10875 matches found
USN-7775-3: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...
USN-7788-1: libmspack vulnerabilities
Jakub Wilk discovered that libmspack did not correctly handle certain integer operations and bounds checking. A remote attacker could possibly use this issue to cause a denial of service. CVE-2015-4467, CVE-2015-4468, CVE-2015-4469, CVE-2015-4472 It was discovered that libmspack incorrectly handl...
USN-7787-1: Libxslt vulnerabilities
Ivan Fratric discovered that Libxslt did not correctly handle certain memory operations. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service...
USN-7786-1: OpenSSL vulnerabilities
Stanislav Fort discovered that OpenSSL incorrectly handled memory when trying to decrypt CMS messages encrypted with password-based encryption. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-9230 Stanislav Fort discovered that OpenSSL ha...
USN-7785-1: Open VM Tools vulnerability
It was discovered that Open VM Tools incorrectly handled permissions with version checking. An attacker could possibly use this issue to escalate privileges inside a virtual machine. This update disables the SDMP get-versions.sh script, so version information may no longer be made available...
USN-7784-1: Rack vulnerability
It was discovered that Rack incorrectly handled limiting the amount of parameters. An attacker could possibly use this issue to bypass the paramslimit value, leading to a denial of service...
USN-7783-1: LibTIFF vulnerabilities
Xudong Cao and Yuqing Zhang discovered that LibTIFF incorrectly handled memory when parsing malformed TIFF images. An attacker could possibly use this issue to cause LibTIFF to crash, resulting in a denial of service. CVE-2025-8961 Xudong Cao and Yuqing Zhang discovered that LibTIFF incorrectly...
USN-7015-7: Python 2.7 regression
USN-7015-4 fixed vulnerabilities in Python. It was discovered that the fix for CVE-2023-27043 for python2.7 was incorrectly applied on Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that the...
USN-7280-3: Python 2.7 regression
USN-7280-2 fixed vulnerabilities in Python. It was discovered that the fixes for CVE-2025-0938 and CVE-2024-11168 were incorrectly applied on Ubuntu 14.04 LTS as a result. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Python...
USN-7782-1: Ghostscript vulnerabilities
It was discovered that Ghostscript incorrectly handled opening a file to write. An attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service CVE-2025-7462 It was discovered that Ghostscript incorrectly handled writing certain files. An attacker could...
USN-5495-2: curl regression
USN-5495-1 fixed vulnerabilities in curl. The fix for CVE-2022-32205 miscalculated the maximum cookie size, causing a regression. This update fixes the problem. Original advisory details: Harry Sintonen discovered that curl incorrectly handled certain cookies. An attacker could possibly use this...
USN-7781-1: Inetutils vulnerabilities
Matthew Hickey discovered that Inetutils did not correctly handle certain escape characters. An attacker could possibly use this issue to cause a denial of service. CVE-2019-0053 It was discovered that Inetutils did not correctly handle certain memory operations. An attacker could possibly use th...
USN-7780-1: Qt vulnerabilities
It was discovered that Qt did not correctly handle certain inputs when using the SQL ODBC driver plugin. An attacker could possibly use this issue to cause a denial of service. CVE-2023-24607 It was discovered that Qt did not correctly parse certain strict-transport- security headers. An attacker...
USN-7775-2: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...
USN-7769-3: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...
USN-7764-2: Linux kernel (HWE) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...
USN-7778-1: sha.js vulnerability
Nikita Skovoroda discovered that sha.js did not properly handle certain inputs. An attacker could possibly use this issue to manipulate the internal state of hash functions, resulting in hash collisions, denial of service, or other unspecified impact...
USN-7767-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...
USN-7779-1: Linux kernel (IBM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...
USN-7777-1: PCRE2 vulnerability
It was discovered that PCRE2 incorrectly handled the Scan SubString verb. An attacker could possibly use this issue to cause applications using PCRE2 to expose sensitive information...
USN-7774-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...
USN-7769-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...
USN-7776-1: Linux kernel (Oracle) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...
