USN-4973-1: Python vulnerability

It was discovered that the Python stdlib ipaddress API incorrectly handled octal strings. A remote attacker could possibly use this issue to perform a wide variety of attacks, including bypassing certain access restrictions...

USN-4972-1: PostgreSQL vulnerabilities

Tom Lane discovered that PostgreSQL incorrect handled certain array subscripting calculations. An authenticated attacker could possibly use this issue to overwrite server memory and escalate privileges. CVE-2021-32027 Andres Freund discovered that PostgreSQL incorrect handled certain INSERT ... O...

USN-4971-1: libwebp vulnerabilities

It was discovered that libwebp incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image file, a remote attacker could use this issue to cause libwebp to crash, resulting in a denial of service, or possibly execute arbitrary co...

USN-4970-1: GUPnP vulnerability

It was discovered that GUPnP incorrectly filtered local requests. If a user were tricked into visiting a malicious website, a remote attacker could possibly use this issue to perform actions against local UPnP services such as obtaining or altering sensitive information...

USN-4968-2: LZ4 vulnerability

USN-4968-1 fixed a vulnerability in LZ4. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that LZ4 incorrectly handled certain memory operations. If a user or automated system were tricked into uncompressing a...

USN-4967-2: nginx vulnerability

USN-4967-1 fixed a vulnerability in nginx. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx incorrectly handled responses to the DNS resolver. A remote attacker could...

USN-4969-2: DHCP vulnerability

USN-4969-1 fixed a vulnerability in DHCP. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Original advisory details: Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A remote attacker could possibly use this issue...

USN-4969-1: DHCP vulnerability

Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly handled lease file parsing. A remote attacker could possibly use this issue to cause DHCP to crash, resulting in a denial of service...

USN-4968-1: LZ4 vulnerability

It was discovered that LZ4 incorrectly handled certain memory operations. If a user or automated system were tricked into uncompressing a specially- crafted LZ4 file, a remote attacker could use this issue to cause LZ4 to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-4967-1: nginx vulnerability

Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx incorrectly handled responses to the DNS resolver. A remote attacker could use this issue to cause nginx to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-4966-2: libx11 vulnerability

USN-4966-1 fixed a vulnerability in libx11. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that libx11 incorrectly validated certain parameter lengths. A remote attacker could possibly use this issue to trick...

USN-4965-2: Apport vulnerabilities

USN-4965-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: Maik Münch discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use these...

USN-4966-1: libx11 vulnerability

It was discovered that libx11 incorrectly validated certain parameter lengths. A remote attacker could possibly use this issue to trick libx11 into emitting extra X protocol requests...

USN-4965-1: Apport vulnerabilities

Maik Münch discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use these issues to read and write arbitrary files as an administrator, and possibly escalate privileges...

USN-4964-1: Exiv2 vulnerabilities

It was discovered that Exiv2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04. CVE-2021-29463 It was discovered that Exiv2 incorrectly handled certain files. An...

USN-4962-1: Babel vulnerability

It was discovered that Babel incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

USN-4963-1: Pillow vulnerabilities

It was discovered that Pillow incorrectly handled certain image files. If a user or automated system were tricked into opening a specially-crafted file, a remote attacker could cause Pillow to crash or hand, resulting in a denial of service...

USN-4961-1: pip vulnerability

It was discovered that pip incorrectly handled unicode separators in git references. A remote attacker could possibly use this issue to install a different revision on a repository...

USN-4960-1: runC vulnerability

Etienne Champetier discovered that runC incorrectly checked mount targets. An attacker with a malicious container image could possibly mount the host filesystem into the container and escalate privileges...

USN-4945-2: Linux kernel (Raspberry Pi) vulnerabilities

USN-4945-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS and Ubuntu 18.04 LTS. This update provides the corresponding Linux kernel updates targeted specifically for Raspberry Pi devices in those same Ubuntu Releases. Original advisory details: It was discovered that the Nouveau G...

USN-4959-1: GStreamer Base Plugins vulnerability

It was discovered that GStreamer Base Plugins incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information...

USN-4957-2: DjVuLibre vulnerabilities

USN-4957-1 fixed several vulnerabilities in DjVuLibre. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a...

USN-4958-1: Caribou vulnerability

It was discovered that the Caribou onscreen keyboard could be made to crash when given certain input values. An attacker could use this to bypass screen-locking applications that support using Caribou as an input mechanism...

USN-4957-1: DjVuLibre vulnerabilities

It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, a remote attacker could cause applications to hang or crash, resulting in a denial of service, or possibly execute arbitrary co...

USN-4956-1: Eventlet vulnerability

It was discovered that Eventlet incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service...

