10711 matches found
USN-7615-2: ClamAV vulnerabilities
USN-7615-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 20.04 LTS. Original advisory details: It was discovered that ClamAV incorrectly handled scanning UDF files. A remote attacker could possibly use this issue to cause ClamAV to crash,...
USN-7609-3: Linux kernel (IBM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Netfilter; - Network traffic control; CVE-2025-38001, CVE-2025-37798, CVE-2025-37932,...
USN-7591-5: Linux kernel (Intel IoTG) vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...
USN-7618-1: Linux kernel (OEM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Bluetooth drivers; - Netfilter; - Network traffic control; CVE-2025-37890, CVE-2025-37918, CVE-2025-37932,...
USN-7605-2: Linux kernel (Low Latency) vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7608-4: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Memory management; - Netfilter; - Network traffic control; CVE-2025-37890...
USN-7617-1: libtpms vulnerability
It was discovered that libtpms did not properly manage memory when performing crafted cryptographic operations. An attacker could possibly use this issue to cause a denial of service...
USN-7585-6: Linux kernel (BlueField) vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7616-1: logback vulnerabilities
It was discovered that logback could read malicious configuration files from LDAP servers. An attacker with the required permissions could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. CVE-2021-42550 It was...
USN-7615-1: ClamAV vulnerabilities
It was discovered that ClamAV incorrectly handled scanning UDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. CVE-2025-20234 It was discovered that ClamAV incorrectly handled scanning PDF files. A remote attacker could use this...
USN-7614-1: pcs vulnerabilities
Cedric Buissart discovered that pcs did not correctly handle certain parameters. An attacker could possibly use this issue to leak sensitive information or elevate their privileges. This issue only affected Ubuntu 16.04 LTS. CVE-2018-1086 Ondrej Mular discovered that pcs did not correctly handle...
USN-7613-1: mongo-c-driver vulnerabilities
Karman Liu discovered that mongo-c-driver did not correctly handle certain memory operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2024-6381 Karman Liu discovered that mongo-c-driver did not correctly handle certain memory operation...
USN-7612-1: Flask-CORS vulnerabilities
It was discovered that Flask-CORS did not correctly handle certain regular expressions. A remote attacker could possibly use this issue to leak sensitive information or bypass authentication mechanisms. CVE-2024-6839 It was discovered that Flask-CORS allowed certain CORS headers to be enabled by...
USN-7611-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; CVE-2025-38000, CVE-2025-37890, CVE-2025-38001, CVE-2025-37997, CVE-2025-3793...
USN-7610-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Netfilter; - Network traffic control; CVE-2025-38001, CVE-2025-37997, CVE-2025-37798, CVE-2025-38000, CVE-2025-3793...
USN-7609-2: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Netfilter; - Network traffic control; CVE-2025-38001, CVE-2025-37798, CVE-2025-37932,...
USN-7609-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - InfiniBand drivers; - Netfilter; - Network traffic control; CVE-2025-38001, CVE-2025-37798, CVE-2025-37932,...
USN-7608-3: Linux kernel (Real-time) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Memory management; - Netfilter; - Network traffic control; CVE-2025-37890...
USN-7608-2: Linux kernel (FIPS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Memory management; - Netfilter; - Network traffic control; CVE-2025-37890...
USN-7607-2: Linux kernel (FIPS) vulnerabilities
It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3640 Several security issues were discovered in the Linux kernel. An...
USN-7608-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - SMB network file system; - Memory management; - Netfilter; - Network traffic control; CVE-2025-37890...
USN-7607-1: Linux kernel vulnerabilities
It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-3640 Several security issues were discovered in the Linux kernel. An...
USN-7606-1: Linux kernel (OEM) vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7585-5: Linux kernel (HWE) vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7595-5: Linux kernel vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7605-1: Linux kernel vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7604-2: Sudo vulnerability
USN-7604-1 fixed CVE-2025-32462 in sudo. This update provides the corresponding fixes for Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 14.04 LTS. Original advisory details: Rich Mirch discovered that Sudo incorrectly handled the host option. In environments where per-host rule...
USN-7604-1: Sudo vulnerabilities
Rich Mirch discovered that Sudo incorrectly handled the host option. In environments where per-host rules are configured in the sudoers file, a local attacker could use this issue to bypass the host restrictions. CVE-2025-32462 Rich Mirch discovered that Sudo incorrectly handled the chroot option...
USN-7582-2: Samba regression
USN-7582-1 fixed vulnerabilities in Samba. The update introduced a regression. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker...
USN-7603-1: Composer vulnerabilities
Thomas Chauchefoin discovered that Composer did not correctly handle certain arguments. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2022-24828, CVE-2023-43655 Ed Cradoc...
USN-7599-2: pip vulnerability
USN-7599-1 fixed vulnerabilities in python-urllib3. This update provides the corresponding update for python-pip for CVE-2025-50181. Original advisory details: Jacob Sandum discovered that urllib3 handled redirects even when they were explicitly disabled while using the PoolManager. An attacker...
USN-7600-1: libxslt vulnerability
It was discovered that libxslt could be made to expose sensitive information about address space layout. An attacker could possibly use this issue to bypass Address Space Layout Randomization ASLR protections...
USN-7602-1: Linux kernel (Xilinx ZynqMP) vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...
USN-7594-2: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - PowerPC architecture; - RISC-V architecture; - User-Mode Linux UML; - x...
USN-7595-4: Linux kernel vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7601-1: libarchive vulnerabilities
It was discovered that libarchive incorrectly handled certain RAR archive files. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service. CVE-2025-5914 It was discovered that libarchive incorrectly handled certain RAR archive files. An attacker could...
USN-7599-1: urllib3 vulnerabilities
Jacob Sandum discovered that urllib3 handled redirects even when they were explicitly disabled while using the PoolManager. An attacker could possibly use this issue to obtain sensitive information. CVE-2025-50181 Illia Volochii discovered that urllib3 incorrectly handled retry and redirect...
USN-7595-3: Linux kernel (Raspberry Pi Real-time) vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7596-2: Linux kernel (Azure, N-Series) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPIO subsystem; - GPU drivers; - InfiniBand drivers; - IRQ chip drivers; - Network drivers; - Mellanox network...
USN-7585-4: Linux kernel (Azure) vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7585-3: Linux kernel (FIPS) vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7598-1: Linux kernel (Azure) vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 Several security issues were discovered in the Linu...
USN-7597-2: Linux kernel (Azure FIPS) vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 Several security issues were discovered in the Linu...
USN-7597-1: Linux kernel (Azure) vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 Several security issues were discovered in the Linu...
USN-7591-4: Linux kernel (AWS) vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...
USN-7595-2: Linux kernel (Real-time) vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7596-1: Linux kernel (Azure) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPIO subsystem; - GPU drivers; - InfiniBand drivers; - IRQ chip drivers; - Network drivers; - Mellanox network...
USN-7595-1: Linux kernel vulnerabilities
It was discovered that the CIFS network file system implementation in the Linux kernel did not properly verify the target namespace when handling upcalls. An attacker could use this to expose sensitive information. CVE-2025-2312 Several security issues were discovered in the Linux kernel. An...
USN-7594-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - PowerPC architecture; - RISC-V architecture; - User-Mode Linux UML; - x...
USN-7593-1: Linux kernel (HWE) vulnerabilities
Michael Randrianantenaina discovered that the Bluetooth driver in the Linux Kernel contained an improper access control vulnerability. A nearby attacker could use this to connect a rougue device and possibly execute arbitrary code. CVE-2024-8805 It was discovered that the CIFS network file system...