Lucene search
K
UbuntuRecent

10888 matches found

Ubuntu
Ubuntu
•added 2023/11/01 12:39 p.m.•73 views

USN-6465-2: Linux kernel (Raspberry Pi) vulnerabilities

Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-31083 Lin Ma discovered that the Netlink...

5.5CVSS6.7AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/01 11:26 a.m.•55 views

USN-6467-1: Kerberos vulnerability

Robert Morris discovered that Kerberos did not properly handle memory access when processing RPC data through kadmind, which could lead to the freeing of uninitialized memory. An authenticated remote attacker could possibly use this issue to cause kadmind to crash, resulting in a denial of servic...

6.5CVSS7.1AI score0.02107EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/11/01 9:29 a.m.•59 views

USN-6403-3: libvpx vulnerabilities

USN-6403-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a...

8.8CVSS8.3AI score0.34401EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/10/31 10:42 p.m.•73 views

USN-6454-3: Linux kernel (ARM laptop) vulnerabilities

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service system crash. CVE-2023-42756 Alex Birnberg discovered that the netfilter subsystem in the Linux...

7.8CVSS6.8AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/10/31 9:47 p.m.•87 views

USN-6466-1: Linux kernel (NVIDIA) vulnerabilities

Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel contained a race condition during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code...

9.8CVSS8.4AI score0.54577EPSS
Exploits8
Ubuntu
Ubuntu
•added 2023/10/31 9:14 p.m.•126 views

USN-6464-1: Linux kernel vulnerabilities

Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-31083 Lin Ma discovered that the Netlink...

9.1CVSS7.5AI score0.54577EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/31 9:7 p.m.•70 views

USN-6465-1: Linux kernel vulnerabilities

Yu Hao and Weiteng Chen discovered that the Bluetooth HCI UART driver in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service system crash. CVE-2023-31083 Lin Ma discovered that the Netlink...

5.5CVSS6.7AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/31 3:16 p.m.•57 views

USN-6453-2: X.Org X Server vulnerabilities

USN-6453-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled prepending values to certain properties. ...

7.8CVSS7AI score0.00715EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/31 2:47 p.m.•63 views

USN-6463-1: Open VM Tools vulnerabilities

It was discovered that Open VM Tools incorrectly handled SAML tokens. A remote attacker Guest Operations privileges could possibly use this issue to escalate privileges. CVE-2023-34058 Matthias Gerstner discovered that Open VM Tools incorrectly handled file descriptors when dropping privileges. A...

7.5CVSS6.5AI score0.00667EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/31 2:45 p.m.•75 views

USN-6462-1: Linux kernel vulnerabilities

Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information kernel memory or in conjunction with another kernel vulnerability. CVE-2023-0597 Yu Hao and Weite...

5.5CVSS6.5AI score0.00454EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/31 12:51 p.m.•87 views

USN-6461-1: Linux kernel (OEM) vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Marek Marczykowski-Górecki discovered that the Xen event...

7.8CVSS7.2AI score0.00888EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/10/30 8:42 p.m.•80 views

USN-6460-1: Linux kernel vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 It was discovered that the Broadcom FullMAC USB WiFi drive...

7.8CVSS7.2AI score0.16642EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/10/30 4:13 p.m.•80 views

USN-6454-2: Linux kernel vulnerabilities

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service system crash. CVE-2023-42756 Alex Birnberg discovered that the netfilter subsystem in the Linux...

7.8CVSS6.8AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/10/30 4:10 p.m.•70 views

USN-6441-3: Linux kernel vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00549EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/30 1:22 p.m.•98 views

USN-6459-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.35 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes...

6.5CVSS7AI score0.01782EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/30 11:20 a.m.•65 views

USN-6458-1: Slurm vulnerabilities

It was discovered that Slurm did not properly handle credential management, which could allow an unprivileged user to impersonate the SlurmUser account. An attacker could possibly use this issue to execute arbitrary code as the root user. CVE-2022-29500 It was discovered that Slurm did not proper...

9.8CVSS8.7AI score0.02639EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/30 10:6 a.m.•102 views

USN-6457-1: Node.js vulnerabilities

Tavis Ormandy discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2022-0778 Elison Niven discovered that Node.js...

10CVSS7AI score0.95764EPSS
Exploits8
Ubuntu
Ubuntu
•added 2023/10/30 3:32 a.m.•78 views

USN-6456-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2023-5722, CVE-2023-5724,...

9.8CVSS7.7AI score0.01585EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/26 9:1 p.m.•57 views

USN-6455-1: Exim vulnerabilities

It was discovered that Exim incorrectly handled validation of user-supplied data, which could lead to memory corruption. A remote attacker could possibly use this issue to execute arbitrary code. CVE-2023-42117 It was discovered that Exim incorrectly handled validation of user-supplied data, whic...

