10832 matches found
USN-2813-1: LXCFS vulnerabilities
It was discovered that LXCFS incorrectly enforced directory escapes. A local attacker could use this issue to possibly escalate privileges. CVE-2015-1342 It was discovered that LXCFS incorrectly checked certain permissions. A local attacker could use this issue t possibly escalate privileges...
USN-2812-1: libxml2 vulnerabilities
Florian Weimer discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS,...
USN-2811-1: strongSwan vulnerability
It was discovered that the strongSwan eap-mschapv2 plugin incorrectly handled state. A remote attacker could use this issue to bypass authentication...
USN-2810-1: Kerberos vulnerabilities
It was discovered that the Kerberos kpasswd service incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. CVE-2002-2443 It was discovered that Kerberos...
USN-2809-1: LXD vulnerability
Jeroen Simonetti discovered that LXD incorrectly set socket permissions. A local attacker could use this issue to escalate privileges...
USN-2807-1: Linux kernel (Wily HWE) vulnerability
Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...
USN-2808-1: wpa_supplicant and hostapd vulnerabilities
It was discovered that wpasupplicant incorrectly handled WMM Sleep Mode Response frame processing. A remote attacker could use this issue to perform broadcast/multicast packet injections, or cause a denial of service. CVE-2015-5310 It was discovered that wpasupplicant and hostapd incorrectly...
USN-2806-1: Linux kernel (Vivid HWE) vulnerability
Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...
USN-2805-1: Linux kernel (Utopic HWE) vulnerability
Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...
USN-2804-1: Linux kernel (Trusty HWE) vulnerability
Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...
USN-2803-1: Linux kernel vulnerability
Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...
USN-2802-1: Linux kernel vulnerability
Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...
USN-2801-1: Linux kernel vulnerability
Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...
USN-2800-1: Linux kernel vulnerability
Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service system crash in the host OS...
USN-2788-2: unzip regression
USN-2788-1 fixed vulnerabilities in unzip. One of the security patches caused a regression when extracting 0-byte files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Gustavo Grieco discovered that unzip incorrectly handled certain password protecte...
USN-2799-1: Linux kernel vulnerabilities
It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. CVE-2015-2925 Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver...
USN-2798-1: Linux kernel (Vivid HWE) vulnerabilities
It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. CVE-2015-2925 Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver...
USN-2797-1: Linux kernel (Utopic HWE) vulnerabilities
It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service...
USN-2796-1: Linux kernel (OMAP4) vulnerabilities
Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service system crash. CVE-2015-7613 It was discovered that the Lin...
USN-2795-1: Linux kernel (Trusty HWE) vulnerabilities
It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. CVE-2015-2925 Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver...
USN-2794-1: Linux kernel vulnerabilities
It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. CVE-2015-2925 Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver...
USN-2793-1: LibreOffice vulnerabilities
Federico Scrinzi discovered that LibreOffice incorrectly handled documents inserted into Writer or Calc via links. If a user were tricked into opening a specially crafted document, a remote attacker could possibly obtain the contents of arbitrary files. CVE-2015-4551 It was discovered that...
USN-2792-1: Linux kernel vulnerabilities
Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service system crash. CVE-2015-7613 It was discovered that the Lin...
USN-2785-1: Firefox vulnerabilities
Christian Holler, David Major, Jesse Ruderman, Tyson Smith, Boris Zbarsky, Randell Jesup, Olli Pettay, Karl Tomlinson, Jeff Walden, Gary Kwong, Andrew McCreight, Georg Fritzsche, and Carsten Book discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially...
USN-2791-1: NSS vulnerabilities
Tyson Smith and David Keeler discovered that NSS incorrectly handled decoding certain ASN.1 data. An remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-2790-1: NSPR vulnerability
Ryan Sleevi discovered that NSPR incorrectly handled memory allocation. A remote attacker could use this issue to cause NSPR to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-2789-1: XScreenSaver vulnerability
It was discovered that XScreenSaver incorrectly handled unplugging an external monitor. An attacker with physical access could use this flaw to gain access to a locked session...
USN-2788-1: unzip vulnerabilities
Gustavo Grieco discovered that unzip incorrectly handled certain password protected archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code. CVE-2015-7696 Gustavo Grieco discovered that unzip incorrect...
