10875 matches found
USN-7848-1: AMD Microcode vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores. A local attacker could possibly use this issue to expose sensitive information. This update provides the updat...
USN-7847-1: GNU binutils vulnerabilities
It was discovered that GNU binutils incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. The attack is restricted to local execution. CVE-2025-11082 It was discovered that GNU binutils incorrectly handled certain inputs. An...
USN-7846-1: X.Org X Server vulnerabilities
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain memory operations. An attacker could use these issues to cause the X Server to crash, leading to a denial of service, obtain sensitive information, or possibly execute arbitrary code...
USN-7844-1: YAML::Syck vulnerability
It was discovered that YAML::Syck did not properly handle parsing YAML files. An attacker could possibly use this issue to expose sensitive information...
USN-7845-1: Squid vulnerability
Leonardo Giovannini discovered that Squid failed to redact HTTP Authentication credentials in a default configuration. An attacker could possibly use this issue to obtain sensitive information...
USN-7843-1: Netty vulnerability
It was discovered that Netty did not properly handle user input. A remote attacker could possibly use this issue to forge arbitrary emails from a trusted server...
USN-7829-5: Linux kernel (Intel IoTG) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - Netlink; CVE-2024-26700, CVE-2025-38727, CVE-2023-52593, CVE-2024-26896...
USN-7842-1: Radare2 vulnerability
It was discovered that Radare2 conntained a memory leak, resulting in performance degradation. An attacker could possibly use this issue to cause Radare2 to crash, resulting in a denial of service. CVE-2025-60358...
USN-7841-1: strongSwan vulnerability
Xu Biang discovered that the strongSwan client incorrectly handled EAP-MSCHAPv2 failure requests. If a user or automated system were tricked into connecting to a malicious server, a remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly...
USN-7840-1: Ruby vulnerabilities
It was discovered that the REXML module bunded into Ruby incorrectly handled parsing XML documents with repeated instances of certain characters. An attacker could possibly use this issue to cause REXML to consume excessive resources, leading to a denial of service. Ubuntu 18.04 LTS and Ubuntu...
USN-7829-4: Linux kernel (AWS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - Netlink; CVE-2024-26700, CVE-2025-38727, CVE-2023-52593, CVE-2024-26896...
USN-7833-3: Linux kernel (AWS) vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to...
USN-7795-4: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network file system NFS server daemon; - Packet sockets; - Network traffic control; - VMware...
USN-7839-1: Go Cryptography vulnerability
Damien Tournoud, Patrick Dawkins, Vince Parker, and Jules Duvivier discovered that Go Cryptography incorrectly handled public keys during SSH operations. An attacker could possibly use this issue to bypass authorization mechanisms...
USN-7838-1: fetchmail vulnerability
It was discovered that the fetchmail SMTP client incorrectly handled certain status code messages. An attacker controlling a malicious server could possibly use this issue to cause fetchmail to crash, resulting in a denial of service...
USN-7837-1: GStreamer Good Plugins vulnerability
Shaun Mirani discovered that GStreamer Good Plugins incorrectly handled certain malformed media files. An attacker could possibly use this issue to cause GStreamer Good Plugins to crash, resulting in a denial of service, or disclose sensitive information...
USN-7835-3: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...
USN-7829-3: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - Netlink; CVE-2024-26700, CVE-2025-38727, CVE-2023-52593, CVE-2024-26896...
USN-7836-1: Bind vulnerabilities
Zuyao Xu and Xiang Li discovered that Bind incorrectly handled certain malformed DNSKEY records. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. CVE-2025-8677 Yuxiao Wu, Yunyi Zhang, Baojun Liu, and Haixin Duan discovered that...
USN-7835-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...
USN-7835-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Ublk userspace block driver; -...
USN-7833-2: Linux kernel (Real-time) vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to...
USN-7834-1: Linux kernel (Azure) vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to...
USN-7833-1: Linux kernel vulnerabilities
Oleksii Oleksenko, Cedric Fournet, Jana Hofmann, Boris Köpf, Stavros Volos, and Flavien Solt discovered that some AMD processors may allow an attacker to infer data from previous stores, potentially resulting in the leakage of privileged information. A local attacker could possibly use this to...
USN-7819-2: Linux kernel (Azure FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - Ext4 file system; -...
USN-7797-3: Linux kernel (AWS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Virtio block driver; - Media drivers; - Network drivers; - Framebuffer layer; - BTRFS file system; - Ext4 file...
USN-7832-1: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - SMB network file system; - Bluetooth...
