Lucene search
K
UbuntuRecent

10923 matches found

Ubuntu
Ubuntu
added 2016/05/31 3:4 p.m.55 views

USN-2986-1: dosfstools vulnerabilities

Hanno Böck discovered that dosfstools incorrectly handled certain malformed filesystems. A local attacker could use this issue to cause dosfstools to crash, resulting in a denial of service, or possibly execute arbitrary code...

6.2CVSS6.9AI score0.00448EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/26 2:59 p.m.93 views

USN-2985-2: GNU C Library regression

USN-2985-1 fixed vulnerabilities in the GNU C Library. The fix for CVE-2014-9761 introduced a regression which affected applications that use the libm library but were not fully restarted after the upgrade. This update removes the fix for CVE-2014-9761 and a future update will be provided to...

8.3AI score
Exploits0References1
Ubuntu
Ubuntu
added 2016/05/25 8:22 p.m.91 views

USN-2985-1: GNU C Library vulnerabilities

Martin Carpenter discovered that ptchown in the GNU C Library did not properly check permissions for tty files. A local attacker could use this to gain administrative privileges or expose sensitive information. CVE-2013-2207, CVE-2016-2856 Robin Hack discovered that the Name Service Switch NSS...

9.8CVSS8.2AI score0.07629EPSS
Exploits6
Ubuntu
Ubuntu
added 2016/05/25 5:20 p.m.79 views

USN-2950-5: Samba regression

USN-2950-1 fixed vulnerabilities in Samba. USN-2950-3 updated Samba to version 4.3.9, which introduced a regression when using the ntlmauth tool. This update fixes the problem. Original advisory details: Jouni Knuutinen discovered that Samba contained multiple flaws in the DCE/RPC implementation....

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
added 2016/05/24 5:31 p.m.112 views

USN-2984-1: PHP vulnerabilities

It was discovered that the PHP Fileinfo component incorrectly handled certain magic files. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. CVE-2015-8865 Hans Jerry Illikainen...

9.8CVSS8.5AI score0.56132EPSS
Exploits22
Ubuntu
Ubuntu
added 2016/05/19 12:42 a.m.53 views

USN-2936-3: Firefox regression

USN-2936-1 fixed vulnerabilities in Firefox. The update caused an issue where a device update POST request was sent every time about:preferencessync was shown. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christian Holler, Tyson Smith, Phil Ringald...

8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2016/05/19 12:25 a.m.87 views

USN-2973-1: Thunderbird vulnerabilities

Christian Holler, Tyson Smith, and Phil Ringalda discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code...

10CVSS8.1AI score0.04692EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/18 11:15 p.m.63 views

USN-2960-1: Oxide vulnerabilities

An out of bounds write was discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code. CVE-2016-1660 It was discovered that Blink assumes that a frame...

9.8CVSS8.1AI score0.04227EPSS
Exploits2
Ubuntu
Ubuntu
added 2016/05/18 12:52 p.m.88 views

USN-2950-4: Samba regressions

USN-2950-1 fixed vulnerabilities in Samba. The backported fixes introduced in Ubuntu 12.04 LTS caused interoperability issues. This update fixes compatibility with certain NAS devices, and allows connecting to Samba 3.6 servers by relaxing the "client ipc signing" parameter to "auto". We apologiz...

7.1AI score
Exploits0References2
Ubuntu
Ubuntu
added 2016/05/18 11:37 a.m.72 views

USN-2983-1: Expat vulnerability

Gustavo Grieco discovered that Expat incorrectly handled malformed XML data. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code. CVE-2016-0718...

9.8CVSS8.3AI score0.13802EPSS
Exploits3
Ubuntu
Ubuntu
added 2016/05/17 3:34 p.m.59 views

USN-2982-1: Libksba vulnerabilities

Hanno Böck discovered that Libksba incorrectly handled decoding certain BER data. An attacker could use this issue to cause Libksba to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. CVE-2016-4353 Hanno Böck discovered that Libksba...

