Ubuntu security notices
These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.
You can also view the latest notices by subscribing to the RSS 
or the Atom feeds.
USN-2858-3: Linux kernel (Raspberry Pi 2) vulnerability - 5th January 2016
Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges.
USN-2858-2: Linux kernel (Wily HWE) vulnerability - 5th January 2016
Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges.
USN-2858-1: Linux kernel vulnerability - 5th January 2016
Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges.
USN-2857-2: Linux kernel (Vivid HWE) vulnerability - 5th January 2016
Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges.
USN-2857-1: Linux kernel vulnerability - 5th January 2016
Nathan Williams discovered that overlayfs in the Linux kernel incorrectly handled setattr operations. A local unprivileged attacker could use this to create files with administrative permission attributes and execute arbitrary code with elevated privileges.
USN-2856-1: ldb vulnerabilities - 5th January 2016
Thilo Uttendorfer discovered that the ldb incorrectly handled certain zero values. A remote attacker could use this issue to cause applications using ldb, such as Samba, to stop responding, resulting in a denial of service. (CVE-2015-3223) Douglas Bagnall discovered that ldb incorrectly handled certain string lengths. A remote attacker could ...
USN-2855-1: Samba vulnerabilities - 5th January 2016
Thilo Uttendorfer discovered that the Samba LDAP server incorrectly handled certain packets. A remote attacker could use this issue to cause the LDAP server to stop responding, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 15.04 and Ubuntu 15.10. (CVE-2015-3223) Jan Kasprzak discovered that ...
CVE-2015-3223 CVE-2015-5252 CVE-2015-5296 CVE-2015-5299 CVE-2015-5330 CVE-2015-7540 CVE-2015-8467
USN-2854-1: Linux kernel (Vivid HWE) vulnerabilities - 20th December 2015
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550) Konrad Rzeszutek Wilk discovered the ...
USN-2853-1: Linux kernel (Wily HWE) vulnerabilities - 20th December 2015
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550) Konrad Rzeszutek Wilk discovered the ...
USN-2852-1: Linux kernel (Raspberry Pi 2) vulnerability - 19th December 2015
Jann Horn discovered a ptrace issue with user namespaces in the Linux kernel. The namespace owner could potentially exploit this flaw by ptracing a root owned process entering the user namespace to elevate its privileges and potentially gain access outside of the namespace. (http://bugs.launchpad.net/bugs/1527374, CVE-2015-8709)
USN-2851-1: Linux kernel vulnerabilities - 19th December 2015
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550) Konrad Rzeszutek Wilk discovered the ...
USN-2850-1: Linux kernel vulnerabilities - 19th December 2015
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550) Konrad Rzeszutek Wilk discovered the ...
USN-2849-1: Linux kernel (Utopic HWE) vulnerabilities - 19th December 2015
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550) Konrad Rzeszutek Wilk discovered the ...
USN-2848-1: Linux kernel vulnerabilities - 19th December 2015
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550) Konrad Rzeszutek Wilk discovered the ...
USN-2847-1: Linux kernel (Trusty HWE) vulnerabilities - 19th December 2015
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550) Konrad Rzeszutek Wilk discovered the ...
USN-2846-1: Linux kernel vulnerabilities - 19th December 2015
Felix Wilhelm discovered a race condition in the Xen paravirtualized drivers which can cause double fetch vulnerabilities. An attacker in the paravirtualized guest could exploit this flaw to cause a denial of service (crash the host) or potentially execute arbitrary code on the host. (CVE-2015-8550) Konrad Rzeszutek Wilk discovered the ...
USN-2845-1: SoS vulnerabilities - 17th December 2015
Dolev Farhi discovered an information disclosure issue in SoS. If the /etc/fstab file contained passwords, the passwords were included in the SoS report. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-3925) Mateusz Guzik discovered that SoS incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite ...
USN-2840-2: Linux kernel (OMAP4) vulnerability - 17th December 2015
Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash).
USN-2843-3: Linux kernel (Raspberry Pi 2) vulnerabilities - 17th December 2015
郭永刚 discovered that the ppp implementation in the Linux kernel did not ensure that certain slot numbers are valid. A local attacker with the privilege to call ioctl() on /dev/ppp could cause a denial of service (system crash). (CVE-2015-7799) Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to ...
USN-2843-2: Linux kernel (Wily HWE) vulnerabilities - 17th December 2015
Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. (CVE-2015-8104) 郭永刚 discovered that the ppp ...
