HWE) vulnerabilities
USN-3018-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not...
USN-3018-1: Linux kernel vulnerabilities
Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...
USN-3016-4: Linux kernel (Xenial HWE) vulnerabilities
USN-3016-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not...
USN-3017-3: Linux kernel (Wily HWE) vulnerabilities
USN-3017-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correct...
USN-3017-2: Linux kernel (Raspberry Pi 2) vulnerabilities
Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...
USN-3017-1: Linux kernel vulnerabilities
Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...
USN-3016-3: Linux kernel (Qualcomm Snapdragon) vulnerabilities
Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...
USN-3016-2: Linux kernel (Raspberry Pi 2) vulnerabilities
Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...
USN-3016-1: Linux kernel vulnerabilities
Jesse Hertz and Tim Newsham discovered that the Linux netfilter implementation did not correctly perform validation when handling 32 bit compatibility IPTSOSETREPLACE events on 64 bit platforms. A local unprivileged attacker could use this to cause a denial of service system crash or execute...
USN-3014-1: Spice vulnerabilities
Jing Zhao discovered that the Spice smartcard support incorrectly handled memory. A remote attacker could use this issue to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 15.10 and Ubuntu 16.04 LTS. CVE-2016-0749...
USN-3013-1: XML-RPC for C and C++ vulnerabilities
It was discovered that the Expat code in XML-RPC for C and C++ unexpectedly called srand in certain circumstances. This could reduce the security of calling applications. CVE-2012-6702 It was discovered that the Expat code in XML-RPC for C and C++ incorrectly handled seeding the random number...
USN-3010-1: Expat vulnerabilities
It was discovered that Expat unexpectedly called srand in certain circumstances. This could reduce the security of calling applications. CVE-2012-6702 It was discovered that Expat incorrectly handled seeding the random number generator. A remote attacker could possibly use this issue to cause a...
USN-3012-1: Wget vulnerability
Dawid Golunski discovered that Wget incorrectly handled filenames when being redirected from an HTTP to an FTP URL. A malicious server could possibly use this issue to overwrite local files...
USN-3011-1: HAProxy vulnerability
Falco Schmutz discovered that HAProxy incorrectly handled the reqdeny filter. A remote attacker could use this issue to cause HAProxy to crash, resulting in a denial of service...
USN-3009-1: Dnsmasq vulnerability
Edwin Török discovered that Dnsmasq incorrectly handled certain CNAME responses. A remote attacker could use this issue to cause Dnsmasq to crash, resulting in a denial of service...
USN-3008-1: Linux kernel (Qualcomm Snapdragon) vulnerability
Jann Horn discovered that eCryptfs improperly attempted to use the mmap handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service system crash or possibly execute arbitrary code with...
USN-3007-1: Linux kernel (Raspberry Pi 2) vulnerabilities
Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...
USN-3006-1: Linux kernel vulnerabilities
Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...
USN-3005-1: Linux kernel (Xenial HWE) vulnerabilities
Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...
USN-3004-1: Linux kernel (Raspberry Pi 2) vulnerabilities
Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...
USN-3003-1: Linux kernel vulnerabilities
Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...
USN-3002-1: Linux kernel (Wily HWE) vulnerabilities
Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...
USN-3001-1: Linux kernel (Vivid HWE) vulnerabilities
Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...
USN-3000-1: Linux kernel (Utopic HWE) vulnerabilities
Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...
USN-2999-1: Linux kernel vulnerability
Jann Horn discovered that eCryptfs improperly attempted to use the mmap handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service system crash or possibly execute arbitrary code with...
USN-2998-1: Linux kernel (Trusty HWE) vulnerabilities
Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jann Horn discovered that eCryptfs improperly attempted to use...
USN-2997-1: Linux kernel (OMAP4) vulnerabilities
Jann Horn discovered that eCryptfs improperly attempted to use the mmap handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service system crash or possibly execute arbitrary code with...
USN-2996-1: Linux kernel vulnerabilities
Jann Horn discovered that eCryptfs improperly attempted to use the mmap handler of a lower filesystem that did not implement one, causing a recursive page fault to occur. A local unprivileged attacker could use to cause a denial of service system crash or possibly execute arbitrary code with...
USN-2995-1: Squid vulnerabilities
Yuriy M. Kaminskiy discovered that the Squid pinger utility incorrectly handled certain ICMPv6 packets. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly cause Squid to leak information into log files. CVE-2016-3947 Yuriy M. Kaminskiy...
USN-2993-1: Firefox vulnerabilities
Christian Holler, Gary Kwong, Jesse Ruderman, Tyson Smith, Timothy Nikkel, Sylvestre Ledru, Julian Seward, Olli Pettay, Karl Tomlinson, Christoph Diehl, Julian Hector, Jan de Mooij, Mats Palmgren, and Tooru Fujisawa discovered multiple memory safety issues in Firefox. If a user were tricked in to...
USN-2994-1: libxml2 vulnerabilities
It was discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. CVE-2015-8806, CVE-2016-2073, CVE-2016-3627,...
USN-2992-1: Oxide vulnerabilities
An unspecified security issue was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. CVE-2016-1673 An issue was discovered with Document reattachment in Blink in some circumstances. ...
USN-2991-1: nginx vulnerability
It was discovered that nginx incorrectly handled saving client request bodies to temporary files. A remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service...
USN-2990-1: ImageMagick vulnerabilities
Nikolay Ermishkin and Stewie discovered that ImageMagick incorrectly sanitized untrusted input. A remote attacker could use these issues to execute arbitrary code. These issues are known as "ImageTragick". This update disables problematic coders via the /etc/ImageMagick-6/policy.xml configuration...
USN-2989-1: Linux kernel vulnerabilities
Justin Yackoski discovered that the Atheros L2 Ethernet Driver in the Linux kernel incorrectly enables scatter/gather I/O. A remote attacker could use this to obtain potentially sensitive information from kernel memory. CVE-2016-2117 Jason A. Donenfeld discovered multiple out-of-bounds reads in t...
USN-2988-1: LXD vulnerabilities
Robie Basak discovered that LXD incorrectly set permissions when setting up a loop based ZFS pool. A local attacker could use this issue to copy and read the data of any LXD container. CVE-2016-1581 Robie Basak discovered that LXD incorrectly set permissions when switching an unprivileged contain...
USN-2987-1: GD library vulnerabilities
It was discovered that the GD library incorrectly handled certain color tables in XPM images. If a user or automated system were tricked into processing a specially crafted XPM image, an attacker could cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS...