USN-5359-2: rsync vulnerability

USN-5359-1 fixed vulnerabilities in rsync. This update provides the corresponding updates for Ubuntu 16.04 ESM. Original advisory details: Danilo Ramos discovered that rsync incorrectly handled memory when performing certain zlib deflating operations. An attacker could use this issue to cause rsy...

USN-5167-1: FFmpeg vulnerabilities

It was discovered that FFmpeg did not properly verify certain input when processing video and audio files. An attacker could possibly use this to send specially crafted input to the application, force a division by zero, and cause a denial of service application crash. CVE-2020-20445,...

USN-5476-1: Liblouis vulnerabilities

Han Zheng discovered that Liblouis incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. This issue was addressed in Ubuntu 21.10 and Ubuntu 22.04 LTS. CVE-2022-26981 It was discovered that Liblouis incorrectly handled certain inputs. An attacker could...

USN-5475-1: Firefox vulnerabilities

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, spoof the browser UI, conduct cross-site scripting XSS attacks, bypass...

USN-5214-1: Cacti vulnerabilities

It was discovered that Cacti was incorrectly validating permissions for user accounts that had been recently disabled. An authenticated attacker could possibly use this to obtain unauthorized access to application and system data. CVE-2020-13230 It was discovered that Cacti was incorrectly...

USN-5396-2: Ghostscript vulnerability

USN-5396-1 addressed a vulnerability in Ghostscript. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a special...

USN-5474-1: Varnish Cache vulnerabilities

It was dicovered that Varnish Cache did not clear a pointer between the handling of one client request and the next request within the same connection. A remote attacker could possibly use this issue to obtain sensitive information. CVE-2019-20637 It was discovered that Varnish Cache could have a...

USN-5472-1: FFmpeg vulnerabilities

It was discovered that FFmpeg would attempt to divide by zero when using Linear Predictive Coding LPC or AAC codecs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. CVE-2020-20445, CVE-2020-20446...

USN-5473-1: ca-certificates update

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.50 version of the Mozilla certificate authority bundle...

USN-5281-1: OpenSC vulnerabilities

It was discovered that some OpenSC smart card drivers mishandled memory when performing certain decoding operations. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. CVE-2019-15945,...

USN-5471-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

USN-5470-1: Linux kernel (OEM) vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

USN-5469-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

USN-5468-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

USN-5467-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

USN-5466-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

USN-5465-1: Linux kernel vulnerabilities

It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. CVE-2022-21499 Aaron Adams discovered that the netfilter subsystem in the Linux...

USN-5464-1: e2fsprogs vulnerability

Nils Bars discovered that e2fsprogs incorrectly handled certain file systems. A local attacker could use this issue with a crafted file system image to possibly execute arbitrary code...

USN-5315-1: Ansible vulnerabilities

It was discovered that Ansible did not properly manage directory permissions when running playbooks with an unprivileged become user. A local attacker could possibly use this issue to cause a race condition, escalate privileges and execute arbitrary code. This issue only affected Ubuntu 16.04 ESM...

USN-5463-1: NTFS-3G vulnerabilities

It was discovered that NTFS-3G incorrectly handled the ntfsck tool. If a user or automated system were tricked into using ntfsck on a specially crafted disk image, a remote attacker could possibly use this issue to execute arbitrary code. CVE-2021-46790 Roman Fiedler discovered that NTFS-3G...

USN-5462-2: Ruby vulnerability

USN-5462-1 fixed several vulnerabilities in Ruby. This update provides the corresponding CVE-2022-28739 update for ruby2.3 on Ubuntu 16.04 ESM. Original advisory details: It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive...

USN-5462-1: Ruby vulnerabilities

It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS. 2022-28738 It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use th...

USN-5461-1: FreeRDP vulnerabilities

It was discovered that FreeRDP incorrectly handled empty password values. A remote attacker could use this issue to bypass server authentication. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. CVE-2022-24882 It was discovered that FreeRDP incorrectly handled server...

USN-5460-1: Vim vulnerabilities

It was discovered that Vim was incorrectly processing Vim buffers. An attacker could possibly use this issue to perform illegal memory access and expose sensitive information. CVE-2022-0554 It was discovered that Vim was not properly performing bounds checks for column numbers when replacing tabs...

USN-5271-1: Adminer vulnerabilities

It was discovered that Adminer did not escape data in the history parameter of the default URI. A remote attacker could possibly use this issue to perform cross-site scripting XSS attacks. This issue only affected Ubuntu 20.04 ESM. CVE-2020-35572 Adam Crosser and Brian Sizemore discovered that...

USN-5282-1: PDFResurrect vulnerabilities

It was discovered that PDFResurrect was incorrectly handling corrupted PDF files. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service, or arbitrary code execution. This issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. CVE-2019-14267 It...

