USN-2318-1: Linux kernel vulnerabilities

Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit this flaw to by-pass mount restrictions, and potentially gain administrative privileges. CVE-2014-5207 Kenton Varda discovered a flaw with...

USN-2317-1: Linux kernel (Trusty HWE) vulnerabilities

Eric W. Biederman discovered a flaw with the mediation of mount flags in the Linux kernel's user namespace subsystem. An unprivileged user could exploit this flaw to by-pass mount restrictions, and potentially gain administrative privileges. CVE-2014-5207 Kenton Varda discovered a flaw with...

USN-2316-1: Subversion vulnerabilities

Lieven Govaerts discovered that the Subversion moddavsvn module incorrectly handled certain request methods when SVNListParentPath was enabled. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS...

USN-2315-1: serf vulnerability

Ben Reser discovered that serf did not correctly handle SSL certificates with NUL bytes in the CommonName or SubjectAltNames fields. A remote attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...

USN-2314-1: Linux kernel vulnerability

An flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS...

USN-2313-1: Linux kernel (Trusty HWE) vulnerability

An flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service OOPS...

USN-2312-1: OpenJDK 6 vulnerabilities

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. CVE-2014-2490, CVE-2014-4216, CVE-2014-4219, CVE-2014-4262 Several...

USN-2311-1: pyCADF vulnerability

Zhi Kun Liu discovered that pyCADF incorrectly filtered certain tokens. An attacker could possibly use this issue to obtain authentication tokens used in REST requests...

USN-2310-1: Kerberos vulnerabilities

It was discovered that Kerberos incorrectly handled certain crafted Draft 9 requests. A remote attacker could use this issue to cause the daemon to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. CVE-2012-1016 It was discovered that Kerberos incorrectly handled...

USN-2309-1: Libav vulnerabilities

It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program...

USN-2308-1: OpenSSL vulnerabilities

Adam Langley and Wan-Teh Chang discovered that OpenSSL incorrectly handled certain DTLS packets. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. CVE-2014-3505 Adam Langley discovered that OpenSSL incorrectly handled memory when processing DTLS...

USN-2307-1: GPGME vulnerability

Tomáš Trnka discovered that GPGME incorrectly handled certain certificate line lengths. An attacker could use this issue to cause applications using GPGME to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-2306-2: GNU C Library regression

USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS, the security update cause a regression in certain environments that use the Name Service Caching Daemon nscd, such as those configured for LDAP or MySQL authentication. In these environments, the nscd daemon may need to b...

USN-2306-1: GNU C Library vulnerabilities

Maksymilian Arciemowicz discovered that the GNU C Library incorrectly handled the getaddrinfo function. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 10.04 LTS. CVE-2013-4357 It was discovered that the GNU C Library incorrectly handled the...

USN-2305-1: Samba vulnerability

Volker Lendecke discovered that the Samba NetBIOS name service daemon incorrectly handled certain memory operations. A remote attacker could use this issue to execute arbitrary code as the root user...

USN-2304-1: KDE-Libs vulnerability

It was discovered that kauth was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...

USN-2303-1: Unity vulnerability

It was discovered that in certain circumstances Unity failed to successfully grab the keyboard when switching to the lock screen. A local attacker could possibly use this issue to run commands, and unlock the current session...

USN-2302-1: Tomcat vulnerabilities

David Jorm discovered that Tomcat incorrectly handled certain requests submitted using chunked transfer encoding. A remote attacker could use this flaw to cause the Tomcat server to consume resources, resulting in a denial of service. CVE-2014-0075 It was discovered that Tomcat did not properly...

USN-2301-1: Jinja2 vulnerabilities

It was discovered that Jinja2 incorrectly handled temporary cache files and directories. A local attacker could use this issue to possibly gain privileges...

USN-2300-1: LZO vulnerability

Don A. Bailey discovered that LZO incorrectly handled certain input data. An attacker could use this issue to cause LZO to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-2298-1: Oxide vulnerabilities

A type confusion bug was discovered in V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. CVE-2014-1730 A...

USN-2299-1: Apache HTTP Server vulnerabilities

Marek Kroemeke discovered that the modproxy module incorrectly handled certain requests. A remote attacker could use this issue to cause the server to stop responding, leading to a denial of service. This issue only affected Ubuntu 14.04 LTS. CVE-2014-0117 Giancarlo Pellegrino and Davide Balzarot...

USN-2296-1: Thunderbird vulnerabilities

Christian Holler, David Keeler and Byron Campen discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or...

USN-2295-1: Firefox vulnerabilities

Christian Holler, David Keeler, Byron Campen, Gary Kwong, Jesse Ruderman, Andrew McCreight, Alon Zakai, Bobby Holley, Jonathan Watt, Shu-yu Guo, Steve Fink, Terrence Cole, Gijs Kruitbosch and Cătălin Badea discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a...