7.5CVSS7.8AI score0.03205EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/17 3:33 p.m.57 views

USN-2981-1: libarchive vulnerabilities

It was discovered that libarchive incorrectly handled certain entry-size values in ZIP archives. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 15.10 and...

8.8CVSS7.9AI score0.10284EPSS
Exploits1
Ubuntu
Ubuntu
added 2016/05/17 12:39 p.m.48 views

USN-2980-1: libndp vulnerability

Julien Bernard discovered that libndp incorrectly performed origin checks when receiving Neighbor Discovery Protocol NDP messages. A remote attacker outside of the local network could use this issue to advertise a node as a router, causing a denial of service, or possibly to act as a...

8.1CVSS7.6AI score0.03806EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/16 7:6 p.m.74 views

USN-2979-4: Linux kernel (Qualcomm Snapdragon) vulnerability

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.3AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/16 7:1 p.m.84 views

USN-2979-3: Linux kernel (Raspberry Pi 2) vulnerability

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.3AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/16 6:54 p.m.73 views

USN-2979-2: Linux kernel (Xenial HWE) vulnerabilities

USN-2979-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in t...

7.8CVSS7.2AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/16 6:45 p.m.73 views

USN-2979-1: Linux kernel vulnerabilities

David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in the Linux kernel did not properly restrict variable Memory Type Range Registers MTRR in KVM guests. A privileged user in a guest VM could use this to cause a denial of service system crash in the host, expose...

7.8CVSS7.2AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/16 6:34 p.m.99 views

USN-2978-3: Linux kernel (Raspberry Pi 2) vulnerability

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.3AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/16 5:46 p.m.75 views

USN-2978-2: Linux kernel (Wily HWE) vulnerabilities

USN-2978-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in the Linux...

7.8CVSS7.2AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/16 5:31 p.m.85 views

USN-2978-1: Linux kernel vulnerabilities

David Matlack discovered that the Kernel-based Virtual Machine KVM implementation in the Linux kernel did not properly restrict variable Memory Type Range Registers MTRR in KVM guests. A privileged user in a guest VM could use this to cause a denial of service system crash in the host, expose...

7.8CVSS7.2AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/16 5:25 p.m.78 views

USN-2977-1: Linux kernel (Vivid HWE) vulnerability

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.3AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/16 5:17 p.m.83 views

USN-2976-1: Linux kernel (Utopic HWE) vulnerability

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.3AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/16 5:9 p.m.91 views

USN-2975-2: Linux kernel (Trusty HWE) vulnerability

USN-2975-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properl...

7.8CVSS7.3AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/16 4:45 p.m.66 views

USN-2975-1: Linux kernel vulnerability

Philip Pettersson discovered that the Linux kernel's ASN.1 DER decoder did not properly process certificate files with tags of indefinite length. A local unprivileged attacker could use this to cause a denial of service system crash or possibly execute arbitrary code with administrative privilege...

7.8CVSS7.3AI score0.00397EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/12 2:33 p.m.65 views

USN-2974-1: QEMU vulnerabilities

Zuozhi Fzz discovered that QEMU incorrectly handled USB OHCI emulation support. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. CVE-2016-2391 Qinghao Tang discovered that QEMU incorrectly handled USB Net emulation support. A...

9.8CVSS7AI score0.06336EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/10 8:35 p.m.83 views

USN-2972-1: OpenJDK 6 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. CVE-2016-0686, CVE-2016-0687,...

10CVSS7.5AI score0.92334EPSS
Exploits1
Ubuntu
Ubuntu
added 2016/05/09 10:36 p.m.88 views

USN-2971-3: Linux kernel (Raspberry Pi 2) vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Zach Riggle discovered that the Linux kernel's list...

7.8CVSS6.4AI score0.01946EPSS
Exploits19
Ubuntu
Ubuntu
added 2016/05/09 10:28 p.m.93 views

USN-2971-2: Linux kernel (Wily HWE) vulnerabilities

USN-2971-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did no...