USN-5459-1: cifs-utils vulnerabilities

Aurélien Aptel discovered that cifs-utils invoked a shell when requesting a password. In certain environments, a local attacker could possibly use this issue to escalate privileges. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. CVE-2020-14342 It was discovered that cifs-utils...

USN-5458-1: Vim vulnerabilities

It was discovered that Vim was incorrectly handling virtual column position operations, which could result in an out-of-bounds read. An attacker could possibly use this issue to expose sensitive information. CVE-2021-4193 It was discovered that Vim was not properly performing bounds checks when...

LSN-0086-1: Kernel Live Patch Security Notice

It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code.CVE-2021-39713 Yiqi Sun and Kevin Wang...

USN-5456-1: ImageMagick vulnerability

It was discovered that ImageMagick incorrectly handled memory under certain circumstances. If a user were tricked into opening a specially crafted image, an attacker could possibly exploit this issue to cause a denial of service or other unspecified impact...

USN-5457-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

USN-5443-2: Linux kernel vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

USN-5442-2: Linux kernel vulnerabilities

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...

USN-5454-2: CUPS vulnerabilities

USN-5454-1 fixed several vulnerabilities in CUPS. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Joshua Mason discovered that CUPS incorrectly handled the secret key used to access the administrative web interface. A remote attacker could possibly u...

USN-5451-1: InfluxDB vulnerability

Ilya Averyanov discovered that an InfluxDB vulnerability allowed attackers to bypass authentication and gain access to any known database user...

USN-5454-1: CUPS vulnerabilities

Joshua Mason discovered that CUPS incorrectly handled the secret key used to access the administrative web interface. A remote attacker could possibly use this issue to open a session as an administrator and execute arbitrary code. CVE-2022-26691 It was discovered that CUPS incorrectly handled...

USN-5446-2: dpkg vulnerability

USN-5446-1 fixed a vulnerability in dpkg. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Max Justicz discovered that dpkg incorrectly handled unpacking certain source packages. If a user or an automated system were tricked into unpacking a specially...

USN-5453-1: FreeType vulnerability

It was discovered that FreeType incorrectly handled certain font files. An attacker could possibly use this issue to cause a denial of service...

USN-5452-1: NTFS-3G vulnerability

It was discovered that NTFS-3G was incorrectly validating NTFS metadata in its ntfsck tool by not performing boundary checks. A local attacker could possibly use this issue to cause a denial of service or to execute arbitrary code...

USN-5431-1: GnuPG vulnerability

It was discovered that GnuPG was not properly processing keys with large amounts of signatures. An attacker could possibly use this issue to cause a denial of service...

USN-5450-1: Subversion vulnerabilities

Evgeny Kotkov discovered that subversion servers did not properly follow path-based authorization rules in certain cases. An attacker could potentially use this issue to retrieve information about private paths. CVE-2021-28544 Thomas Weißschuh discovered that subversion servers did not properly...

USN-5448-1: ncurses vulnerabilities

It was discovered that ncurses was not properly checking array bounds when executing the fmtentry function, which could result in an out-of-bounds write. An attacker could possibly use this issue to execute arbitrary code. CVE-2017-10684 It was discovered that ncurses was not properly checking us...

USN-5449-1: libXv vulnerability

It was discovered that libXv incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code...

USN-5402-2: OpenSSL vulnerabilities

USN-5402-1 fixed several vulnerabilities in OpenSSL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Elison Niven discovered that OpenSSL incorrectly handled the crehash script. A local attacker could possibly use this issue to execute arbitrary...

USN-5447-1: logrotate vulnerability

It was discovered that logrotate incorrectly handled the state file. A local attacker could possibly use this issue to keep a lock on the state file and cause logrotate to stop working, leading to a denial of service...

USN-5446-1: dpkg vulnerability

Max Justicz discovered that dpkg incorrectly handled unpacking certain source packages. If a user or an automated system were tricked into unpacking a specially crafted source package, a remote attacker could modify files outside the target unpack directory, leading to a denial of service or...

USN-5445-1: Subversion vulnerabilities

Ace Olszowka discovered that Subversion incorrectly handled certain svnserve requests. A remote attacker could possibly use this issue to cause svnserver to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. CVE-2018-11782 Tomas Bortoli discovered that Subversion...

USN-4781-1: Slurm vulnerabilities

It was discovered that Slurm incorrectly handled certain messages between the daemon and the user. An attacker could possibly use this issue to assume control of an arbitrary file on the system. This issue only affected Ubuntu 16.04 ESM. CVE-2016-10030 It was discovered that Slurm mishandled SPAN...

USN-5435-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, bypass permission prompts, obtain sensitive information, bypass security...

USN-5444-1: Linux kernel vulnerability

Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service system crash or execute arbitrary code...