USN-2297-1: acpi-support vulnerability

CESG discovered that acpi-support incorrectly handled certain privileged operations when checking for power management daemons. A local attacker could use this flaw to execute arbitrary code and elevate privileges to root...

USN-2294-1: Libtasn1 vulnerabilities

It was discovered that Libtasn1 incorrectly handled certain ASN.1 data structures. An attacker could exploit this with specially crafted ASN.1 data and cause applications using Libtasn1 to crash, resulting in a denial of service. CVE-2014-3467 It was discovered that Libtasn1 incorrectly handled...

USN-2293-1: CUPS vulnerability

Francisco Alonso discovered that the CUPS web interface incorrectly validated permissions on rss files. A local attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation...

USN-2292-1: LWP::Protocol::https vulnerability

It was discovered that the LWP::Protocol::https perl module incorrectly disabled peer certificate verification completely when only hostname verification was requested to be disabled. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could possibly be exploited i...

USN-2291-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.38. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the...

USN-2290-1: Linux kernel vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...

USN-2289-1: Linux kernel vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Michael S. Tsirkin discovered an information leak in the Linux kernel's...

USN-2288-1: Linux kernel (Trusty HWE) vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Salva Peiró discovered an information leak in the Linux kernel's media- device...

USN-2287-1: Linux kernel (Saucy HWE) vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Michael S. Tsirkin discovered an information leak in the Linux kernel's...

USN-2286-1: Linux kernel (Raring HWE) vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Michael S. Tsirkin discovered an information leak in the Linux kernel's...

USN-2285-1: Linux kernel (Quantal HWE) vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Michael S. Tsirkin discovered an information leak in the Linux kernel's...

USN-2284-1: Linux kernel (OMAP4) vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x86...

USN-2283-1: Linux kernel vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 Michael S. Tsirkin discovered an information leak in the Linux kernel's...

USN-2282-1: Linux kernel vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 An flaw was discovered in the Linux kernel's audit subsystem when auditing...

USN-2281-1: Linux kernel (EC2) vulnerabilities

Sasha Levin reported a flaw in the Linux kernel's point-to-point protocol PPP when used with the Layer Two Tunneling Protocol L2TP. A local user could exploit this flaw to gain administrative privileges. CVE-2014-4943 An flaw was discovered in the Linux kernel's audit subsystem when auditing...

USN-2280-1: MiniUPnPc vulnerability

It was discovered that MiniUPnPc incorrectly handled certain buffer lengths. A remote attacker could possibly use this issue to cause applications using MiniUPnPc to crash, resulting in a denial of service...

USN-2279-1: Transmission vulnerability

Ben Hawkes discovered that Transmission incorrectly handled certain peer messages. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code...

USN-2278-1: file vulnerabilities

Mike Frysinger discovered that the file awk script detector used multiple wildcard with unlimited repetitions. An attacker could use this issue to cause file to consume resources, resulting in a denial of service. CVE-2013-7345 Francisco Alonso discovered that file incorrectly handled certain CDF...

USN-2277-1: Libav vulnerabilities

It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program...

USN-2276-1: PHP vulnerabilities

Francisco Alonso discovered that the PHP Fileinfo component incorrectly handled certain CDF documents. A remote attacker could use this issue to cause PHP to hang or crash, resulting in a denial of service. CVE-2014-0207, CVE-2014-3478, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487 Stefan Esser...

USN-2275-1: DBus vulnerabilities

Alban Crequy discovered that dbus-daemon incorrectly sent AccessDenied errors to the service instead of the client when enforcing permissions. A local user can use this issue to possibly deny access to the service. CVE-2014-3477 Alban Crequy discovered that dbus-daemon incorrectly handled certain...

USN-2274-1: Linux kernel vulnerability

Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x8664 processors. An attacker could exploit this flaw to cause a denial of service System Crash or potential gain administrative privileges...

USN-2273-1: Linux kernel vulnerability

Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x8664 processors. An attacker could exploit this flaw to cause a denial of service System Crash or potential gain administrative privileges...

USN-2272-1: Linux kernel (Trusty HWE) vulnerability

Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x8664 processors. An attacker could exploit this flaw to cause a denial of service System Crash or potential gain administrative privileges...

USN-2271-1: Linux kernel (Saucy HWE) vulnerability

Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x8664 processors. An attacker could exploit this flaw to cause a denial of service System Crash or potential gain administrative privileges...

USN-2270-1: Linux kernel (Raring HWE) vulnerability

Andy Lutomirski discovered a flaw with the Linux kernel's ptrace syscall on x8664 processors. An attacker could exploit this flaw to cause a denial of service System Crash or potential gain administrative privileges...