Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Showing page 1 of 57   Next >
Show: All  

USN-2553-2: LibTIFF regression - 1st April 2015

USN-2553-1 fixed vulnerabilities in LibTIFF. One of the security fixes caused a regression when saving certain TIFF files with a Predictor tag. The problematic patch has been temporarily backed out until a more complete fix is available. We apologize for the inconvenience. Original advisory details: William Robinet discovered that LibTIFF ...

LP: 1439186

USN-2550-1: Firefox vulnerabilities - 1st April 2015

Olli Pettay and Boris Zbarsky discovered an issue during anchor navigations in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin policy restrictions. (CVE-2015-0801) Bobby Holley discovered that windows created to hold privileged UI content retained ...

CVE-2015-0801 CVE-2015-0802 CVE-2015-0803 CVE-2015-0804 CVE-2015-0805 CVE-2015-0806 CVE-2015-0807 CVE-2015-0808 CVE-2015-0811 CVE-2015-0812 CVE-2015-0813 CVE-2015-0814 CVE-2015-0815 CVE-2015-0816

USN-2555-1: Libgcrypt vulnerabilities - 1st April 2015

Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer discovered that Libgcrypt was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys. (CVE-2014-3591) Daniel Genkin, Adi Shamir, and Eran Tromer discovered that Libgcrypt was susceptible to an attack via ...

CVE-2014-3591 CVE-2015-0837

USN-2554-1: GnuPG vulnerabilities - 1st April 2015

Daniel Genkin, Lev Pachmanov, Itamar Pipman, and Eran Tromer discovered that GnuPG was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys. (CVE-2014-3591) Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an attack via ...

CVE-2014-3591 CVE-2014-5270 CVE-2015-0837 CVE-2015-1606 CVE-2015-1607

USN-2553-1: LibTIFF vulnerabilities - 31st March 2015

William Robinet discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges. (CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130) Paris ...

CVE-2014-8127 CVE-2014-8128 CVE-2014-8129 CVE-2014-8130 CVE-2014-9330 CVE-2014-9655

USN-2551-1: Apache Standard Taglibs vulnerability - 30th March 2015

David Jorm discovered that the Apache Standard Taglibs incorrectly handled external XML entities. A remote attacker could possibly use this issue to execute arbitrary code or perform other external XML entity attacks.

CVE-2015-0254

USN-2549-1: libarchive vulnerabilities - 25th March 2015

It was discovered that the libarchive bsdcpio utility extracted absolute paths by default without using the --insecure flag, contrary to expectations. If a user or automated system were tricked into extracting cpio archives containing absolute paths, a remote attacker may be able to write to arbitrary files. (CVE-2015-2304) Fabian Yamaguchi ...

CVE-2013-0211 CVE-2015-2304

USN-2548-1: Batik vulnerability - 25th March 2015

Nicolas Gregoire and Kevin Schaller discovered that Batik would load XML external entities by default. If a user or automated system were tricked into opening a specially crafted SVG file, an attacker could possibly obtain access to arbitrary files or cause resource consumption.

CVE-2015-0250

USN-2547-1: Mono vulnerabilities - 24th March 2015

It was discovered that the Mono TLS implementation was vulnerable to the SKIP-TLS vulnerability. A remote attacker could possibly use this issue to perform client impersonation attacks. (CVE-2015-2318) It was discovered that the Mono TLS implementation was vulnerable to the FREAK vulnerability. A remote attacker or a man in the ...

CVE-2011-0992 CVE-2012-3543 CVE-2015-2318 CVE-2015-2319 CVE-2015-2320

USN-2546-1: Linux kernel vulnerabilities - 24th March 2015

A flaw was discovered in the automatic loading of modules in the crypto subsystem of the Linux kernel. A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. (CVE-2013-7421) A flaw was discovered in the crypto ...

CVE-2013-7421 CVE-2014-9644 CVE-2015-1421 CVE-2015-1465

USN-2545-1: Linux kernel (Utopic HWE) vulnerabilities - 24th March 2015

A flaw was discovered in the automatic loading of modules in the crypto subsystem of the Linux kernel. A local user could exploit this flaw to load installed kernel modules, increasing the attack surface and potentially using this to gain administrative privileges. (CVE-2013-7421) A flaw was discovered in the crypto ...

CVE-2013-7421 CVE-2014-9644 CVE-2015-1421 CVE-2015-1465

USN-2544-1: Linux kernel vulnerabilities - 24th March 2015

Eric Windisch discovered flaw in how the Linux kernel's XFS file system replaces remote attributes. A local access with access to an XFS file system could exploit this flaw to escalate their privileges. (CVE-2015-0274) A flaw was discovered in the automatic loading of modules in the crypto subsystem of the ...

