Lucene search
K
UbuntuRecent

10890 matches found

Ubuntu
Ubuntu
added 2022/12/01 6:26 p.m.72 views

USN-5756-1: Linux kernel vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

7.8CVSS6.9AI score0.02211EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/12/01 5:47 p.m.68 views

USN-5755-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 Jann Horn discovered that the...

7.8CVSS7.3AI score0.21314EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/12/01 4:38 p.m.64 views

USN-5754-1: Linux kernel vulnerabilities

It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-43945 It was discovered that a memory...

7.8CVSS7.3AI score0.21314EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/12/01 4:21 p.m.61 views

USN-5743-2: LibTIFF vulnerability

USN-5743-1 fixed a vulnerability in LibTIFF. This update provides the corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. Original advisory details: It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated...

8.8CVSS7.6AI score0.01237EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/12/01 1:8 a.m.52 views

USN-5753-1: snapd vulnerability

The Qualys Research Team discovered that a race condition existed in the snapd snap-confine binary when preparing the private /tmp mount for a snap. A local attacker could possibly use this issue to escalate privileges and execute arbitrary code...

7.8CVSS7.7AI score0.00384EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/11/30 10:35 p.m.61 views

USN-5752-1: Linux kernel (Azure CVM) vulnerabilities

David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-2602...

8.8CVSS7.3AI score0.03763EPSS
Exploits7
Ubuntu
Ubuntu
added 2022/11/30 4:46 p.m.38 views

USN-5751-1: libmaxminddb vulnerability

It was discovered that libmaxminddb incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause applications using libmaxminddb to crash, resulting in a denial of service...

6.5CVSS6.7AI score0.02133EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/11/30 11:7 a.m.46 views

USN-5718-2: pixman vulnerability

USN-5718-1 fixed a vulnerability in pixman. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Maddie Stone discovered that pixman incorrectly handled certain memory operations. A remote attacker could use this issue to cause pixman...

8.8CVSS7.6AI score0.0144EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/11/30 6:6 a.m.36 views

USN-5750-1: GnuTLS vulnerability

It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service...

6.5CVSS7AI score0.01383EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/29 8:59 p.m.31 views

USN-5749-1: libsamplerate vulnerability

Erik de Castro Lopo and Agostino Sarubbo discovered that libsamplerate did not properly perform bounds checking. If a user were tricked into processing a specially crafted audio file, an attacker could possibly use this issue to cause a crash...

5.5CVSS5.6AI score0.00913EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/29 7:5 p.m.54 views

USN-5728-3: Linux kernel (GCP) vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

8.8CVSS7.1AI score0.04947EPSS
Exploits7
Ubuntu
Ubuntu
added 2022/11/29 5:23 p.m.25 views

USN-5745-2: shadow regression

USN-5745-1 fixed vulnerabilities in shadow. Unfortunately that update introduced a regression that caused useradd to behave incorrectly in Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update reverts the security fix pending further investigation. We apologize fo...

5.4AI score
Exploits0References1
Ubuntu
Ubuntu
added 2022/11/29 3:16 p.m.58 views

USN-5748-1: Sysstat vulnerability

It was discovered that Sysstat incorrectly handled certain arithmetic multiplications. An attacker could use this issue to cause Sysstat to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.8CVSS7.3AI score0.01096EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/11/29 12:9 p.m.60 views

USN-5747-1: Bind vulnerabilities

It was discovered that Bind incorrectly handled large query name when using lightweight resolver protocol. A remote attacker could use this issue to consume resources, leading to a denial of service. CVE-2016-2775 It was discovered that Bind incorrectly handled large zone data size received via...

6.5CVSS6.7AI score0.63346EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/11/28 10:6 p.m.27 views

USN-5746-1: HarfBuzz vulnerability

Behzad Najjarpour Jabbari discovered that HarfBuzz incorrectly handled certain inputs. A remote attacker could possibly use this issue to cause a denial of service...

6.5CVSS7AI score0.01542EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/28 4:42 p.m.34 views

USN-5689-2: Perl vulnerability

USN-5689-1 fixed a vulnerability in Perl. This update provides the corresponding update for Ubuntu 22.10. Original advisory details: It was discovered that Perl incorrectly handled certain signature verification. An remote attacker could possibly use this issue to bypass signature verification...

7.8CVSS7.7AI score0.00791EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/11/28 2:28 p.m.35 views

USN-5745-1: shadow vulnerability

Florian Weimer discovered that shadow was not properly copying and removing user directory trees, which could lead to a race condition. A local attacker could possibly use this issue to setup a symlink attack and alter or remove directories without authorization...

4.7CVSS6.7AI score0.00308EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/28 6:42 a.m.61 views

USN-5744-1: libICE vulnerability

It was discovered that libICE was using a weak mechanism to generate the session cookies. A local attacker could possibly use this issue to perform a privilege escalation attack...

