10927 matches found
USN-1975-1: Linux kernel (OMAP4) vulnerabilities
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...
USN-1974-1: Linux kernel vulnerabilities
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A memory leak was discovered in the user namespace facility of the Linux kernel. A local user...
USN-1973-1: Linux kernel (OMAP4) vulnerabilities
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...
USN-1972-1: Linux kernel vulnerabilities
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...
USN-1971-1: Linux kernel (Raring HWE) vulnerabilities
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A memory leak was discovered in the user namespace facility of the Linux kernel. A local user...
USN-1970-1: Linux kernel (Quantal HWE) vulnerabilities
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...
USN-1969-1: Linux kernel (OMAP4) vulnerabilities
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...
USN-1968-1: Linux kernel vulnerabilities
Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service system crash. CVE-2013-4254 A failure to validate block numbers was discovered in the Linux kernel's implementation of th...
USN-1966-1: Samba vulnerability
Jeremy Allison discovered that Samba incorrectly handled certain extended attribute lists. A remote attacker could use this issue to cause Samba to hang, resulting in a denial of service...
USN-1967-1: Django vulnerabilities
It was discovered that Django incorrectly handled large passwords. A remote attacker could use this issue to consume resources, resulting in a denial of service. CVE-2013-1443 It was discovered that Django incorrectly handled ssi templates. An attacker could use this issue to read arbitrary files...
USN-1965-1: pyOpenSSL vulnerability
It was discovered that pyOpenSSL did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...
USN-1964-1: LibRaw vulnerabilities
It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against LibRaw could be made to crash, resulting in a denial of service. CVE-2013-1438, CVE-2013-1439...
USN-1952-1: Thunderbird vulnerabilities
Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the...
USN-1963-1: usb-creator vulnerability
It was discovered that usb-creator was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...
USN-1962-1: ubuntu-system-service vulnerability
It was discovered that ubuntu-system-service was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...
USN-1961-1: systemd vulnerability
It was discovered that systemd was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...
USN-1960-1: Software Properties vulnerability
It was discovered that Software Properties was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...
USN-1959-1: RealtimeKit vulnerability
It was discovered that RealtimeKit was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...
USN-1958-1: language-selector vulnerability
It was discovered that language-selector was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...
USN-1957-1: Jockey vulnerability
It was discovered that Jockey was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...
USN-1956-1: HPLIP vulnerability
It was discovered that HPLIP was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...
USN-1955-1: apt-xapian-index vulnerability
It was discovered that apt-xapian-index was using polkit in an unsafe manner. A local attacker could possibly use this issue to bypass intended polkit authorizations...
USN-1954-1: libvirt vulnerabilities
It was discovered that libvirt used the pkcheck tool in an unsafe manner. A local attacker could possibly use this flaw to bypass polkit authentication. In Ubuntu, libvirt polkit authentication is not enabled by default. CVE-2013-4311 It was discovered that libvirt incorrectly handled certain...
USN-1953-1: polkit vulnerability
It was discovered that polkit didn't allow applications to use the pkcheck tool in a way which prevented a race condition in the UID lookup. A local attacker could use this flaw to possibly escalate privileges...
USN-1951-1: Firefox vulnerabilities
Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking...
USN-1950-1: Light Display Manager vulnerability
It was discovered that Light Display Manager created .Xauthority files with incorrect permissions. A local attacker could use this flaw to bypass access restrictions...
USN-1949-1: ImageMagick vulnerability
It was discovered that ImageMagick incorrectly handled decoding GIF image comments. If a user or automated system using ImageMagick were tricked into opening a specially crafted GIF image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of...
USN-1948-1: httplib2 vulnerability
It was discovered that httplib2 only validated SSL certificates on the first request to a connection, and didn't report validation failures on subsequent requests. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could possibly be exploited in certain scenarios ...
USN-1947-1: Linux kernel (Quantal HWE) vulnerabilities
A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. CVE-2012-5374 A denial of service flaw was discovered in the Btrfs file system in...
USN-1946-1: Linux kernel (OMAP4) vulnerabilities
A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. CVE-2012-5374 A denial of service flaw was discovered in the Btrfs file system in...
USN-1945-1: Linux kernel (OMAP4) vulnerabilities
A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. CVE-2012-5374 A denial of service flaw was discovered in the Btrfs file system in...
USN-1944-1: Linux kernel vulnerabilities
A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. CVE-2012-5374 A denial of service flaw was discovered in the Btrfs file system in...
USN-1943-1: Linux kernel (Raring HWE) vulnerabilities
Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. CVE-2013-1060 A flaw was discovered in the Xen subsystem of the Linux kernel when it provides read-only...
USN-1942-1: Linux kernel (OMAP4) vulnerabilities
Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could...
USN-1941-1: Linux kernel vulnerabilities
Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could...
USN-1940-1: Linux kernel (EC2) vulnerabilities
Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. CVE-2013-1060 Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM subsystem allocates memory...
USN-1939-1: Linux kernel vulnerabilities
Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows for privilege escalation. A local user could exploit this flaw to run commands as root when using the perf tool. CVE-2013-1060 Michael S. Tsirkin discovered a flaw in how the Linux kernel's KVM subsystem allocates memory...
USN-1938-1: Linux kernel vulnerabilities
Vasily Kulikov discovered a flaw in the Linux Kernel's perf tool that allows specified to be run as root. A local could exploit this flaw to run commands as root when using the perf tool. user could exploit this CVE-2013-1060 A flaw was discovered in the Xen subsystem of the Linux kernel when it...
USN-1937-1: PHP vulnerability
It was discovered that PHP did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a machine-in-the-middle attack to view sensitive information or alter encrypted communications...
USN-1936-1: Linux kernel (Raring HWE) vulnerabilities
Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...
USN-1935-1: Linux kernel vulnerabilities
Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...
USN-1934-1: Linux kernel (OMAP4) vulnerabilities
Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...
USN-1933-1: Linux kernel (OMAP4) vulnerabilities
Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...
USN-1932-1: Linux kernel vulnerabilities
Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...
USN-1931-1: Linux kernel (Quantal HWE) vulnerabilities
Chanam Park reported a Null pointer flaw in the Linux kernel's Ceph client. A remote attacker could exploit this flaw to cause a denial of service system crash. CVE-2013-1059 An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtai...
USN-1930-1: Linux kernel (OMAP4) vulnerabilities
An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtain sensitive information from kernel memory. CVE-2013-2148 Kees Cook discovered a format string vulnerability in the Broadcom B43 wireless driver for the Linux kernel. A local...
USN-1929-1: Linux kernel vulnerability
An information leak was discovered in the Linux kernel's fanotify interface. A local user could exploit this flaw to obtain sensitive information from kernel memory...
USN-1928-1: Puppet vulnerabilities
It was discovered that Puppet incorrectly handled the resourcetype service. A local attacker on the primary server could use this issue to execute arbitrary Ruby files. CVE-2013-4761 It was discovered that Puppet incorrectly handled permissions on the modules it installed. Modules could be...
USN-1927-1: libimobiledevice vulnerability
Paul Collins discovered that libimobiledevice incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files and access device keys. In the default Ubuntu installation, this issue should be mitigated by the Yama link restrictions...
USN-1926-1: SPICE vulnerability
David Gibson discovered that SPICE incorrectly handled certain network errors. An attacker could use this issue to cause the SPICE server to crash, resulting in a denial of service...