CVE-2013-7421 CVE-2014-7822 CVE-2014-9644 CVE-2015-0274

USN-2543-1: Linux kernel (Trusty HWE) vulnerabilities - 24th March 2015

Eric Windisch discovered flaw in how the Linux kernel's XFS file system replaces remote attributes. A local access with access to an XFS file system could exploit this flaw to escalate their privileges. (CVE-2015-0274) A flaw was discovered in the automatic loading of modules in the crypto subsystem of the ...

CVE-2013-7421 CVE-2014-7822 CVE-2014-9644 CVE-2015-0274

USN-2542-1: Linux kernel (OMAP4) vulnerabilities - 24th March 2015

The Linux kernel's splice system call did not correctly validate its parameters. A local, unprivileged user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-7822) A flaw was discovered in how Thread Local Storage (TLS) is handled by the task switching function in the Linux kernel ...

CVE-2014-7822 CVE-2014-9419 CVE-2014-9683 CVE-2015-1421

USN-2541-1: Linux kernel vulnerabilities - 24th March 2015

The Linux kernel's splice system call did not correctly validate its parameters. A local, unprivileged user could exploit this flaw to cause a denial of service (system crash). (CVE-2014-7822) A flaw was discovered in how Thread Local Storage (TLS) is handled by the task switching function in the Linux kernel ...

CVE-2014-7822 CVE-2014-9419 CVE-2014-9683 CVE-2015-1421

USN-2540-1: GnuTLS vulnerabilities - 23rd March 2015

It was discovered that GnuTLS did not perform date and time checks on CA certificates, contrary to expectations. This issue only affected Ubuntu 10.04 LTS. (CVE-2014-8155) Nikos Mavrogiannopoulos discovered that GnuTLS incorrectly verified that signature algorithms matched. A remote attacker could possibly use this issue to downgrade to a disallowed ...

CVE-2014-8155 CVE-2015-0282 CVE-2015-0294

USN-2539-1: Django vulnerabilities - 23rd March 2015

Andrey Babak discovered that Django incorrectly handled strip_tags. A remote attacker could possibly use this issue to cause Django to enter an infinite loop, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2015-2316) Daniel Chatfield discovered that Django incorrectly handled user-supplied redirect ...

CVE-2015-2316 CVE-2015-2317

USN-2538-1: Firefox vulnerabilities - 22nd March 2015

A flaw was discovered in the implementation of typed array bounds checking in the Javascript just-in-time compilation. If a user were tricked in to opening a specially crafted website, an attacked could exploit this to execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2015-0817) Mariusz Mlynski discovered ...

CVE-2015-0817 CVE-2015-0818

USN-2537-1: OpenSSL vulnerabilities - 19th March 2015

It was discovered that OpenSSL incorrectly handled malformed EC private key files. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service, or execute arbitrary code. (CVE-2015-0209) Stephen Henson discovered that OpenSSL incorrectly handled comparing ASN.1 boolean types. A remote attacker ...

CVE-2015-0209 CVE-2015-0286 CVE-2015-0287 CVE-2015-0288 CVE-2015-0289 CVE-2015-0292 CVE-2015-0293

USN-2536-1: libXfont vulnerabilities - 18th March 2015

Ilja van Sprundel, Alan Coopersmith, and William Robinet discovered that libXfont incorrectly handled malformed bdf fonts. A local attacker could use this issue to cause libXfont to crash, or possibly execute arbitrary code in order to gain privileges.

CVE-2015-1802 CVE-2015-1803 CVE-2015-1804

USN-2535-1: PHP vulnerabilities - 18th March 2015

Thomas Jarosch discovered that PHP incorrectly limited recursion in the fileinfo extension. A remote attacker could possibly use this issue to cause PHP to consume resources or crash, resulting in a denial of service. (CVE-2014-8117) S. Paraschoudis discovered that PHP incorrectly handled memory in the enchant binding. A remote attacker ...

CVE-2014-8117 CVE-2014-9705 CVE-2015-0273 CVE-2015-2301

USN-2534-1: Libav vulnerabilities - 17th March 2015

It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

CVE-2014-8542 CVE-2014-8543 CVE-2014-8544 CVE-2014-8547 CVE-2014-8548 CVE-2014-9604

USN-2532-1: cups-filters vulnerability - 16th March 2015

It was discovered that cups-browsed incorrectly filtered remote printer names and strings. A remote attacker could use this issue to possibly execute arbitrary commands.