7.8CVSS6.4AI score0.01946EPSS
Exploits19
Ubuntu
Ubuntu
added 2016/05/09 10:11 p.m.100 views

USN-2971-1: Linux kernel vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Zach Riggle discovered that the Linux kernel's list...

7.8CVSS6.4AI score0.01946EPSS
Exploits19
Ubuntu
Ubuntu
added 2016/05/09 10:4 p.m.91 views

USN-2970-1: Linux kernel (Vivid HWE) vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Ben Hawkes discovered that the Linux kernel's AIO...

7.8CVSS6.6AI score0.01946EPSS
Exploits19
Ubuntu
Ubuntu
added 2016/05/09 9:57 p.m.89 views

USN-2969-1: Linux kernel (Utopic HWE) vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Ben Hawkes discovered that the Linux kernel's AIO...

7.8CVSS6.6AI score0.01946EPSS
Exploits14
Ubuntu
Ubuntu
added 2016/05/09 9:43 p.m.74 views

USN-2968-2: Linux kernel (Trusty HWE) vulnerabilities

USN-2968-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kerne...

7.8CVSS7.4AI score0.01946EPSS
Exploits19
Ubuntu
Ubuntu
added 2016/05/09 9:23 p.m.91 views

USN-2968-1: Linux kernel vulnerabilities

Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not properly validate the endpoints reported by the device. An attacker with physical access could cause a denial of service system crash. CVE-2015-7515 Ben Hawkes discovered that the Linux kernel's AIO...

7.8CVSS7.4AI score0.01946EPSS
Exploits19
Ubuntu
Ubuntu
added 2016/05/09 9:16 p.m.80 views

USN-2967-2: Linux kernel (OMAP4) vulnerabilities

It was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. CVE-2013-4312 Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not...

10CVSS7.6AI score0.14546EPSS
Exploits15
Ubuntu
Ubuntu
added 2016/05/09 8:55 p.m.98 views

USN-2967-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly enforce rlimits for file descriptors sent over UNIX domain sockets. A local attacker could use this to cause a denial of service. CVE-2013-4312 Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in the Linux kernel did not...

10CVSS7.6AI score0.14546EPSS
Exploits15
Ubuntu
Ubuntu
added 2016/05/09 5:4 p.m.223 views

USN-2966-1: OpenSSH vulnerabilities

Shayan Sadigh discovered that OpenSSH incorrectly handled environment files when the UseLogin feature is enabled. A local attacker could use this issue to gain privileges. CVE-2015-8325 Ben Hawkes discovered that OpenSSH incorrectly handled certain network traffic. A remote attacker could possibl...

9.8CVSS6.8AI score0.37016EPSS
Exploits13
Ubuntu
Ubuntu
added 2016/05/06 8:37 p.m.102 views

USN-2965-4: Linux kernel (Qualcomm Snapdragon) vulnerability

Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in the Linux kernel did not properly reference count file descriptors, leading to a use-after-free. A local unprivileged attacker could use this to gain administrative privileges. Ralf Spenneberg discovered that the...

10CVSS6.8AI score0.2593EPSS
Exploits32
Ubuntu
Ubuntu
added 2016/05/06 8:32 p.m.61 views

USN-2965-3: Linux kernel (Raspberry Pi 2) vulnerabilities

Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in the Linux kernel did not properly reference count file descriptors, leading to a use-after-free. A local unprivileged attacker could use this to gain administrative privileges. CVE-2016-4557 Ralf Spenneberg...

10CVSS6.8AI score0.2593EPSS
Exploits32
Ubuntu
Ubuntu
added 2016/05/06 8:21 p.m.95 views

USN-2965-2: Linux kernel (Xenial HWE) vulnerabilities

USN-2965-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement HWE kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in t...

10CVSS7.1AI score0.2593EPSS
Exploits32
Ubuntu
Ubuntu
added 2016/05/06 8:9 p.m.90 views

USN-2965-1: Linux kernel vulnerabilities

Jann Horn discovered that the extended Berkeley Packet Filter eBPF implementation in the Linux kernel did not properly reference count file descriptors, leading to a use-after-free. A local unprivileged attacker could use this to gain administrative privileges. CVE-2016-4557 Ralf Spenneberg...

