USN-1185-1: Thunderbird vulnerabilities

Gary Kwong, Igor Bukanov, and Bob Clary discovered multiple memory vulnerabilities in the Gecko rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. CVE-2011-2982 It was discovered that a vulnerability in event...

USN-1196-1: eCryptfs vulnerability

It was discovered that eCryptfs incorrectly handled permissions when modifying the mtab file. A local attacker could use this flaw to manipulate the mtab file, and possibly unmount arbitrary locations, leading to a denial of service...

USN-1195-1: WebKit vulnerabilities

A large number of security issues were discovered in the WebKit browser and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

USN-1194-1: Foomatic filters vulnerabilities

It was discovered that the foomatic-rip Foomatic filter incorrectly handled command-line options. An attacker could use this flaw to cause Foomatic to execute arbitrary code as the "lp" user. In the default installation, attackers would be isolated by the CUPS AppArmor profile...

USN-1193-1: Linux kernel vulnerabilities

Timo Warns discovered that the GUID partition parsing routines did not correctly validate certain structures. A local attacker with physical access could plug in a specially crafted block device to crash the system, leading to a denial of service. CVE-2011-1577 Phil Oester discovered that the...

USN-1189-1: Linux kernel vulnerabilities

It was discovered that the /proc filesystem did not correctly handle permission changes when programs executed. A local attacker could hold open files to examine details about programs running with higher privileges, potentially increasing the chances of exploiting additional vulnerabilities...

USN-1184-1: Firefox and Xulrunner vulnerabilities

Gary Kwong, Igor Bukanov, and Bob Clary discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2982 It was discovered that a vulnerability in event...

USN-1192-2: Mozvoikko update

USN-1192-1 fixed vulnerabilities in Firefox. This update provides an updated Mozvoikko for use with Firefox 6. Original advisory details: Aral Yaman discovered a vulnerability in the WebGL engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privilege...

USN-1192-1: Firefox vulnerabilities

Aral Yaman discovered a vulnerability in the WebGL engine. An attacker could potentially use this to crash Firefox or execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2989 Vivekanand Bolajwar discovered a vulnerability in the JavaScript engine. An attacker could...

USN-1191-1: libXfont vulnerability

Tomas Hoger discovered that libXfont incorrectly handled certain malformed compressed fonts. An attacker could use a specially crafted font file to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges...

USN-1190-1: DHCP vulnerabilities

David Zych discovered that DHCP incorrectly handled certain malformed packets. A remote attacker could use this issue to cause DHCP to crash, resulting in a denial of service...

USN-1188-1: eCryptfs vulnerabilities

Vasiliy Kulikov and Dan Rosenberg discovered that eCryptfs incorrectly validated permissions on the requested mountpoint. A local attacker could use this flaw to mount to arbitrary locations, leading to privilege escalation. CVE-2011-1831 Vasiliy Kulikov and Dan Rosenberg discovered that eCryptfs...

USN-1187-1: Linux kernel (Maverick backport) vulnerabilities

It was discovered that KVM did not correctly initialize certain CPU registers. A local attacker could exploit this to crash the system, leading to a denial of service. CVE-2010-3698 Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could...

USN-1186-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that IPC structures were not correctly initialized on 64bit systems. A local attacker could exploit this to read kernel stack memory, leading to a loss of privacy. CVE-2010-4073 Steve Chen discovered that setsockopt did not correctly check MSS values. A local attacker cou...

USN-1183-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 Neil Horman discovered that NFSv4 did not correctly handle...

USN-1182-1: Samba vulnerabilities

Yoshihiro Ishikawa discovered that the Samba Web Administration Tool SWAT was vulnerable to cross-site request forgeries CSRF. If a Samba administrator were tricked into clicking a link on a specially crafted web page, an attacker could trigger commands that could modify the Samba configuration...

USN-1181-1: libsoup vulnerability

It was discovered that libsoup did not properly validate its input when processing SoupServer requests. A remote attacker could exploit this to access files via directory traversal...

USN-1180-1: libvirt vulnerability

Eric Blake discovered an integer overflow flaw in libvirt. A remote authenticated attacker could exploit this by sending a crafted VCPU RPC call and cause a denial of service via application crash...