USN-4955-1: Please vulnerabilities

Matthias Gerstner discovered that Please contained multiple security issues. A local attacker could use these issues to cause Please to crash, resulting in a denial of service, or possibly escalate privileges...

USN-4628-3: Intel Microcode vulnerabilities

USN-4628-1 provided updated Intel Processor Microcode for various processor types. This update provides the corresponding updates for some additional processor types. Original advisory details: Moritz Lipp, Michael Schwarz, Andreas Kogler, David Oswald, Catherine Easdon, Claudio Canella, and Dani...

LSN-0077-1: Kernel Live Patch Security Notice

Vincent Dehors discovered that the shiftfs file system in the Ubuntu Linux kernel did not properly handle faults in copyfromuser when passing through ioctls to an underlying file system. A local attacker could use this to cause a denial of service memory exhaustion or execute arbitrary...

USN-4954-1: GNU C Library vulnerabilities

Jason Royes and Samuel Dytrych discovered that the memcpy implementation for 32 bit ARM processors in the GNU C Library contained an integer underflow vulnerability. An attacker could possibly use this to cause a denial of service application crash or execute arbitrary code. CVE-2020-6096 It was...

USN-4953-1: AWStats vulnerabilities

Sean Boran discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to execute arbitrary code. CVE-2020-29600 It was discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to access...

USN-4932-2: Django vulnerability

USN-4932-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Original advisory details: It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwri...

USN-4952-1: MySQL vulnerabilities

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.25 in Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.34. In addition to security fixes, the...

USN-4951-1: Flatpak vulnerability

Anton Lydike discovered that Flatpak did not properly handle special tokens in desktop files. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement...

USN-4950-1: Linux kernel vulnerabilities

Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3489...

USN-4949-1: Linux kernel vulnerabilities

Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3489...

USN-4948-1: Linux kernel (OEM) vulnerabilities

Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service system crash or execute arbitrary code. CVE-2021-3489...

USN-4946-1: Linux kernel vulnerabilities

It was discovered that the DRM subsystem in the Linux kernel contained double-free vulnerabilities. A privileged attacker could possibly use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2021-20292 Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan ...

USN-4947-1: Linux kernel (OEM) vulnerabilities

Kiyin 尹亮 discovered that the x25 implementation in the Linux kernel contained overflows when handling addresses from user space. A local attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-35519 It was discovered that the fastrpc driver i...

USN-4945-1: Linux kernel vulnerabilities

It was discovered that the Nouveau GPU driver in the Linux kernel did not properly handle error conditions in some situations. A local attacker could use this to cause a denial of service system crash. CVE-2020-25639 Jan Beulich discovered that the Xen netback backend in the Linux kernel did not...

USN-4944-1: MariaDB vulnerabilities

This update fixed multiple vulnerabilities in MariaDB. Ubuntu 18.04 LTS has been updated to MariaDB 10.1.48. Ubuntu 20.04 LTS has been updated to MariaDB 10.3.29. Ubuntu 20.10 has been updated to MariaDB 10.3.29. Ubuntu 21.04 has been updated to MariaDB 10.5.10...

USN-4943-1: XStream vulnerabilities

Zhihong Tian and Hui Lu found that XStream was vulnerable to remote code execution. A remote attacker could run arbitrary shell commands by manipulating the processed input stream. This issue affected only affected Ubuntu 20.10. CVE-2020-26217 It was discovered that XStream was vulnerable to...

USN-4942-1: Firefox vulnerability

A race condition was discovered in Web Render Components. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code...

USN-4941-1: Exiv2 vulnerabilities

It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. CVE-2021-29457 It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of...

USN-4940-1: PyYAML vulnerability

It was discovered that PyYAML incorrectly handled untrusted YAML files with the FullLoader loader. A remote attacker could possibly use this issue to execute arbitrary code...

USN-4939-1: WebKitGTK vulnerabilities

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service...

USN-4936-1: Thunderbird vulnerabilities

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. CVE-2021-23968,...

USN-4938-1: Unbound vulnerabilities

It was discovered that Unbound contained multiple security issues. A remote attacker could possibly use these issues to cause a denial of service, inject arbitrary commands, execute arbitrary code, and overwrite local files...

USN-4934-2: Exim vulnerabilities

USN-4934-1 fixed several vulnerabilities in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2020-28026 only affected Ubuntu 16.04 ESM. Original advisory details: It was discovered that Exim contained multiple security issues. An attacker could us...

USN-4937-1: GNOME Autoar vulnerability

Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution...

USN-4935-1: NVIDIA graphics drivers vulnerabilities

It was discovered that the NVIDIA GPU display driver for the Linux kernel incorrectly performed access control. A local attacker could use this issue to cause a denial of service, expose sensitive information, or escalate privileges. CVE-2021-1076 It was discovered that the NVIDIA GPU display...