USN-7831-1: Erlang vulnerabilities
It was discovered that Erlang incorrectly handled resource allocation and consumption in the SFTP SSH module. An attacker could possibly use this issue cause Erlang to consume excessive resources, leading to a denial of service...
USN-7830-1: FFmpeg vulnerabilities
It was discovered that FFmpeg incorrectly handled the return values of functions in its Firequalizer filter and in the HTTP Live Streaming HLS implementation, leading to a NULL pointer dereference. If a user was tricked into loading a crafted media file, a remote attacker could possibly use this...
USN-7829-2: Linux kernel (FIPS and Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - Netlink; CVE-2024-26700, CVE-2025-38727, CVE-2023-52593, CVE-2024-26896...
USN-7829-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Network drivers; - Netlink; CVE-2024-26700, CVE-2025-38727, CVE-2023-52593, CVE-2024-26896...
USN-7828-1: Python LDAP vulnerabilities
It was discovered that Python LDAP incorrectly handled special characters in the special character filtering function. A remote attacker could possibly use this issue to perform LDAP injection attacks. CVE-2025-61911 Arad Inbar discovered that Python LDAP incorrectly escaped NUL character bytes. ...
USN-7826-2: Samba vulnerabilities
USN-7826-1 fixed vulnerabilities in Samba. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Original advisory details: Andrew Walker discovered that Samba incorrectly initialized memory in the vfsstreamsxattr module. An...
USN-7827-1: GStreamer Base Plugins vulnerabilities
Shaun Mirani discovered that GStreamer Base Plugins did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service...
USN-7822-1: .NET vulnerabilities
It was discovered that .NET did not properly handle the creation of temporary build time directories. An attacker could possibly use this issue to cause a denial of service. CVE-2025-55247 It was discovered that .NET did not properly establish TLS sessions for SMTP server connections. An attacker...
USN-7818-2: Apache Subversion vulnerability
USN-7818-1 fixed vulnerabilities in Apache Subversion. This update provides the corresponding update for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. Original advisory details: It was discovered that Apache Subversion incorrectly parsed control characters in...
USN-7826-1: Samba vulnerabilities
Andrew Walker discovered that Samba incorrectly initialized memory in the vfsstreamsxattr module. An authenticated attacker could possibly use this issue to obtain sensitive information. CVE-2025-9640 Igor Morgenstern discovered that Samba incorrectly handled names passed to the WINS hook program...
USN-7824-3: Redis vulnerability
USN-7824-1 fixed several vulnerabilities in Redis. This update provides the corresponding update for Ubuntu 22.04 LTS. Original advisory details: Benny Isaacs, Nir Brakha, and Sagi Tzadik discovered that Redis incorrectly handled memory when running Lua scripts. An authenticated attacker could us...
USN-7824-2: Redict vulnerability
USN-7824-1 fixed several vulnerabilities in Redis. This update provides the corresponding update for Redict - a fork of Redis. Original advisory details: Benny Isaacs, Nir Brakha, and Sagi Tzadik discovered that Redis incorrectly handled memory when running Lua scripts. An authenticated attacker...
USN-7825-1: MuPDF vulnerabilities
It was discovered that MuPDF incorrectly managed memory, resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-1000036 It was discovered that MuPDF could enter an infinite loop when parsing certain P...
USN-7824-1: Redis vulnerability
Benny Isaacs, Nir Brakha, and Sagi Tzadik discovered that Redis incorrectly handled memory when running Lua scripts. An authenticated attacker could use this vulnerability to trigger a use-after-free condition, and potentially achieve remote code execution on the Redis server...
USN-7801-3: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...
USN-7823-1: FFmpeg vulnerabilities
It was discovered that FFmpeg did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 24.04 LTS. CVE-2024-35365 It was discovered that FFmpeg did not correctly handle...
USN-7810-3: Linux kernel (Azure FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Packet sockets; - Network traffic control; - VMware vSockets driver; CVE-2025-38477,...
USN-7810-2: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Packet sockets; - Network traffic control; - VMware vSockets driver; CVE-2025-38617,...
USN-7808-2: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network drivers; - Ext4 file system; - SMB network file system; - Packet sockets; - Network traffic control; - TLS...
USN-7821-1: Linux kernel (Raspberry Pi) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; - XFRM subsystem; CVE-2025-38500,...
USN-7791-4: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Packet sockets; - Network traffic control; - VMware vSockets driver; - XFRM subsystem; CVE-2025-38477,...
USN-7820-1: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network file system NFS server daemon; - Packet sockets; - Network traffic control; - VMware...
USN-7796-4: Linux kernel (Azure FIPS) kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Framebuffer layer; - BTRFS file system; - Ext4 file system; - Network file system NFS server daemon; - Packet...