10CVSS6.8AI score0.2593EPSS
Exploits32
Ubuntu
Ubuntu
added 2016/05/05 2:1 a.m.95 views

USN-2964-1: OpenJDK 7 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. CVE-2016-0686, CVE-2016-0687,...

10CVSS7.5AI score0.92334EPSS
Exploits1
Ubuntu
Ubuntu
added 2016/05/05 1:37 a.m.95 views

USN-2963-1: OpenJDK 8 vulnerabilities

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. CVE-2016-0686, CVE-2016-0687,...

10CVSS7.5AI score0.92334EPSS
Exploits1
Ubuntu
Ubuntu
added 2016/05/04 7:36 p.m.40 views

USN-2961-1: Little CMS vulnerability

It was discovered that a double free could occur when the intent handling code in the Little CMS library detected an error. An attacker could use this to specially craft a file that caused an application using the Little CMS library to crash or possibly execute arbitrary code...

10CVSS8.8AI score0.0623EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/04 6:44 p.m.100 views

USN-2950-3: Samba regressions

USN-2950-1 fixed vulnerabilities in Samba. The fixes introduced in Samba 4.3.8 caused certain regressions and interoperability issues. This update resolves some of these issues by updating to Samba 4.3.9 in Ubuntu 14.04 LTS, Ubuntu 15.10 and Ubuntu 16.04 LTS. Backported regression fixes were adde...

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
added 2016/05/04 6:34 p.m.81 views

USN-2950-2: libsoup update

USN-2950-1 fixed vulnerabilities in Samba. The updated Samba packages introduced a compatibility issue with NTLM authentication in libsoup. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jouni Knuutinen discovered that Samba contained multiple flaws ...

7.1AI score
Exploits0References1
Ubuntu
Ubuntu
added 2016/05/03 2:49 p.m.104 views

USN-2959-1: OpenSSL vulnerabilities

Huzaifa Sidhpurwala, Hanno Böck, and David Benjamin discovered that OpenSSL incorrectly handled memory when decoding ASN.1 structures. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2016-2108 Juraj...

10CVSS8.1AI score0.89058EPSS
Exploits7
Ubuntu
Ubuntu
added 2016/05/02 8:19 p.m.58 views

USN-2936-2: Oxygen-GTK3 update

USN-2936-1 fixed vulnerabilities in Firefox. The update caused Firefox to crash on startup with the Oxygen GTK theme due to a pre-existing bug in the Oxygen-GTK3 theme engine. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Christian Holler, Tyson...

8AI score
Exploits0References1
Ubuntu
Ubuntu
added 2016/05/02 6:31 p.m.57 views

USN-2957-2: Libtasn1 vulnerability

USN-2957-1 fixed a vulnerability in Libtasn1. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: Pascal Cuoq and Miod Vallat discovered that Libtasn1 incorrectly handled certain malformed DER certificates. A remote attacker could possibly use this issue...

5.9CVSS6.6AI score0.29572EPSS
Exploits0
Ubuntu
Ubuntu
added 2016/05/02 4:58 p.m.55 views

USN-2958-1: poppler vulnerabilities

It was discovered that the poppler pdfseparate tool incorrectly handled certain filenames. A local attacker could use this issue to cause the tool to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 12.04 LTS. CVE-2013-4473,...

9.3CVSS7.8AI score0.10483EPSS
Exploits1
Ubuntu
Ubuntu
added 2016/05/02 4:46 p.m.59 views

USN-2957-1: Libtasn1 vulnerability

Pascal Cuoq and Miod Vallat discovered that Libtasn1 incorrectly handled certain malformed DER certificates. A remote attacker could possibly use this issue to cause applications using Libtasn1 to hang, resulting in a denial of service...

5.9CVSS6.6AI score0.29572EPSS
Exploits0
Total number of security vulnerabilities10923