CVE-2015-7799 CVE-2015-7872 CVE-2015-7884 CVE-2015-7885 CVE-2015-8104
USN-2844-1: Linux kernel (Utopic HWE) vulnerabilities - 17th December 2015
Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. (CVE-2015-8104) 郭永刚 discovered that the ppp ...
USN-2843-1: Linux kernel vulnerabilities - 17th December 2015
Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. (CVE-2015-8104) 郭永刚 discovered that the ppp ...
CVE-2015-7799 CVE-2015-7872 CVE-2015-7884 CVE-2015-7885 CVE-2015-8104
USN-2842-2: Linux kernel (Vivid HWE) vulnerabilities - 17th December 2015
Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. (CVE-2015-8104) 郭永刚 discovered that the ppp ...
USN-2842-1: Linux kernel vulnerabilities - 17th December 2015
Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. (CVE-2015-8104) 郭永刚 discovered that the ppp ...
USN-2841-2: Linux kernel (Trusty HWE) vulnerabilities - 17th December 2015
Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. (CVE-2015-8104) 郭永刚 discovered that the ppp ...
USN-2841-1: Linux kernel vulnerabilities - 17th December 2015
Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug exceptions on AMD processors. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS. (CVE-2015-8104) 郭永刚 discovered that the ppp ...
USN-2840-1: Linux kernel vulnerabilities - 17th December 2015
Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash). (CVE-2015-7872) Jan Beulich discovered that the KVM svm hypervisor implementation in the Linux kernel did not properly catch Debug ...
USN-2839-1: CUPS update - 16th December 2015
As a security improvement against the POODLE attack, this update disables SSLv3 support in the CUPS web interface. For legacy environments where SSLv3 support is still required, it can be re-enabled by adding "SSLOptions AllowSSL3" to /etc/cups/cupsd.conf.
USN-2838-2: foomatic-filters vulnerability - 16th December 2015
Adam Chester discovered that the foomatic-filters foomatic-rip filter incorrectly stripped shell escape characters. A remote attacker could possibly use this issue to execute arbitrary code as the lp user.
USN-2838-1: cups-filters vulnerability - 16th December 2015
Adam Chester discovered that the cups-filters foomatic-rip filter incorrectly stripped shell escape characters. A remote attacker could possibly use this issue to execute arbitrary code as the lp user.
USN-2833-1: Firefox vulnerabilities - 15th December 2015
Andrei Vaida, Jesse Ruderman, Bob Clary, Christian Holler, Jesse Ruderman, Eric Rahm, Robert Kaiser, Harald Kirschner, and Michael Henretty discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service ...
CVE-2015-7201 CVE-2015-7202 CVE-2015-7203 CVE-2015-7204 CVE-2015-7205 CVE-2015-7207 CVE-2015-7208 CVE-2015-7210 CVE-2015-7211 CVE-2015-7212 CVE-2015-7213 CVE-2015-7214 CVE-2015-7215 CVE-2015-7216 CVE-2015-7217 CVE-2015-7218 CVE-2015-7219 CVE-2015-7220 CVE-2015-7221 CVE-2015-7222 CVE-2015-7223
USN-2837-1: Bind vulnerability - 15th December 2015
It was discovered that Bind incorrectly handled responses with malformed class attributes. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service.
USN-2836-1: GRUB vulnerability - 15th December 2015
Hector Marco and Ismael Ripoll discovered that GRUB incorrectly handled the backspace key when configured to use authentication. A local attacker could use this issue to bypass GRUB password protection.
USN-2835-1: Git vulnerability - 15th December 2015
Blake Burkhart discovered that the Git git-remote-ext helper incorrectly handled recursive clones of git repositories. A remote attacker could possibly use this issue to execute arbitrary code by injecting commands via crafted URLs.
USN-2834-1: libxml2 vulnerabilities - 14th December 2015
Kostya Serebryany discovered that libxml2 incorrectly handled certain malformed documents. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause libxml2 to crash, resulting in a denial of service. (CVE-2015-5312, CVE-2015-7497, CVE-2015-7498, CVE-2015-7499,CVE-2015-7500) Hugh Davenport discovered that libxml2 incorrectly handled certain ...