5.5CVSS6.3AI score0.00464EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/11/24 5:2 p.m.48 views

USN-5743-1: LibTIFF vulnerability

It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges...

8.8CVSS7.6AI score0.01237EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/11/24 4:55 p.m.44 views

USN-5742-1: JBIG-KIT vulnerability

It was discovered that JBIG-KIT incorrectly handled decoding certain large image files. If a user or automated system using JBIG-KIT were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service...

6.5CVSS6.8AI score0.02846EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/11/24 2:2 p.m.124 views

USN-5741-1: Exim vulnerability

It was discovered that Exim incorrectly handled certain regular expressions. An attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS7.5AI score0.03661EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/24 11:23 a.m.403 views

USN-5736-2: ImageMagick vulnerabilities

USN-5736-1 fixed vulnerabilities in ImageMagick. This update provides the corresponding updates for Ubuntu 20.04 ESM and Ubuntu 22.04 ESM. One of the issues, CVE-2021-20224, only affected Ubuntu 20.04 ESM, while CVE-2021-20245, CVE-2021-3574, CVE-2021-4219 and CVE-2022-1114 only affected Ubuntu...

7.8CVSS6.7AI score0.0238EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/11/24 8:11 a.m.70 views

USN-5736-1: ImageMagick vulnerabilities

It was discovered that ImageMagick incorrectly handled certain values when processing PDF files. If a user or automated system using ImageMagick were tricked into opening a specially crafted PDF file, an attacker could exploit this to cause a denial of service. This issue only affected Ubuntu 14....

7.8CVSS6.6AI score0.0238EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/11/23 7:55 p.m.44 views

USN-5740-1: X.Org X Server vulnerabilities

It was discovered that X.Org X Server incorrectly handled certain inputs. An attacker could use these issues to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS6.8AI score0.01681EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/23 4:27 p.m.68 views

USN-5739-1: MariaDB vulnerabilities

Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.37 in Ubuntu 20.04 LTS and to 10.6.11 in Ubuntu 22.04 LTS and Ubuntu 22.10. In addition to security fixes, the updated packages contain b...

7.5CVSS6.5AI score0.51733EPSS
Exploits34
Ubuntu
Ubuntu
added 2022/11/23 3:9 p.m.53 views

USN-5638-3: Expat vulnerability

USN-5638-1 fixed a vulnerability in Expat. This update provides the corresponding updates for Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. CVE-2022-43680 This update also fixes a minor regression introduced in Ubuntu 18.04 LTS. We apologize for the...

7.5CVSS7.7AI score0.02241EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/11/23 10:9 a.m.41 views

USN-5737-1: APR-util vulnerability

It was discovered that APR-util did not properly handle memory when using SDBM database files. A local attacker with write access to the database can make a program or process using these functions crash, and cause a denial of service...

4.7CVSS5.7AI score0.00596EPSS
Exploits3
Ubuntu
Ubuntu
added 2022/11/22 9:4 p.m.40 views

USN-5735-1: Sysstat vulnerability

It was discovered that Sysstat did not properly check bounds when perfoming certain arithmetic operations on 32 bit systems. An attacker could possibly use this issue to cause a crash or arbitrary code execution...

7.8CVSS7.3AI score0.01096EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/11/22 1:48 p.m.45 views

USN-5734-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled certain data lenghts. A malicious server could use this issue to cause FreeRDP clients to crash, resulting in a denial of service, or possibly obtain sensitive information. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu...

7.5CVSS5.9AI score0.00985EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/21 7:7 p.m.62 views

USN-5716-2: SQLite vulnerability

USN-5716-1 fixed a vulnerability in SQLite. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that SQLite incorrectly handled certain long string arguments. An attacker could use this issue to cause SQLite to crash, resulting in a...

7.5CVSS8AI score0.19193EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/11/21 4:0 p.m.47 views

USN-5658-3: DHCP vulnerabilities

USN-5658-1 fixed several vulnerabilities in DHCP. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that DHCP incorrectly handled option reference counting. A remote attacker could possibly use this issue to cause DHCP servers to cras...

6.5CVSS6.9AI score0.00664EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/21 1:32 p.m.39 views

USN-5733-1: FLAC vulnerabilities

It was discovered that FLAC was not properly performing memory management operations, which could result in a memory leak. An attacker could possibly use this issue to cause FLAC to consume resources, leading to a denial of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and...

5.5CVSS5.9AI score0.03964EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/21 12:57 p.m.62 views

USN-5686-3: Git vulnerabilities

USN-5686-1 fixed vulnerabilities in Git. This update provides the corresponding updates for Ubuntu 22.10. Original advisory details: Cory Snider discovered that Git incorrectly handled certain symbolic links. An attacker could possibly use this issue to cause an unexpected behaviour. CVE-2022-392...