USN-1179-1: ClamAV vulnerability

It was discovered that the hash processing code in libclamav improperly handled messages with certain hashes. This could allow a remote attacker to craft a document that could cause clamav to crash, resulting in a denial of service...

USN-1178-1: IcedTea-Web, OpenJDK 6 vulnerabilities

Omair Majid discovered that an unsigned Web Start application or applet could determine the path to the cache directory used to store downloaded class and jar files by querying class loader properties. This could allow a remote attacker to discover a user's name and home directory path...

USN-1177-1: QEMU vulnerability

Andrew Griffiths discovered that QEMU did not correctly drop privileges when using the 'runas' argument. Under certain circumstances a local attacker could exploit this to escalate privileges...

USN-1176-1: DBus vulnerability

It was discovered that DBus did not properly validate the byte order of messages under certain circumstances. An attacker could exploit this to cause a denial of service via application crash or potentially obtain access to sensitive information...

USN-1175-1: libpng vulnerabilities

Frank Busse discovered that libpng did not properly handle certain malformed PNG images. If a user or automated system were tricked into opening a crafted PNG file, an attacker could cause libpng to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS, 10.10, and...

USN-1174-1: libsndfile vulnerability

Hossein Lotfi discovered that libsndfile did not properly verify the header length and number of channels for PARIS Audio Format PAF audio files. An attacker could exploit this to cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user...

USN-1173-1: FreeType vulnerability

It was discovered that FreeType did not correctly handle certain malformed Type 1 font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges...

USN-1172-1: logrotate vulnerabilities

It was discovered that logrotate incorrectly handled the creation of new log files. Local users could possibly read log files if they were opened before permissions were in place. This issue only affected Ubuntu 8.04 LTS. CVE-2011-1098 It was discovered that logrotate incorrectly handled certain...

USN-1171-1: Likewise Open vulnerability

It was discovered that an SQL injection vulnerability exists in the Likewise Security Authority lsass local authentication provider. A local attacker could use this to gain elevated privileges...

USN-1150-1: Thunderbird vulnerabilities

Multiple memory vulnerabilities were discovered in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Thunderbird. CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2376 Martin Barbella discovered that under...

USN-1170-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that multiple terminal ioctls did not correctly initialize structure memory. A local attacker could exploit this to read portions of kernel stack memory, leading to a loss of privacy. CVE-2010-4076, CVE-2010-4077 It was discovered that Xen did not correctly handle certain...

USN-1168-1: Linux kernel vulnerabilities

Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By inserting a specially crafted disk device, a local attacker could exploit this to gain root privileges. CVE-2011-1017 Neil Horman discovered that NFSv4 did not correctly handle certain orde...

USN-1167-1: Linux kernel vulnerabilities

Aristide Fattori and Roberto Paleari reported a flaw in the Linux kernel's handling of IPv4 icmp packets. A remote user could exploit this to cause a denial of service. CVE-2011-1927 Goldwyn Rodrigues discovered that the OCFS2 filesystem did not correctly clear memory when writing certain file...

USN-1161-1: Linux kernel vulnerabilities (EC2)

Vasiliy Kulikov discovered that kvm did not correctly clear memory. A local attacker could exploit this to read portions of the kernel stack, leading to a loss of privacy. CVE-2010-3881 Timo Warns discovered that the LDM disk partition handling code did not correctly handle certain values. By...

USN-1159-1: Linux kernel vulnerabilities (Marvell Dove)

Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. CVE-2010-4243 Alexander Duyck discovered that the Intel Gigabit Ethernet driver...

USN-1169-1: APT vulnerability

William Grant discovered that APT incorrectly validated inline GPG signatures. If a remote attacker were able to perform a machine-in-the-middle attack, this flaw could potentially be used to install altered packages...

USN-1166-1: OProfile vulnerabilities

Stephane Chauveau discovered that OProfile did not properly perform input validation when processing arguments to opcontrol. A local user who is allowed to run opcontrol with privileges could exploit this to run arbitrary commands as the privileged user. CVE-2011-1760, CVE-2011-2471 Stephane...

USN-1165-1: QEMU vulnerabilities

Nelson Elhage discoverd that QEMU did not properly validate certain virtqueue requests from the guest. An attacker could exploit this to cause a denial of service of the guest or possibly execute code with the privileges of the user invoking the program. CVE-2011-2212 Stefan Hajnoczi discovered...

