10832 matches found
USN-5082-1: Linux kernel (OEM) vulnerabilities
Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...
USN-5081-1: Qt vulnerabilities
It was discovered that Qt incorrectly handled certain XBM image files. If a user or automated system were tricked into opening a specially crafted PPM file, a remote attacker could cause Qt to crash, resulting in a denial of service. CVE-2020-17507 It was discovered that Qt incorrectly handled...
USN-5080-2: Libgcrypt vulnerabilities
USN-5080-1 fixed several vulnerabilities in Libgcrypt. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An attacker could possibly use this issue to recover sensitive information...
USN-5080-1: Libgcrypt vulnerabilities
It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An attacker could possibly use this issue to recover sensitive information...
USN-5078-2: Squashfs-Tools vulnerabilities
USN-5078-1 fixed several vulnerabilities in Squashfs-Tools. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write...
USN-5079-2: curl vulnerabilities
USN-5079-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl woul...
USN-5079-1: curl vulnerabilities
It was discovered that curl incorrect handled memory when sending data to an MQTT server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-22945 Patrick Monnerat discovered that curl incorrectly handled...
USN-5078-1: Squashfs-Tools vulnerability
Richard Weinberger discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem...
USN-5077-2: Apport vulnerabilities
USN-5077-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Maik Münch and Stephen Röttger discovered that Apport incorrectly handled certain information gathering operations. A local...
USN-5077-1: Apport vulnerabilities
Maik Münch and Stephen Röttger discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use this issue to gain read access to arbitrary files, possibly containing sensitive information...
USN-5076-1: Git vulnerability
It was discovered that Git allowed newline characters in certain repository paths. An attacker could potentially use this issue to perform cross-protocol requests...
LSN-0081-1: Kernel Live Patch Security Notice
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory.CVE-2021-3653 Maxim...
USN-5075-1: Ghostscript vulnerability
It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service...
USN-5074-1: Firefox vulnerabilities
Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass mixed content blocking, or execute arbitrary code...
USN-5073-1: Linux kernel vulnerabilities
Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...
USN-5072-1: Linux kernel vulnerabilities
Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...
USN-5071-1: Linux kernel vulnerabilities
Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...
USN-5070-1: Linux kernel vulnerabilities
Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory...
USN-5069-2: mod-auth-mellon vulnerability
USN-5069-1 fixed a vulnerability in mod-auth-mellon. This update provides the corresponding updates for Ubuntu 21.04. Original advisory details: It was discovered that mod-auth-mellon incorrectly filtered certain URLs. A remote attacker could possibly use this issue to perform an open redirect...
USN-5066-2: PySAML2 vulnerability
USN-5066-1 fixed a vulnerability in PySAML2. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Brian Wolff discovered that PySAML2 incorrectly validated cryptographic signatures. A remote attacker could possibly use this issue to alter SAML documents...
USN-5068-1: GD library vulnerabilities
It was discovered that GD Graphics Library incorrectly handled certain GD and GD2 files. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 ESM, and Ubuntu 14.04 ESM. CVE-2017-6363 I...
USN-5069-1: mod-auth-mellon vulnerability
It was discovered that mod-auth-mellon incorrectly filtered certain URLs. A remote attacker could possibly use this issue to perform an open redirect attack...
USN-5067-1: SSSD vulnerabilities
Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. CVE-2018-10852 It was discovered that SSSD incorrectly handled Group Policy Objects. Whe...
USN-5066-1: PySAML2 vulnerability
Brian Wolff discovered that PySAML2 incorrectly validated cryptographic signatures. A remote attacker could possibly use this issue to alter SAML documents...
USN-5065-1: Open vSwitch vulnerability
It was discovered that Open vSwitch incorrectly handled decoding RAWENCAP actions. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-5064-1: GNU cpio vulnerability
Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled certain pattern files. A remote attacker could use this issue to cause cpio to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-5063-1: HAProxy vulnerabilities
Ori Hollander discovered that HAProxy incorrectly handled HTTP header name length encoding. A remote attacker could possibly use this issue to inject a duplicate content-length header and perform request smuggling attacks...
USN-5062-1: Linux kernel vulnerability
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory...
USN-5054-2: uWSGI vulnerability
USN-5054-1 fixed a vulnerability in uWSGI for Ubuntu 18.04 LTS. This update provides the corresponding fixes for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Felix Wilhelm discovered a buffer overflow flaw in the modproxyuwsgi module. An attacker could use this vulnerability ...