9.8CVSS7.3AI score0.05673EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/26 12:36 p.m.•82 views

USN-6454-1: Linux kernel vulnerabilities

Kyle Zeng discovered that the netfilter subsystem in the Linux kernel contained a race condition in IP set operations in certain situations. A local attacker could use this to cause a denial of service system crash. CVE-2023-42756 Alex Birnberg discovered that the netfilter subsystem in the Linux...

7.8CVSS6.8AI score0.00396EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/10/26 11:50 a.m.•72 views

USN-6446-3: Linux kernel (Oracle) vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00549EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/25 4:57 p.m.•63 views

USN-6453-1: X.Org X Server vulnerabilities

Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled prepending values to certain properties. An attacker could possibly use this issue to cause the X Server to crash, execute arbitrary code, or escalate privileges. CVE-2023-5367 Sri discovered that the X.Org X Server incorrectl...

7.8CVSS6.9AI score0.00715EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/25 4:47 p.m.•71 views

USN-6452-1: Vim vulnerabilities

It was discovered that Vim could be made to divide by zero. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.04. CVE-2023-3896 It was discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a...

7.8CVSS6.9AI score0.0119EPSS
Exploits12
Ubuntu
Ubuntu
•added 2023/10/25 12:43 p.m.•73 views

USN-6440-3: Linux kernel (HWE) vulnerabilities

Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information kernel memory or in conjunction with another kernel vulnerability. CVE-2023-0597 It was discovere...

7.8CVSS7.4AI score0.00553EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/10/25 12:40 p.m.•94 views

USN-6435-2: OpenSSL vulnerabilities

USN-6435-1 fixed vulnerabilities in OpenSSL. This update provides the corresponding updates for Ubuntu 20.04 LTS. Original advisory details: It was discovered that OpenSSL incorrectly handled excessively large Diffie-Hellman parameters. An attacker could possibly use this issue to cause a denial ...

5.3CVSS6.6AI score0.05533EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/25 3:44 a.m.•73 views

USN-6438-2: .Net regressions

USN-6438-1 fixed vulnerabilities in .Net. It was discovered that the fix for CVE-2023-36799 was incomplete. This update fixes the problem. Original advisory details: Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to...

6.5CVSS7.3AI score0.04661EPSS
Exploits0References2
Ubuntu
Ubuntu
•added 2023/10/25 3:26 a.m.•55 views

USN-6362-2: .Net regressions

USN-6362-1 fixed vulnerabilities in .Net. It was discovered that the fix for CVE-2023-36799 was incomplete. This update fixes the problem. Original advisory details: Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to...

6.5CVSS7.6AI score0.04661EPSS
Exploits0References2
Ubuntu
Ubuntu
•added 2023/10/24 7:21 p.m.•382 views

USN-6451-1: ncurses vulnerability

It was discovered that ncurses could be made to read out of bounds. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS5.7AI score0.01895EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/24 4:14 p.m.•65 views

USN-6450-1: OpenSSL vulnerabilities

Tony Battersby discovered that OpenSSL incorrectly handled key and initialization vector IV lengths. This could lead to truncation issues and result in loss of confidentiality for some symmetric cipher modes. CVE-2023-5363 Juerg Wullschleger discovered that OpenSSL incorrectly handled the AES-SIV...

7.5CVSS6.6AI score0.05533EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/24 3:59 p.m.•418 views

USN-6288-2: MySQL vulnerability

USN-6288-1 fixed a vulnerability in MySQL. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been...

5.9CVSS7AI score0.01152EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/24 1:38 p.m.•60 views

USN-6444-2: Linux kernel (StarFive) vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00549EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/24 1:22 p.m.•99 views

USN-6446-2: Linux kernel vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00549EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/24 1:4 p.m.•111 views

USN-6445-2: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniel Trujillo, Johannes Wikner, and Kaveh Razavi...

9.1CVSS8.2AI score0.54577EPSS
Exploits11
Ubuntu
Ubuntu
•added 2023/10/24 10:26 a.m.•550 views

USN-6449-1: FFmpeg vulnerabilities

It was discovered that FFmpeg incorrectly managed memory resulting in a memory leak. An attacker could possibly use this issue to cause a denial of service via application crash. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-22038 It was discovered that FFmpeg incorrect...

8.8CVSS7AI score0.01512EPSS
Exploits8
Ubuntu
Ubuntu
•added 2023/10/24 8:51 a.m.•73 views

USN-6422-2: Ring vulnerabilities

It was discovered that Ring incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-37706 It was discovered that Ring incorrectly handled...