USN-7775-1: Linux kernel (Azure FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...
USN-7774-3: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...
USN-7774-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...
USN-7773-1: Gnuplot vulnerabilities
ChenYiFan Liu discovered that Gnuplot did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service. CVE-2025-3359, CVE-2025-31178, CVE-2025-31179, CVE-2025-31181 ChenYiFan Liu discovered that Gnuplot did not correctly handle certain...
USN-7772-1: Eventlet vulnerability
It was discovered that Eventlet incorrectly handled certain requests. An attacker could possibly use this issue to bypass front-end security controls, launch targeted attacks against active site users, and poison web caches...
USN-7769-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...
USN-7771-1: Linux kernel (OEM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...
USN-7770-1: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...
USN-7768-1: dpkg vulnerability
It was discovered that dpkg incorrectly handled removing certain temporary directories. An attacker could possibly use this issue to consume disk space, leading to a denial of service...
USN-7767-1: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...
USN-7766-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...
USN-7765-1: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...
USN-7764-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - x86 architecture; - Compute Acceleration Framework; - Bus devices; - AM...
USN-7755-3: Linux kernel (AWS FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - SPI subsystem; - USB core drivers; - NILFS2 file system; - IPv6 networking; - Network traffic...
USN-7763-1: RabbitMQ Server vulnerability
It was discovered that RabbitMQ Server incorrectly included authorization headers when logging. A local attacker could possibly use this issue to obtain sensitive information...
USN-7762-1: pip vulnerabilities
Dennis Brinkrolf and Tobias Funke discovered that Requests incorrectly leaked Proxy-Authorization headers. A remote attacker could possibly use this issue to obtain sensitive information. This update addresses the issue in the Requests module bundled into pip in Ubuntu 22.04 LTS. CVE-2023-32681 I...
USN-7761-1: PAM vulnerability
It was discovered that the PAM pamaccess module incorrectly parsed certain rules as hostnames. An attacker could possibly use this issue to spoof hostnames and bypass access restrictions...
USN-7760-1: GNU C Library vulnerability
It was discovered that the GNU C Library incorrectly handled the regcomp function when memory allocation failures occured. An attacker could use this issue to cause applications to crash, leading to a denial of service, or possibly execute arbitrary code...
USN-7759-1: Kea DHCP vulnerabilities
It was discovered that Kea DHCP did not correctly handle invalid hostnames. A remote attacker could possibly use this issue to cause a denial of service...
USN-7758-4: Linux kernel (Oracle) vulnerability
It was discovered that the AFUNIX socket garbage collection implementation in Ubuntu Noble's 6.8 kernel did not properly handle out-of-band OOB messages, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary...
USN-7758-3: Linux kernel (Real-time) vulnerability
It was discovered that the AFUNIX socket garbage collection implementation in Ubuntu Noble's 6.8 kernel did not properly handle out-of-band OOB messages, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary...
USN-7758-2: Linux kernel vulnerability
It was discovered that the AFUNIX socket garbage collection implementation in Ubuntu Noble's 6.8 kernel did not properly handle out-of-band OOB messages, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary...
USN-7758-1: Linux kernel vulnerability
It was discovered that the AFUNIX socket garbage collection implementation in Ubuntu Noble's 6.8 kernel did not properly handle out-of-band OOB messages, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service system crash or possibly execute arbitrary...
USN-7726-5: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - NTFS3 file system; - Network traffic control; CVE-2024-27407, CVE-2024-57996, CVE-2025-37752, CVE-2025-38350...
USN-7757-1: OpenJPEG vulnerabilities
It was discovered that OpenJPEG did not properly handle memory when decompressing certain image files. An attacker could possibly use this issue to cause OpenJPEG to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu...
USN-7756-1: ImageMagick vulnerabilities
It was discovered that ImageMagick did not properly handle memory when performing magnified size calculations. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2025-55154 Woojin Park, Hojun Lee,...
USN-7722-2: Linux kernel vulnerability
A security issues was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystem: - Network traffic control; CVE-2025-38350...