CVE-2015-5312 CVE-2015-7497 CVE-2015-7498 CVE-2015-7499 CVE-2015-7500 CVE-2015-8241 CVE-2015-8242 CVE-2015-8317
USN-2825-1: Oxide vulnerabilities - 10th December 2015
Multiple use-after-free bugs were discovered in the application cache implementation in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking ...
CVE-2015-6765 CVE-2015-6766 CVE-2015-6767 CVE-2015-6768 CVE-2015-6769 CVE-2015-6770 CVE-2015-6771 CVE-2015-6772 CVE-2015-6773 CVE-2015-6777 CVE-2015-6782 CVE-2015-6784 CVE-2015-6785 CVE-2015-6786 CVE-2015-6787 CVE-2015-8478
USN-2832-1: libsndfile vulnerabilities - 7th December 2015
It was discovered that libsndfile incorrectly handled memory when parsing malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-9496) Joshua Rogers discovered that libsndfile incorrectly handled ...
USN-2831-2: foomatic-filters vulnerability - 7th December 2015
Michal Kowalczyk discovered that the foomatic-filters foomatic-rip filter incorrectly stripped shell escape characters. A remote attacker could possibly use this issue to execute arbitrary code as the lp user.
USN-2831-1: cups-filters vulnerability - 7th December 2015
Michal Kowalczyk discovered that the cups-filters foomatic-rip filter incorrectly stripped shell escape characters. A remote attacker could possibly use this issue to execute arbitrary code as the lp user.
USN-2830-1: OpenSSL vulnerabilities - 7th December 2015
Guy Leaver discovered that OpenSSL incorrectly handled a ServerKeyExchange for an anonymous DH ciphersuite with the value of p set to 0. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 15.10. (CVE-2015-1794) Hanno ...
CVE-2015-1794 CVE-2015-3193 CVE-2015-3194 CVE-2015-3195 CVE-2015-3196
USN-2829-2: Linux kernel (Vivid HWE) vulnerabilities - 4th December 2015
It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-5283) Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. ...
USN-2829-1: Linux kernel vulnerabilities - 4th December 2015
It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-5283) Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. ...
USN-2828-1: QEMU vulnerabilities - 3rd December 2015
Jason Wang discovered that QEMU incorrectly handled the virtio-net device. A remote attacker could use this issue to cause guest network consumption, resulting in a denial of service. (CVE-2015-7295) Qinghao Tang and Ling Liu discovered that QEMU incorrectly handled the pcnet driver when used in loopback mode. A malicious guest ...
USN-2827-1: OpenJDK 6 vulnerabilities - 3rd December 2015
Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-4805, CVE-2015-4835, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4881, CVE-2015-4883) A vulnerability was discovered in the OpenJDK JRE related ...
CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911
USN-2826-1: Linux kernel (Trusty HWE) vulnerabilities - 3rd December 2015
It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-5283) Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. ...
USN-2824-1: Linux kernel (Utopic HWE) vulnerability - 1st December 2015
Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. A local unprivileged attacker could use this to cause a denial of service (system crash).
USN-2823-1: Linux kernel vulnerabilities - 1st December 2015
It was discovered that the SCTP protocol implementation in the Linux kernel performed an incorrect sequence of protocol-initialization steps. A local attacker could use this to cause a denial of service (system crash). (CVE-2015-5283) Dmitry Vyukov discovered that the Linux kernel's keyring handler attempted to garbage collect incompletely instantiated keys. ...
USN-2819-1: Thunderbird vulnerabilities - 1st December 2015
Christian Holler, David Major, Jesse Ruderman, Tyson Smith, Boris Zbarsky, Randell Jesup, Olli Pettay, Karl Tomlinson, Jeff Walden, and Gary Kwong discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial ...
CVE-2015-4513 CVE-2015-7181 CVE-2015-7182 CVE-2015-7183 CVE-2015-7188 CVE-2015-7189 CVE-2015-7193 CVE-2015-7194 CVE-2015-7197 CVE-2015-7198 CVE-2015-7199 CVE-2015-7200
USN-2821-1: GnuTLS vulnerability - 30th November 2015
It was discovered that GnuTLS incorrectly validated the first byte of padding in CBC modes. A remote attacker could possibly use this issue to perform a padding oracle attack.
USN-2820-1: dpkg vulnerability - 26th November 2015
Hanno Boeck discovered that the dpkg-deb tool incorrectly handled certain old style Debian binary packages. If a user or an automated system were tricked into unpacking a specially crafted binary package, a remote attacker could possibly use this issue to execute arbitrary code.