9.8CVSS8.6AI score0.0462EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/10/24 6:43 a.m.•41 views

USN-6448-1: Sofia-SIP vulnerability

Xu Biang discovered that Sofia-SIP did not properly manage memory when handling STUN packets. An attacker could use this issue to cause Sofia-SIP to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.3AI score0.01056EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/23 6:7 p.m.•89 views

USN-6441-2: Linux kernel (GCP) vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00549EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/23 5:41 p.m.•63 views

USN-6439-2: Linux kernel (AWS) vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Yu Hao and Weiteng Chen discovered that the Bluetooth HCI...

7.8CVSS7.5AI score0.00553EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/10/23 5:39 p.m.•382 views

USN-6408-2: libXpm vulnerabilities

USN-6408-1 fixed several vulnerabilities in libXpm. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Yair Mizrahi discovered that libXpm incorrectly handled certain malformed XPM image files. If a user were trick...

7.8CVSS6.8AI score0.00461EPSS
Exploits1
Ubuntu
Ubuntu
•added 2023/10/23 3:46 p.m.•377 views

USN-6403-2: libvpx vulnerabilities

USN-6403-1 fixed several vulnerabilities in libvpx. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a...

8.8CVSS8.3AI score0.34401EPSS
Exploits3
Ubuntu
Ubuntu
•added 2023/10/23 2:35 p.m.•62 views

USN-6199-2: PHP vulnerability

USN-6199-1 fixed a vulnerability in PHP. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that PHP incorrectly handled certain Digest authentication for SOAP. An attacker could possibly use this issue to expose...

4.3CVSS7.2AI score0.00709EPSS
Exploits0
Ubuntu
Ubuntu
•added 2023/10/23 1:58 p.m.•53 views

USN-6447-1: AOM vulnerabilities

It was discovered that AOM incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. CVE-2020-36130, CVE-2020-36131, CVE-2020-36133, CVE-2020-36135,...

9.8CVSS7.5AI score0.02216EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/10/20 12:33 p.m.•66 views

USN-6440-2: Linux kernel (Azure) vulnerabilities

Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information kernel memory or in conjunction with another kernel vulnerability. CVE-2023-0597 It was discovere...

7.8CVSS7.4AI score0.00553EPSS
Exploits4
Ubuntu
Ubuntu
•added 2023/10/20 12:14 a.m.•69 views

USN-6446-1: Linux kernel vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00549EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/19 11:18 p.m.•78 views

USN-6445-1: Linux kernel (Intel IoTG) vulnerabilities

It was discovered that the IPv6 implementation in the Linux kernel contained a high rate of hash collisions in connection lookup table. A remote attacker could use this to cause a denial of service excessive CPU consumption. CVE-2023-1206 Daniel Trujillo, Johannes Wikner, and Kaveh Razavi...

9.1CVSS8.2AI score0.54577EPSS
Exploits11
Ubuntu
Ubuntu
•added 2023/10/19 11:1 p.m.•57 views

USN-6444-1: Linux kernel vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00549EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/19 10:22 p.m.•70 views

USN-6443-1: Linux kernel (OEM) vulnerabilities

Kyle Zeng discovered that the networking stack implementation in the Linux kernel did not properly validate skb object size in certain conditions. An attacker could use this cause a denial of service system crash or possibly execute arbitrary code. CVE-2023-42752 Kyle Zeng discovered that the IPv...

7.8CVSS7.1AI score0.004EPSS
Exploits2
Ubuntu
Ubuntu
•added 2023/10/19 8:17 p.m.•81 views

USN-6442-1: Linux kernel (BlueField) vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00958EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/19 8:10 p.m.•65 views

USN-6441-1: Linux kernel vulnerabilities

Ross Lagerwall discovered that the Xen netback backend driver in the Linux kernel did not properly handle certain unusual packets from a paravirtualized network frontend, leading to a buffer overflow. An attacker in a guest VM could use this to cause a denial of service host system crash or...

7.8CVSS7.5AI score0.00549EPSS
Exploits5
Ubuntu
Ubuntu
•added 2023/10/19 6:14 p.m.•59 views

USN-6440-1: Linux kernel vulnerabilities

Seth Jenkins discovered that the Linux kernel did not properly perform address randomization for a per-cpu memory management structure. A local attacker could use this to expose sensitive information kernel memory or in conjunction with another kernel vulnerability. CVE-2023-0597 It was discovere...

7.8CVSS7.4AI score0.00553EPSS
Exploits4
Total number of security vulnerabilities10888