CVE-2015-2265

USN-2533-1: Sudo vulnerability - 16th March 2015

Jakub Wilk and Stephane Chazelas discovered that Sudo incorrectly handled the TZ environment variable. An attacker with Sudo access could possibly use this issue to open arbitrary files, bypassing intended permissions.

CVE-2014-9680

USN-2531-1: Requests vulnerability - 16th March 2015

Matthew Daley discovered that Requests incorrectly handled cookies without host values when being redirected. A remote attacker could possibly use this issue to perform session fixation or cookie stealing attacks.

CVE-2015-2296

USN-2530-1: Linux kernel vulnerability - 12th March 2015

It was discovered that the Linux kernel's Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges.

CVE-2014-8159

USN-2529-1: Linux kernel (Utopic HWE) vulnerability - 12th March 2015

It was discovered that the Linux kernel's Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges.

CVE-2014-8159

USN-2528-1: Linux kernel vulnerability - 12th March 2015

It was discovered that the Linux kernel's Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges.

CVE-2014-8159

USN-2527-1: Linux kernel (Trusty HWE) vulnerability - 12th March 2015

It was discovered that the Linux kernel's Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges.

CVE-2014-8159

USN-2526-1: Linux kernel vulnerability - 12th March 2015

It was discovered that the Linux kernel's Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges.

CVE-2014-8159

USN-2525-1: Linux kernel vulnerability - 12th March 2015

It was discovered that the Linux kernel's Infiniband subsystem did not properly sanitize its input parameters while registering memory regions from userspace. A local user could exploit this flaw to cause a denial of service (system crash) or to potentially gain administrative privileges.

CVE-2014-8159

USN-2524-1: eCryptfs vulnerability - 10th March 2015

Sylvain Pelissier discovered that eCryptfs did not generate a random salt when encrypting the mount passphrase with the login password. An attacker could use this issue to discover the login password used to protect the mount passphrase and gain unintended access to the encrypted files.

CVE-2014-9687

USN-2522-3: ICU vulnerabilities - 10th March 2015

USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have now been updated to fix the regression. We apologize for the inconvenience. Original advisory details: It was discovered that ICU incorrectly handled memory operations when processing fonts. If ...

CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2419 CVE-2014-6585 CVE-2014-6591

USN-2521-1: Oxide vulnerabilities - 10th March 2015

Several out-of-bounds write bugs were discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash or execute arbitrary code with the privileges of the user invoking the program. (CVE-2015-1213, CVE-2015-1214, ...

CVE-2015-1213 CVE-2015-1214 CVE-2015-1215 CVE-2015-1216 CVE-2015-1217 CVE-2015-1218 CVE-2015-1219 CVE-2015-1220 CVE-2015-1221 CVE-2015-1222 CVE-2015-1223 CVE-2015-1224 CVE-2015-1227 CVE-2015-1228 CVE-2015-1229 CVE-2015-1230 CVE-2015-1231 CVE-2015-2238

USN-2523-1: Apache HTTP Server vulnerabilities - 10th March 2015

Martin Holst Swende discovered that the mod_headers module allowed HTTP trailers to replace HTTP headers during request processing. A remote attacker could possibly use this issue to bypass RequestHeaders directives. (CVE-2013-5704) Mark Montague discovered that the mod_cache module incorrectly handled empty HTTP Content-Type headers. A remote attacker could use this ...

CVE-2013-5704 CVE-2014-3581 CVE-2014-3583 CVE-2014-8109 CVE-2015-0228

USN-2505-2: Firefox regression - 9th March 2015

USN-2505-1 fixed vulnerabilities in Firefox. This update removed the deprecated "-remote" command-line switch that some older software still depends on. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Matthew Noorenberghe discovered that whitelisted Mozilla domains could make UITour API calls from background tabs. If one ...

LP: 1425972 LP: 1429115

USN-2522-2: ICU regression - 6th March 2015

USN-2522-1 fixed vulnerabilities in ICU. On Ubuntu 12.04 LTS, the font patches caused a regression when using LibreOffice Calc. The patches have been temporarily backed out until the regression is investigated. We apologize for the inconvenience. Original advisory details: It was discovered that ICU incorrectly handled memory operations when processing ...

LP: 1429043

USN-2522-1: ICU vulnerabilities - 5th March 2015

It was discovered that ICU incorrectly handled memory operations when processing fonts. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. (CVE-2013-1569, CVE-2013-2383, ...