USN-1164-1: Linux kernel vulnerabilities (i.MX51)

Thomas Pollet discovered that the RDS network protocol did not check certain iovec buffers. A local attacker could exploit this to crash the system or possibly execute arbitrary code as the root user. CVE-2010-3865 Dan Rosenberg discovered that the Linux kernel X.25 implementation incorrectly...

USN-1163-1: Bind vulnerability

It was discovered that Bind incorrectly handled certain specially crafted packets. A remote attacker could use this flaw to cause Bind to stop responding, resulting in a denial of service...

USN-1149-2: Firefox regression

USN-1149-1 fixed vulnerabilities in Firefox. Unfortunately, a regression was introduced that prevented cookies from being stored properly when the hostname was a single character. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple memory...

USN-1162-1: Linux kernel vulnerabilities (Marvell Dove)

Brad Spengler discovered that the kernel did not correctly account for userspace memory allocations during exec calls. A local attacker could exploit this to consume all system memory, leading to a denial of service. CVE-2010-4243 Alexander Duyck discovered that the Intel Gigabit Ethernet driver...

USN-1160-1: Linux kernel vulnerabilities

Dan Rosenberg discovered that IRDA did not correctly check the size of buffers. On non-x86 systems, a local attacker could exploit this to read kernel heap memory, leading to a loss of privacy. CVE-2010-4529 Dan Rosenburg discovered that the CAN subsystem leaked kernel addresses into the /proc...

USN-1158-1: curl vulnerabilities

Richard Silverman discovered that when doing GSSAPI authentication, libcurl unconditionally performs credential delegation, handing the server a copy of the client's security credential. CVE-2011-2192 Wesley Miaw discovered that when zlib is enabled, libcurl does not properly restrict the amount ...

USN-1157-3: Firefox regression

USN-1157-1 fixed vulnerabilities in Firefox. Unfortunately, this update produced the side effect of pulling in Firefox on some systems that did not have it installed during a dist-upgrade due to changes in the Ubuntu language packs. This update fixes the problem. We apologize for the inconvenienc...

USN-1149-1: Firefox and Xulrunner vulnerabilities

Multiple memory vulnerabilities were discovered in the browser rendering engine. An attacker could use these to possibly execute arbitrary code with the privileges of the user invoking Firefox. CVE-2011-2364, CVE-2011-2365, CVE-2011-2374, CVE-2011-2376 Martin Barbella discovered that under certai...

USN-1157-2: mozvoikko, ubufox, webfav update

USN-1157-1 fixed vulnerabilities in Firefox. This update provides updated packages for use with Firefox 5. Original advisory details: Bob Clary, Kevin Brosnan, Gary Kwong, Jesse Ruderman, Christian Biesinger, Bas Schouten, Igor Bukanov, Bill McCloskey, Olli Pettay, Daniel Veditz and Marcia Knous...

USN-1157-1: Firefox vulnerabilities

Bob Clary, Kevin Brosnan, Gary Kwong, Jesse Ruderman, Christian Biesinger, Bas Schouten, Igor Bukanov, Bill McCloskey, Olli Pettay, Daniel Veditz and Marcia Knous discovered multiple memory vulnerabilities in the browser rendering engine. An attacker could possibly execute arbitrary code with the...

USN-1156-1: tgt vulnerabilities

It was discovered that tgt incorrectly handled long iSCSI name strings, and invalid PDUs. A remote attacker could exploit this to cause tgt to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 10.10. CVE-2010-2221 Emmanuel Bouillon...

USN-1155-1: NBD vulnerability

It was discovered that NBD incorrectly handled certain long requests. A remote attacker could use this flaw to cause NBD to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-1154-1: OpenJDK 6 vulnerabilities

It was discovered that a heap overflow in the AWT FileDialog.show method could allow an attacker to cause a denial of service through an application crash or possibly execute arbitrary code. CVE-2011-0815 It was dicovered that integer overflows in the JPEGImageReader readImage function and the...

USN-1153-1: libxml2 vulnerability

Chris Evans discovered that libxml2 incorrectly handled memory allocation. If an application using libxml2 opened a specially crafted XML file, an attacker could cause a denial of service or possibly execute code as the user invoking the program...