Lucene search
K
UbuntuRecent

10905 matches found

Ubuntu
Ubuntu
•added 2022/11/18 8:47 p.m.•64 views

USN-5727-2: Linux kernel (GCP) vulnerabilities

It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service system crash. CVE-2022-20422 It was discovered that the KVM implementation in the Linux kernel did not properly handl...

7.8CVSS6.9AI score0.00443EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/11/17 7:36 p.m.•58 views

USN-5686-2: Git vulnerability

USN-5686-1 fixed several vulnerabilities in Git. This update provides the corresponding fix for CVE-2022-39260 on Ubuntu 16.04 ESM. Original advisory details: Kevin Backhouse discovered that Git incorrectly handled certain command strings. An attacker could possibly use this issue to cause a cras...

8.8CVSS8.6AI score0.02938EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/17 5:38 p.m.•60 views

USN-5732-1: Unbound vulnerability

It was discovered that Unbound incorrectly handled delegations with a large number of non-responsive nameservers. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service...

7.5CVSS7.5AI score0.01293EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/17 1:14 p.m.•83 views

USN-5731-1: multipath-tools vulnerabilities

It was discovered that multipath-tools incorrectly handled symlinks. A local attacker could possibly use this issue, in combination with other issues, to escalate privileges. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. CVE-2022-41973 It was discovered that...

7.8CVSS7.5AI score0.00658EPSS
Exploits5
Ubuntu
Ubuntu
•added 2022/11/17 1:4 p.m.•56 views

USN-5730-1: WebKitGTK vulnerabilities

Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...

8.8CVSS6.6AI score0.0141EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/17 9:56 a.m.•64 views

USN-5638-2: Expat vulnerabilities

USN-5638-1 fixed a vulnerability in Expat. This update provides the corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that Expat incorrectly handled memory in out-of-memory situations. An attacker could possibly use this issue to cause a crash,...

8.1CVSS8AI score0.02241EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/11/17 1:39 a.m.•78 views

USN-5729-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service system crash. CVE-2022-20422 Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an...

7.8CVSS6.9AI score0.00405EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/11/17 12:57 a.m.•288 views

USN-5728-1: Linux kernel vulnerabilities

Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-427...

8.8CVSS7.1AI score0.04947EPSS
Exploits7
Ubuntu
Ubuntu
•added 2022/11/16 11:57 p.m.•56 views

USN-5727-1: Linux kernel vulnerabilities

It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service system crash. CVE-2022-20422 It was discovered that the KVM implementation in the Linux kernel did not properly handl...

7.8CVSS6.9AI score0.00443EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/11/16 1:25 p.m.•50 views

USN-5726-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the contents of the addressbar, bypass security restrictions, cross-site tracing or execute arbitra...

9.8CVSS7.7AI score0.01659EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/16 11:0 a.m.•56 views

LSN-0090-1: Kernel Live Patch Security Notice

David Bouman discovered that the netfilter subsystem in the Linux kernel did not properly validate passed user register indices. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2022-1015 David Bouman and Billy Jheng Bing Jhong discovered that a...

8.1CVSS6.9AI score0.03763EPSS
Exploits16
Ubuntu
Ubuntu
•added 2022/11/15 7:34 p.m.•46 views

USN-5625-2: Mako vulnerability

USN-5625-1 fixed a vulnerability in Mako. This update provides the corresponding update for Ubuntu 22.10. Original advisory details: It was discovered that Mako incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service...

7.5CVSS7.4AI score0.01656EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/11/15 10:9 a.m.•44 views

USN-5725-1: Go vulnerability

Diederik Loerakker, Jonny Rhea, Raúl Kripalani, and Preston Van Loon discovered that Go incorrectly handled certain inputs. An attacker could possibly use this issue to cause Go applications to hang or crash, resulting in a denial of service...

7.5CVSS6.8AI score0.0473EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/15 5:25 a.m.•410 views

USN-5722-1: nginx vulnerabilities

It was discovered that nginx incorrectly handled certain memory operations in the ngxhttpmp4module module. A local attacker could possibly use this issue with a specially crafted mp4 file to cause nginx to crash, stop responding, or access arbitrary memory. CVE-2022-41741, CVE-2022-41742...

7.8CVSS7.4AI score0.01069EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/11/14 7:34 p.m.•82 views

USN-5723-1: Vim vulnerabilities

It was discovered that Vim could be made to crash when searching specially crafted patterns. An attacker could possibly use this to crash Vim and cause denial of service. CVE-2022-1674 It was discovered that there existed a NULL pointer dereference in Vim. An attacker could possibly use this to...

7.8CVSS7.5AI score0.01564EPSS
Exploits9
Ubuntu
Ubuntu
•added 2022/11/11 8:28 p.m.•61 views

USN-5724-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass Content Security Policy CSP or other security restrictions, or execute...

8.8CVSS7.7AI score0.01342EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/10 6:47 p.m.•36 views

USN-5721-1: WavPack vulnerability

It was discovered that WavPack was not properly performing checks when dealing with memory. If a user were tricked into decompressing a specially crafted WavPack Audio File, an attacker could possibly use this issue to cause the WavPack decompressor to crash, resulting in a denial of service...