8.8CVSS7.4AI score0.02938EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/11/18 9:16 p.m.65 views

USN-5729-2: Linux kernel vulnerabilities

It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service system crash. CVE-2022-20422 Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an...

7.8CVSS6.9AI score0.00405EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/11/18 9:5 p.m.73 views

USN-5728-2: Linux kernel vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

8.8CVSS7.1AI score0.04947EPSS
Exploits7
Ubuntu
Ubuntu
added 2022/11/18 8:47 p.m.64 views

USN-5727-2: Linux kernel (GCP) vulnerabilities

It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service system crash. CVE-2022-20422 It was discovered that the KVM implementation in the Linux kernel did not properly handl...

7.8CVSS6.9AI score0.00443EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/11/17 7:36 p.m.58 views

USN-5686-2: Git vulnerability

USN-5686-1 fixed several vulnerabilities in Git. This update provides the corresponding fix for CVE-2022-39260 on Ubuntu 16.04 ESM. Original advisory details: Kevin Backhouse discovered that Git incorrectly handled certain command strings. An attacker could possibly use this issue to cause a cras...

8.8CVSS8.6AI score0.02938EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/17 5:38 p.m.60 views

USN-5732-1: Unbound vulnerability

It was discovered that Unbound incorrectly handled delegations with a large number of non-responsive nameservers. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service...

7.5CVSS7.5AI score0.01259EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/17 1:14 p.m.83 views

USN-5731-1: multipath-tools vulnerabilities

It was discovered that multipath-tools incorrectly handled symlinks. A local attacker could possibly use this issue, in combination with other issues, to escalate privileges. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. CVE-2022-41973 It was discovered that...

7.8CVSS7.5AI score0.00658EPSS
Exploits5
Ubuntu
Ubuntu
added 2022/11/17 1:4 p.m.55 views

USN-5730-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS6.6AI score0.0141EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/17 9:56 a.m.63 views

USN-5638-2: Expat vulnerabilities

USN-5638-1 fixed a vulnerability in Expat. This update provides the corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that Expat incorrectly handled memory in out-of-memory situations. An attacker could possibly use this issue to cause a crash,...

8.1CVSS8AI score0.02241EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/11/17 1:39 a.m.78 views

USN-5729-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service system crash. CVE-2022-20422 Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an...

7.8CVSS6.9AI score0.00405EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/11/17 12:57 a.m.288 views

USN-5728-1: Linux kernel vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

8.8CVSS7.1AI score0.04947EPSS
Exploits7
Ubuntu
Ubuntu
added 2022/11/16 11:57 p.m.56 views

USN-5727-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service system crash. CVE-2022-20422 It was discovered that the KVM implementation in the Linux kernel did not properly handl...

7.8CVSS6.9AI score0.00443EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/11/16 1:25 p.m.50 views

USN-5726-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the contents of the addressbar, bypass security restrictions, cross-site tracing or execute arbitra...

9.8CVSS7.7AI score0.01659EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/16 11:0 a.m.56 views

LSN-0090-1: Kernel Live Patch Security Notice

David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 David Bouman and Billy Jheng Bing Jhong discovered that a...

8.1CVSS6.9AI score0.03763EPSS
Exploits16
Ubuntu
Ubuntu
added 2022/11/15 7:34 p.m.45 views

USN-5625-2: Mako vulnerability

USN-5625-1 fixed a vulnerability in Mako. This update provides the corresponding update for Ubuntu 22.10. Original advisory details: It was discovered that Mako incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.4AI score0.01656EPSS
Exploits1
Ubuntu
Ubuntu
added 2022/11/15 10:9 a.m.44 views

USN-5725-1: Go vulnerability

Diederik Loerakker, Jonny Rhea, Raúl Kripalani, and Preston Van Loon discovered that Go incorrectly handled certain inputs. An attacker could possibly use this issue to cause Go applications to hang or crash, resulting in a denial of service...

7.5CVSS6.8AI score0.0473EPSS
Exploits0
Ubuntu
Ubuntu
added 2022/11/15 5:25 a.m.409 views

USN-5722-1: nginx vulnerabilities

It was discovered that nginx incorrectly handled certain memory operations in the ngxhttpmp4module module. A local attacker could possibly use this issue with a specially crafted mp4 file to cause nginx to crash, stop responding, or access arbitrary memory. CVE-2022-41741, CVE-2022-41742...

7.8CVSS7.4AI score0.01069EPSS
Exploits2
Ubuntu
Ubuntu
added 2022/11/14 7:34 p.m.82 views

USN-5723-1: Vim vulnerabilities

It was discovered that Vim could be made to crash when searching specially crafted patterns. An attacker could possibly use this to crash Vim and cause denial of service. CVE-2022-1674 It was discovered that there existed a NULL pointer dereference in Vim. An attacker could possibly use this to...

7.8CVSS7.5AI score0.01554EPSS
Exploits9
Total number of security vulnerabilities10890