USN-2787-1: audiofile vulnerability
Fabrizio Gennari discovered that audiofile incorrectly handled changing both the sample format and the number of channels. If a user or automated system were tricked into processing a specially crafted file, audiofile could be made to crash, leading to a denial of service, or possibly execute...
USN-2786-1: PHP vulnerabilities
It was discovered that the PHP phar extension incorrectly handled certain files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. CVE-2015-7803, CVE-2015-7804...
USN-2784-1: OpenJDK 7 vulnerabilities
Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2015-4805, CVE-2015-4835, CVE-2015-4843, CVE-2015-4844,...
USN-2783-1: NTP vulnerabilities
Aleksis Kauppinen discovered that NTP incorrectly handled certain remote config packets. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. CVE-2015-5146 Miroslav Lichvar discovered that NTP...
USN-2782-1: Apport vulnerability
Gabriel Campana discovered that Apport incorrectly handled Python module imports. A local attacker could use this issue to elevate privileges...
USN-2781-1: MySQL vulnerabilities
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.46 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.04 and Ubuntu 15.10 have been updated to MySQL 5.6.27. In addition to security fixes, th...
USN-2780-2: MiniUPnP vulnerability
USN-2780-1 fixed a vulnerability in the MiniUPnP library in Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 15.04. This update provides the corresponding update for Ubuntu 15.10. Original advisory details: Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionalit...
USN-2770-2: Oxide vulnerabilities
USN-2770-1 fixed vulnerabilities in Oxide in Ubuntu 14.04 LTS and Ubuntu 15.04. This update provides the corresponding updates for Ubuntu 15.10. Original advisory details: It was discovered that ContainerNode::parserInsertBefore in Blink would incorrectly proceed with a DOM tree insertion in some...
USN-2780-1: MiniUPnP vulnerability
Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionality of the MiniUPnP library. A remote attacker could use this to cause a denial of service application crash or possibly execute arbitrary code with privileges of the user running an application that uses th...
USN-2770-1: Oxide vulnerabilities
It was discovered that ContainerNode::parserInsertBefore in Blink would incorrectly proceed with a DOM tree insertion in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same origin restrictions. CVE-2015-67...
USN-2779-1: Linux kernel vulnerabilities
It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service...
USN-2778-1: Linux kernel (Vivid HWE) vulnerabilities
It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service...
USN-2777-1: Linux kernel (Utopic HWE) vulnerabilities
It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service system crash or possibly execute code with administrative privileges. CVE-2015-5156 Benjamin Randazzo...
USN-2776-1: Linux kernel vulnerabilities
It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service...
USN-2775-1: Linux kernel (Trusty HWE) vulnerabilities
It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing a denial of service...
USN-2774-1: Linux kernel (OMAP4) vulnerabilities
It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service system crash or possibly execute code with administrative privileges. CVE-2015-5156 It was discovered...
USN-2773-1: Linux kernel vulnerabilities
It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service system crash or possibly execute code with administrative privileges. CVE-2015-5156 It was discovered...
USN-2768-1: Firefox vulnerability
Abdulrahman Alqabandi and Ben Kelly discovered that the fetch API did not correctly implement the Cross Origin Resource Sharing CORS specification. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information from oth...
USN-2772-1: PostgreSQL vulnerabilities
Josh Kupershmidt discovered the pgCrypto extension could expose several bytes of server memory if the crypt function was provided a too-short salt. An attacker could use this flaw to read private data. CVE-2015-5288 Oskari Saarenmaa discovered that the json and jsonb handlers could exhaust...
USN-2771-1: Click vulnerability
It was discovered that click did not properly perform input sanitization during click package installation. If a user were tricked into installing a crafted click package, a remote attacker could exploit this to escalate privileges by tricking click into installing lenient security policy for the...
USN-2709-2: pollinate update
USN-2709-1 updated pollinate's certificate for entropy.ubuntu.com but did not include a new certificate authority certificate. This update fixes the problem. We apologize for the inconvenience. Original advisory details: The pollinate package bundles the certificate for entropy.ubuntu.com. This...
USN-2769-1: Apache Commons HttpClient vulnerabilities
It was discovered that Apache Commons HttpClient did not properly verify the Common Name or subjectAltName fields of X.509 certificates. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications. This issue only affect...