5.5CVSS5.4AI score0.00358EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/11/10 12:10 p.m.•63 views

USN-5709-2: Firefox vulnerabilities

USN-5709-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted...

7.7AI score
Exploits0References1
Ubuntu
Ubuntu
•added 2022/11/09 12:0 p.m.•42 views

USN-5720-1: Zstandard vulnerabilities

It was discovered that Zstandard was not properly managing file permissions when generating output files. A local attacker could possibly use this issue to cause a race condition and gain unauthorized access to sensitive data...

5.5CVSS6AI score0.00431EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/11/09 11:20 a.m.•57 views

USN-5719-1: OpenJDK vulnerabilities

It was discovered that OpenJDK incorrectly handled long client hostnames. An attacker could possibly use this issue to cause the corruption of sensitive information. CVE-2022-21619 It was discovered that OpenJDK incorrectly randomized DNS port numbers. A remote attacker could possibly use this...

5.3CVSS6.2AI score0.02376EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/08 2:42 p.m.•192 views

USN-5717-1: PHP vulnerabilities

It was discovered that PHP incorrectly handled certain gzip files. An attacker could possibly use this issue to cause a denial of service. CVE-2022-31628 It was discovered that PHP incorrectly handled certain cookies. An attacker could possibly use this issue to compromise the data CVE-2022-31629...

9.8CVSS7.5AI score0.49336EPSS
Exploits6
Ubuntu
Ubuntu
•added 2022/11/08 1:21 p.m.•58 views

USN-5718-1: pixman vulnerability

Maddie Stone discovered that pixman incorrectly handled certain memory operations. A remote attacker could use this issue to cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code...

8.8CVSS7.6AI score0.0144EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/11/08 8:13 a.m.•71 views

USN-5714-1: LibTIFF vulnerabilities

It was discovered that LibTIFF incorrectly handled certain memory operations when using tiffcrop. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. This issue only affected Ubuntu 22.10. CVE-2022-2519,...

7.7CVSS6.6AI score0.01385EPSS
Exploits11
Ubuntu
Ubuntu
•added 2022/11/07 7:24 p.m.•60 views

USN-5658-2: DHCP vulnerabilities

USN-5658-1 fixed vulnerabilities in DHCP. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: It was discovered that DHCP incorrectly handled option reference counting. A remote attacker could possibly use this issue to cause DHCP servers to crash,...

6.5CVSS6.9AI score0.00664EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/07 5:4 p.m.•81 views

USN-5716-1: SQLite vulnerability

It was discovered that SQLite incorrectly handled certain long string arguments. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS8AI score0.19193EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/11/07 4:57 p.m.•61 views

USN-5715-1: LibRaw vulnerabilities

It was discovered that LibRaw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, resulting in a denial of service, or possibly execute arbitrary code...

7.5CVSS6.5AI score0.03672EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/11/03 1:56 p.m.•46 views

USN-5713-1: Python vulnerability

Devin Jeanpierre discovered that Python incorrectly handled sockets when the multiprocessing module was being used. A local attacker could possibly use this issue to execute arbitrary code and escalate privileges...

7.8CVSS7.9AI score0.00603EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/03 1:6 p.m.•50 views

USN-5712-1: SQLite vulnerability

It was discovered that SQLite did not properly handle large string inputs in certain circumstances. An attacker could possibly use this issue to cause a denial of service or arbitrary code execution...

7.5CVSS7.9AI score0.19193EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/11/03 12:48 p.m.•59 views

USN-5711-2: NTFS-3G vulnerability

USN-5711-1 fixed a vulnerability in NTFS-3G. This update provides the corresponding update for Ubuntu 14.04 ESM Ubuntu 16.04 ESM. Original advisory details: Yuchen Zeng and Eduardo Vela discovered that NTFS-3G incorrectly validated certain NTFS metadata. A local attacker could possibly use this...

7.8CVSS6.5AI score0.00347EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/02 12:10 p.m.•70 views

USN-5711-1: NTFS-3G vulnerability

Yuchen Zeng and Eduardo Vela discovered that NTFS-3G incorrectly validated certain NTFS metadata. A local attacker could possibly use this issue to gain privileges...

7.8CVSS6.5AI score0.00347EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/01 4:24 p.m.•83 views

USN-5710-1: OpenSSL vulnerabilities

It was discovered that OpenSSL incorrectly handled certain X.509 Email Addresses. If a certificate authority were tricked into signing a specially-crafted certificate, a remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. The default compiler...

7.5CVSS7.1AI score0.92488EPSS
Exploits6
Ubuntu
Ubuntu
•added 2022/11/01 1:52 p.m.•58 views

USN-5709-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. CVE-2022-42927, CVE-2022-42928,...

8.8CVSS7.6AI score0.0083EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/11/01 1:15 p.m.•56 views

USN-5708-1: backport-iwlwifi-dkms vulnerabilities

Sönke Huster discovered that an integer overflow vulnerability existed in the WiFi driver stack in the Linux kernel, leading to a buffer overflow. A physically proximate attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-41674 Sönke Hust...

