10875 matches found
USN-7755-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - SPI subsystem; - USB core drivers; - NILFS2 file system; - IPv6 networking; - Network traffic...
USN-7755-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Media drivers; - SPI subsystem; - USB core drivers; - NILFS2 file system; - IPv6 networking; - Network traffic...
USN-7754-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; CVE-2025-38350, CVE-2025-37752, CVE-2024-57996...
USN-7754-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Network traffic control; CVE-2025-38350, CVE-2025-37752, CVE-2024-57996...
USN-7753-1: xmltodict vulnerability
Camilo Vera discovered that xmltodict parsed maliciously crafted XML input, contrary to expectations. An attacker could possibly use this issue to cause a denial of service, obtain sensitive information, or execute arbitrary code...
USN-7752-1: libyang vulnerabilities
It was discovered that libyang incorrectly handled certain memory operations when parsing YANG strings. An attacker could possibly use this issue to cause libyang to crash, resulting in a denial of service...
USN-7751-1: SQLite vulnerability
It was discovered that the FTS5 SQLite extension incorrectly calculated certain array lengths. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-7750-1: JSON-XS vulnerability
It was discovered that JSON-XS incorrectly handled parsing certain JSON data. An attacker could possibly use this issue to cause JSON-XS to crash, resulting in a denial of service...
USN-7749-1: Cpanel-JSON-XS vulnerability
It was discovered that Cpanel-JSON-XS incorrectly handled parsing certain JSON data. An attacker could possibly use this issue to cause Cpanel-JSON-XS to crash, resulting in a denial of service...
USN-7747-1: RubyGems vulnerability
It was discovered that RubyGems incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause RubyGems to consume resources, leading to a regular expression denial of service ReDoS...
USN-7748-1: Vim vulnerabilities
It was discovered that Vim incorrectly handled file extraction when opening maliciously crafted zip or tar archives. An attacker could possibly use this issue to create or overwrite files on the system and execute arbitrary code...
USN-7746-1: cipher-base vulnerability
Nikita Skovoroda discovered that cipher-base did not properly manage certain inputs. An attacker could possibly use this issue to manipulate the internal state of hash functions, resulting in hash collisions, denial of service, or other unspecified impact...
USN-7745-1: CUPS vulnerabilities
It was discovered that CUPS incorrectly handled authentication types other than Basic. An attacker could possibly use this issue to bypass authentication. CVE-2025-58060 It was discovered that CUPS incorrectly handled deserialization and validation of printer attributes. An attacker could possibl...
USN-7744-1: QEMU vulnerabilities
It was discovered that QEMU incorrectly handled certain virtio devices. A privileged guest attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. CVE-2024-3446 It was...
USN-7743-1: libxml2 vulnerability
Nikita Sveshnikov discovered that libxml2 incorrectly handled recursion when processing XPath expressions. An attacker could possibly use this issue to cause a denial of service...
USN-7742-1: GnuTLS vulnerabilities
It was discovered that GnuTLS incorrectly handled exporting Subject Alternative Name SAN entries containing an otherName. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LT...
USN-7741-1: PostgreSQL vulnerabilities
Dean Rasheed discovered that PostgreSQL incorrectly handled access control lists. An attacker could possibly use this issue to obtain sensitive information. CVE-2025-8713 Martin Rakhmanov, Matthieu Denais, and RyotaK discovered that the PostgreSQL pgdump utility allowed untrusted data inclusion. ...
USN-7740-1: LibEtPan vulnerability
It was discovered that LibEtPan incorrectly handled memory when parsing IMAP STATUS responses. A remote attacker could possibly use this issue to cause LibEtPan to crash, resulting in a denial of service...
USN-7739-1: Bind vulnerabilities
Greg Kuechle discovered that Bind incorrectly handled certain incremental zone updates. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. CVE-2021-25214 Siva Kakarla discovered that Bind incorrectly handled certain DNAME records. A remote...
USN-7648-3: PHP regression
USN-7648-2 fixed vulnerabilities in PHP. The patch for CVE-2025-1735 caused a regression in php7.0, php7.2 and php7.4. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that PHP incorrectly handled certain hostnames containing null...
USN-7738-1: FFmpeg vulnerability
It was discovered that FFmpeg incorrectly handled the calculation of LPC order, which could lead to a stack-based buffer overflow. An attacker could possibly use this issue to cause FFmpeg to crash, resulting in a denial of service...
USN-7737-1: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; -...
USN-7736-1: Django vulnerability
It was discovered that Django incorrectly handled certain inputs. An attacker could possibly use this issue to perform a SQL injection...