CVE-2013-1569 CVE-2013-2383 CVE-2013-2384 CVE-2013-2419 CVE-2014-6585 CVE-2014-6591 CVE-2014-7923 CVE-2014-7926 CVE-2014-7940 CVE-2014-9654

USN-2516-3: Linux kernel vulnerabilities regression - 4th March 2015

USN-2516-1 fixed vulnerabilities in the Linux kernel, and the fix in USN-2516-2 was incomplete. There was an unrelated regression in the use of the virtual counter (CNTVCT) on arm64 architectures. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A flaw was discovered in the Kernel ...

LP: 1427292

USN-2515-2: Linux kernel (Trusty HWE) vulnerabilities regression - 4th March 2015

USN-2515-1 fixed vulnerabilities in the Linux kernel. There was an unrelated regression in the use of the virtual counter (CNTVCT) on arm64 architectures. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER ...

LP: 1427297

USN-2506-1: Thunderbird vulnerabilities - 3rd March 2015

Armin Razmdjou discovered that contents of locally readable files could be made available via manipulation of form autocomplete in some circumstances. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit this to obtain sensitive information. (CVE-2015-0822) Abhishek Arya discovered ...

CVE-2015-0822 CVE-2015-0827 CVE-2015-0831 CVE-2015-0836

USN-2516-2: Linux kernel vulnerability regression - 28th February 2015

USN-2516-1 fixed vulnerabilities in the Linux kernel. There was an unrelated regression in the use of the virtual counter (CNTVCT) on arm64 architectures. This update fixes the problem. We apologize for the inconvenience. Original advisory details: A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER ...

LP: 1426043

USN-2520-1: CUPS vulnerability - 26th February 2015

Peter De Wachter discovered that CUPS incorrectly handled certain malformed compressed raster files. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2014-9679

USN-2519-1: GNU C Library vulnerabilities - 26th February 2015

Arnaud Le Blanc discovered that the GNU C Library incorrectly handled file descriptors when resolving DNS queries under high load. This may cause a denial of service in other applications, or an information leak. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2013-7423) It ...

CVE-2013-7423 CVE-2014-9402 CVE-2015-1472 CVE-2015-1473

USN-2518-1: Linux kernel vulnerabilities - 26th February 2015

A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the ...

CVE-2014-8133 CVE-2014-8160 CVE-2014-8559 CVE-2014-8989 CVE-2014-9419 CVE-2014-9420 CVE-2014-9428 CVE-2014-9529 CVE-2014-9584 CVE-2014-9585 CVE-2014-9683 CVE-2015-0239

USN-2517-1: Linux kernel (Utopic HWE) vulnerabilities - 26th February 2015

A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the ...

CVE-2014-8133 CVE-2014-8160 CVE-2014-8559 CVE-2014-8989 CVE-2014-9419 CVE-2014-9420 CVE-2014-9428 CVE-2014-9529 CVE-2014-9584 CVE-2014-9585 CVE-2014-9683 CVE-2015-0239

USN-2516-1: Linux kernel vulnerabilities - 26th February 2015

A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the ...

CVE-2014-8133 CVE-2014-8160 CVE-2014-8559 CVE-2014-8989 CVE-2014-9419 CVE-2014-9420 CVE-2014-9428 CVE-2014-9529 CVE-2014-9584 CVE-2014-9585 CVE-2014-9683 CVE-2015-0239

USN-2515-1: Linux kernel (Trusty HWE) vulnerabilities - 26th February 2015

A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the ...

CVE-2014-8133 CVE-2014-8160 CVE-2014-8559 CVE-2014-8989 CVE-2014-9419 CVE-2014-9420 CVE-2014-9428 CVE-2014-9529 CVE-2014-9584 CVE-2014-9585 CVE-2014-9683 CVE-2015-0239

USN-2514-1: Linux kernel (OMAP4) vulnerabilities - 26th February 2015

A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the ...

CVE-2013-7421 CVE-2014-7970 CVE-2014-8160 CVE-2014-9529 CVE-2014-9584 CVE-2014-9585 CVE-2014-9644 CVE-2015-0239

USN-2513-1: Linux kernel vulnerabilities - 26th February 2015

A flaw was discovered in the Kernel Virtual Machine's (KVM) emulation of the SYSTENTER instruction when the guest OS does not initialize the SYSENTER MSRs. A guest OS user could exploit this flaw to cause a denial of service of the guest OS (crash) or potentially gain privileges on the ...

CVE-2013-7421 CVE-2014-7970 CVE-2014-8160 CVE-2014-9529 CVE-2014-9584 CVE-2014-9585 CVE-2014-9644 CVE-2015-0239

Showing page 1 of 57   Next >
Show: All