8.8CVSS7.3AI score0.03763EPSS
Exploits5References1
Ubuntu
Ubuntu
•added 2022/10/31 2:57 p.m.•43 views

USN-5707-1: Libtasn1 vulnerability

It was discovered that Libtasn1 did not properly perform bounds checking. An attacker could possibly use this issue to cause a crash...

9.1CVSS7.3AI score0.02062EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/10/27 7:27 p.m.•51 views

USN-5705-1: LibTIFF vulnerabilities

Chintan Shah discovered that LibTIFF incorrectly handled memory in certain conditions. An attacker could trick a user into processing a specially crafted image file and potentially use this issue to allow for information disclosure or to cause the application to crash. CVE-2022-3570 It was...

7.7CVSS6.7AI score0.00938EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/10/27 7:9 p.m.•57 views

USN-5706-1: Linux kernel (Azure CVM) vulnerabilities

It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-4159 It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2...

7.8CVSS7.2AI score0.00419EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/10/27 1:0 p.m.•73 views

USN-5704-1: DBus vulnerabilities

It was discovered that DBus incorrectly handled messages with invalid type signatures. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service. CVE-2022-42010 It was discovered that DBus was incorrectly validating the length of arrays of fixed-lengt...

6.5CVSS6.6AI score0.0131EPSS
Exploits3
Ubuntu
Ubuntu
•added 2022/10/26 9:26 p.m.•60 views

USN-5703-1: Linux kernel (Intel IoTG) vulnerabilities

Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-188...

7.8CVSS7AI score0.0035EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/10/26 7:33 p.m.•56 views

USN-5702-2: curl vulnerability

USN-5702-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Robby Simpson discovered that curl incorrectly handled certain POST operations after PUT operations. This issue could cause applications...

9.8CVSS7.1AI score0.04325EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/10/26 5:33 p.m.•50 views

USN-5696-2: MySQL vulnerabilities

USN-5696-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to...

4.9CVSS6.3AI score0.01381EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/10/26 5:28 p.m.•74 views

USN-5702-1: curl vulnerabilities

Robby Simpson discovered that curl incorrectly handled certain POST operations after PUT operations. This issue could cause applications using curl to send the wrong data, perform incorrect memory operations, or crash. CVE-2022-32221 Hiroki Kurosawa discovered that curl incorrectly handled parsin...

9.8CVSS7.6AI score0.04325EPSS
Exploits2
Ubuntu
Ubuntu
•added 2022/10/26 1:36 p.m.•53 views

USN-5701-1: Jinja2 vulnerability

Yeting Li discovered that Jinja2 incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

5.3CVSS7.2AI score0.03546EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/10/26 8:22 a.m.•69 views

USN-5700-1: Linux kernel vulnerabilities

David Bouman and Billy Jheng Bing Jhong discovered that a race condition existed in the iouring subsystem in the Linux kernel, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2022-2602...

8.8CVSS7.3AI score0.03763EPSS
Exploits7
Ubuntu
Ubuntu
•added 2022/10/26 7:24 a.m.•57 views

USN-5688-2: Libksba vulnerability

USN-5688-1 fixed vulnerabilities in Libksba. This update provides the corresponding update for Ubuntu 22.10. Original advisory details: It was discovered that an integer overflow could be triggered in Libksba when decoding certain data. An attacker could use this issue to cause a denial of servic...

9.8CVSS7.5AI score0.01635EPSS
Exploits1
Ubuntu
Ubuntu
•added 2022/10/25 10:48 p.m.•62 views

USN-5699-1: GNU C Library vulnerabilities

Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. CVE-2021-3326 It was discovered that the...

9.1CVSS6.9AI score0.03093EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/10/25 12:47 p.m.•38 views

USN-5698-2: Open vSwitch vulnerability

USN-5698-1 fixed a vulnerability in Open. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Open vSwitch incorrectly handled comparison of certain minimasks. A remote attacker could use this issue to cause Open vSwitch to crash,...

6.1CVSS8.4AI score0.00529EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/10/25 11:23 a.m.•44 views

USN-5698-1: Open vSwitch vulnerability

It was discovered that Open vSwitch incorrectly handled comparison of certain minimasks. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code...

6.1CVSS8.2AI score0.00529EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/10/25 11:18 a.m.•37 views

USN-5697-1: Barbican vulnerability

Douglas Mendizabal discovered that Barbican incorrectly handled certain query strings. A remote attacker could possibly use this issue to bypass the access policy...

5.9CVSS6.4AI score0.00433EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/10/24 12:56 p.m.•54 views

USN-5227-3: Pillow vulnerability

USN-5227-1 fixed vulnerabilities in Pillow. It was discovered that the fix for CVE-2022-22817 was incomplete. This update fixes the problem. Original advisory details: It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a...

9.8CVSS7.4AI score0.03399EPSS
Exploits0
Ubuntu
Ubuntu
•added 2022/10/24 12:46 p.m.•64 views

USN-5696-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.31 in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Ubuntu 18.04 LTS has been updated to MySQL 5.7.40. In addition to security fixes, the updated...

6.5CVSS6.3AI score0.01381EPSS
Exploits0
Total number of security vulnerabilities10905