USN-5061-1: Scilab vulnerabilities
It was discovered that Scilab did not properly sanitize XML inputs. An atacker could use a crafted XML file to cause a denial of service or possibly execute arbitrary code...
USN-5051-4: OpenSSL regression
USN-5051-2 introduced a regression in OpenSSL that affected only Ubuntu 14.04 ESM. This update fix the regression. Original advisory details: Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL to crash, resultin...
USN-5060-2: NTFS-3G vulnerabilities
USN-5060-1 fixed a vulnerability in NTFS-3G. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that NTFS-3G incorrectly handled certain image file. An attacker could possibly use this issue to execute arbitrary co...
USN-5060-1: NTFS-3G vulnerabilities
It was discovered that NTFS-3G incorrectly handled certain image file. An attacker could possibly use this issue to execute arbitrary code...
USN-5058-1: Thunderbird vulnerabilities
It was discovered that Thunderbird didn't ignore IMAP server responses prior to completion of the STARTTLS handshake. A person-in-the-middle could potentially exploit this to trick Thunderbird into showing incorrect information. CVE-2021-29969 Multiple security issues were discovered in...
USN-5057-1: Squashfs-Tools vulnerability
Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem...
USN-5054-1: uWSGI vulnerability
Felix Wilhelm discovered a buffer overflow flaw in the modproxyuwsgi module. An attacker could use this vulnerability to provoke an information disclosure or potentially remote code execution...
USN-5056-1: APR vulnerability
It was discovered that APR incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information...
USN-5055-1: GNOME grilo vulnerability
Michael Catanzaro discovered that grilo incorrectly handled certain TLS certificate verification. An attacker could possibly use this issue to MITM attacks...
USN-5053-1: libssh vulnerability
It was discovered that libssh incorrectly handled rekeying. A remote attacker could use this issue to cause libssh to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-5051-3: OpenSSL vulnerability
USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for the openssl1.0 package in Ubuntu 18.04 LTS. Original advisory details: Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause...
USN-5051-2: OpenSSL vulnerability
USN-5051-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1 strings. A remote attacker could use this issue to cause OpenSSL...
USN-5052-1: MongoDB vulnerability
MongoDB would fail to properly invalidate existing sessions for deleted users. This could allow a remote authenticated attacker to gain elevated privileges if their user account was recreated with elevated privileges...
USN-5037-2: Firefox regression
USN-5037-1 fixed vulnerabilities in Firefox. The update introduced a regression that caused Firefox to repeatedly prompt for a password. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user wer...
USN-5051-1: OpenSSL vulnerabilities
John Ouyang discovered that OpenSSL incorrectly handled decrypting SM2 data. A remote attacker could use this issue to cause applications using OpenSSL to crash, resulting in a denial of service, or possibly change application behaviour. CVE-2021-3711 Ingo Schwarze discovered that OpenSSL...
USN-5044-1: Linux kernel vulnerabilities
It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle HCI device initialization failure, leading to a double-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. CVE-2021-3564 It was discovered that th...
USN-5050-1: Linux kernel vulnerabilities
It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. CVE-2020-26558, CVE-2021-0129 Michael Brown discovered that the Xen netback driver in the Linux kernel did...
USN-5048-2: Inetutils vulnerability
USN-5048-1 fixed a vulnerability in Inetutils for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update provides the corresponding fixes for Ubuntu 16.04 ESM. Original advisory details: It was discovered that Inetutils telnet server allows remote attackers to execute arbitrary code via short writes ...
USN-5048-1: Inetutils vulnerability
It was discovered that Inetutils telnet server allows remote attackers to execute arbitrary code via short writes or urgent data. An attacker could use this vulnerability to cause a DoS or possibly execute arbitrary code...
USN-5047-1: Firefox vulnerability
It was discovered that Firefox could be made to incorrectly accept newlines in HTTP/3 response headers. If a user were tricked into opening a specially crafted website, an attacker could exploit this to conduct header splitting attacks...
USN-5045-1: Linux kernel vulnerabilities
Norbert Slusarek discovered that the CAN broadcast manger bcm protocol implementation in the Linux kernel did not properly initialize memory in some situations. A local attacker could use this to expose sensitive information kernel memory. CVE-2021-34693 It was discovered that the bluetooth...