USN-7735-1: RubyGems vulnerabilities
It was discovered that RubyGems incorrectly handled certain regular expressions. An attacker could use this issue to cause RubyGems to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS. CVE-2023-28755 It was discovered that RubyGems incorrectly handled decompresse...
USN-7734-1: Ruby vulnerabilities
It was discovered that Ruby incorrectly handled certain IO stream methods. A remote attacker could use this issue to cause Ruby to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS. CVE-2024-27280 It was discovered that th...
USN-7629-2: Protocol Buffers vulnerabilities
USN-7435-1 and USN-7629-1 fixed vulnerabilities in Protocol Buffers for several releases of Ubuntu. This update provides the corresponding fixes for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Original advisory details: It was discovered that Protocol Buffers incorrectly handled...
USN-7732-1: KMail Account Wizard vulnerability
It was discovered that KMail Account Wizard used HTTP rather than HTTPS when retrieving certain email server configurations. An attacker could possibly use this issue to cause email clients to use an attacker-controlled email server...
USN-7731-1: KMail vulnerabilities
Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jörg Schwenk discovered that KMail could be made to leak the plaintext of S/MIME encrypted emails when retrieving external content in emails. Under certain configurations, ...
USN-7725-3: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Overlay file system; - Network traffic control; CVE-2025-21887, CVE-2024-57996, CVE-2025-38350, CVE-2025-37752...
USN-7730-1: PIM Messagelib vulnerabilities
Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jörg Schwenk discovered that PIM Messagelib could be made to leak the plaintext of S/MIME encrypted emails when retrieving external content in emails. Under certain...
USN-7726-4: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - NTFS3 file system; - Network traffic control; CVE-2024-27407, CVE-2024-57996, CVE-2025-37752, CVE-2025-38350...
USN-7729-1: KDE PIM vulnerabilities
Damian Poddebniak, Christian Dresen, Jens Müller, Fabian Ising, Sebastian Schinzel, Simon Friedberger, Juraj Somorovsky, and Jörg Schwenk discovered that the KMail application of KDE PIM could be made to leak the plaintext of S/MIME encrypted emails when retrieving external content in emails. Und...
USN-7727-3: Linux kernel (AWS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Media drivers; - SPI subsystem; - USB core drivers; - NILFS2 file system; - IPv6 networking; ...
USN-7712-2: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - PA-RISC architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; -...
USN-7728-1: ImageMagick vulnerabilities
It was discovered that ImageMagick did not properly process certain format strings when interpreting image filenames. An attacker could possibly use this issue to cause ImageMagick to crash, resulting in a denial of service. CVE-2025-53014 It was discovered that ImageMagick did not properly proce...
USN-7710-2: Python 2.7 vulnerability
USN-7710-1 fixed vulnerabilities in Python. This update provides the corresponding fix for CVE-2025-8194 for Python 2.7. Original advisory details: It was discovered that Python inefficiently parsed maliciously crafted HTML input. An attacker could possibly use this issue to cause a denial of...
USN-7726-3: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - NTFS3 file system; - Network traffic control; CVE-2024-27407, CVE-2024-57996, CVE-2025-37752, CVE-2025-38350...
USN-7725-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Overlay file system; - Network traffic control; CVE-2025-21887, CVE-2024-57996, CVE-2025-38350, CVE-2025-37752...
USN-7726-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - NTFS3 file system; - Network traffic control; CVE-2024-27407, CVE-2024-57996, CVE-2025-37752, CVE-2025-38350...
USN-7727-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Media drivers; - SPI subsystem; - USB core drivers; - NILFS2 file system; - IPv6 networking; ...
USN-7727-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Media drivers; - SPI subsystem; - USB core drivers; - NILFS2 file system; - IPv6 networking; ...
USN-7726-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - NTFS3 file system; - Network traffic control; CVE-2024-27407, CVE-2024-57996, CVE-2025-37752, CVE-2025-38350...
USN-7725-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Overlay file system; - Network traffic control; CVE-2025-21887, CVE-2024-57996, CVE-2025-38350, CVE-2025-37752...
USN-7704-5: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-AFFA; - Multiple devices driver; - Media drivers; - Network...
USN-7703-4: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU...
USN-7724-1: Linux kernel (OEM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Thunderbolt and USB4 drivers; - Network traffic control; CVE-2025-38350, CVE-2025-38174...
USN-7723-1: UDisks vulnerability
Michael Imfeld discovered that UDisks did not check the validity of input data correctly when handling files for loop devices. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code...
USN-7722-1: Linux kernel vulnerability
A security issues was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystem: - Network traffic control; CVE-2025-38350...
USN-7721-1: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PA-RISC architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; - x...
USN-7720-1: Linux kernel vulnerabilities
It was discovered a race condition existed in the Unix domain socket implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-0920 Several security issues...