Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Showing page 1 of 60   Next >
Show: All  

USN-2669-1: Bind vulnerability - 7th July 2015

Breno Silveira Soares discovered that Bind incorrectly handled certain zone data when configured to perform DNSSEC validation. A remote attacker could use this issue with specially crafted zone data to cause Bind to crash, resulting in a denial of service.

CVE-2015-4620

USN-2668-1: HAProxy vulnerability - 7th July 2015

It was discovered that HAProxy incorrectly handled certain buffers. A remote attacker could possibly use this issue to obtain sensitive information belonging to previous requests.

CVE-2015-3281

USN-2667-1: Linux kernel vulnerabilities - 7th July 2015

A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensative memory locations. (CVE-2015-1420) A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw ...

CVE-2015-1420 CVE-2015-4001 CVE-2015-4002 CVE-2015-4003

USN-2666-1: Linux kernel vulnerabilities - 7th July 2015

A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensative memory locations. (CVE-2015-1420) A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw ...

CVE-2015-1420 CVE-2015-4001 CVE-2015-4002 CVE-2015-4003 CVE-2015-4167 CVE-2015-4700

USN-2665-1: Linux kernel (Vivid HWE) vulnerabilities - 7th July 2015

A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensative memory locations. (CVE-2015-1420) A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw ...

CVE-2015-1420 CVE-2015-4001 CVE-2015-4002 CVE-2015-4003

USN-2664-1: Linux kernel (Utopic HWE) vulnerabilities - 7th July 2015

A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensative memory locations. (CVE-2015-1420) A underflow error was discovered in the Linux kernel's Ozmo Devices USB over WiFi host controller driver. A remote attacker could exploit this flaw ...

CVE-2015-1420 CVE-2015-4001 CVE-2015-4002 CVE-2015-4003 CVE-2015-4167 CVE-2015-4700

USN-2663-1: Linux kernel vulnerabilities - 7th July 2015

Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. (CVE-2014-9710) A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this ...

CVE-2014-9710 CVE-2015-1420 CVE-2015-4001 CVE-2015-4002 CVE-2015-4003 CVE-2015-4167

USN-2662-1: Linux kernel (Trusty HWE) vulnerabilities - 7th July 2015

Alexandre Oliva reported a race condition flaw in the btrfs file system's handling of extended attributes (xattrs). A local attacker could exploit this flaw to bypass ACLs and potentially escalate privileges. (CVE-2014-9710) A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this ...

CVE-2014-9710 CVE-2015-1420 CVE-2015-4001 CVE-2015-4002 CVE-2015-4003 CVE-2015-4167

USN-2661-1: Linux kernel (OMAP4) vulnerability - 7th July 2015

A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensative memory locations.

CVE-2015-1420

USN-2660-1: Linux kernel vulnerability - 7th July 2015

A race condition was discovered in the Linux kernel's file_handle size verification. A local user could exploit this flaw to read potentially sensative memory locations.

CVE-2015-1420

USN-2658-1: PHP vulnerabilities - 6th July 2015

Neal Poole and Tomas Hoger discovered that PHP incorrectly handled NULL bytes in file paths. A remote attacker could possibly use this issue to bypass intended restrictions and create or obtain access to sensitive files. (CVE-2015-3411, CVE-2015-3412, CVE-2015-4025, CVE-2015-4026, CVE-2015-4598) Emmanuel Law discovered that the PHP phar extension incorrectly handled ...

CVE-2015-3411 CVE-2015-3412 CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 CVE-2015-4025 CVE-2015-4026 CVE-2015-4147 CVE-2015-4148 CVE-2015-4598 CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 CVE-2015-4604 CVE-2015-4605 CVE-2015-4643 CVE-2015-4644

USN-2659-1: cups-filters vulnerabilities - 6th July 2015

Petr Sklenar discovered that the cups-filters texttopdf filter incorrectly handled line sizes. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code as the lp user. (CVE-2015-3258, CVE-2015-3279)

CVE-2015-3258 CVE-2015-3279

USN-2652-1: Oxide vulnerabilities - 30th June 2015

It was discovered that Chromium did not properly consider the scheme when determining whether a URL is associated with a WebUI SiteInstance. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass security restrictions. (CVE-2015-1266) It was discovered that Blink ...

CVE-2015-1266 CVE-2015-1267 CVE-2015-1268 CVE-2015-1269

USN-2657-1: unattended-upgrades vulnerability - 29th June 2015

It was discovered that unattended-upgrades incorrectly performed authentication checks in certain configurations. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages.

CVE-2015-1330

USN-2655-1: Tomcat vulnerabilities - 25th June 2015

It was discovered that Tomcat incorrectly handled data with malformed chunked transfer coding. A remote attacker could possibly use this issue to conduct HTTP request smuggling attacks, or cause Tomcat to consume resources, resulting in a denial of service. (CVE-2014-0227) It was discovered that Tomcat incorrectly handled HTTP responses occurring ...

CVE-2014-0227 CVE-2014-0230 CVE-2014-7810

USN-2654-1: Tomcat vulnerabilities - 25th June 2015

It was discovered that the Tomcat XML parser incorrectly handled XML External Entities (XXE). A remote attacker could possibly use this issue to read arbitrary files. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-0119) It was discovered that Tomcat incorrectly handled data with malformed chunked transfer coding. A remote attacker ...

CVE-2014-0119 CVE-2014-0227 CVE-2014-0230 CVE-2014-7810

USN-2653-1: Python vulnerabilities - 25th June 2015

It was discovered that multiple Python protocol libraries incorrectly limited certain data when connecting to servers. A malicious ftp, http, imap, nntp, pop or smtp server could use this issue to cause a denial of service. (CVE-2013-1752) It was discovered that the Python xmlrpc library did not limit unpacking gzip-compressed ...

CVE-2013-1752 CVE-2013-1753 CVE-2014-4616 CVE-2014-4650 CVE-2014-7185

USN-2651-1: GNU patch vulnerabilities - 22nd June 2015

Jakub Wilk discovered that GNU patch did not correctly handle file paths in patch files. An attacker could specially craft a patch file that could overwrite arbitrary files with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS. (CVE-2010-4651) László Böszörményi discovered that GNU ...

CVE-2010-4651 CVE-2014-9637 CVE-2015-1196 CVE-2015-1395 CVE-2015-1396

USN-2646-2: Linux kernel regression - 21st June 2015

The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory details: Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside ...

http://bugs.launchpad.net/bugs/1465998

USN-2644-2: Linux kernel (Utopic HWE) regression - 21st June 2015

The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory details: Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside ...

http://bugs.launchpad.net/bugs/1465998

USN-2643-2: Linux kernel regression - 21st June 2015

The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory details: Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside ...

http://bugs.launchpad.net/bugs/1465998

USN-2642-2: Linux kernel (Trusty HWE) regression - 21st June 2015

The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory details: Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside ...

http://bugs.launchpad.net/bugs/1465998

USN-2641-2: Linux kernel (OMAP4) regression - 21st June 2015

The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory details: Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside ...

http://bugs.launchpad.net/bugs/1465998

USN-2640-2: Linux kernel regression - 21st June 2015

The Fix for CVE-2015-1328 introduced a regression into the Linux kernel's overlayfs file system. The removal of a directory that only exists on the lower layer results in a kernel panic. We apologize for the inconvenience. Original advisory details: Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside ...

http://bugs.launchpad.net/bugs/1465998

USN-2650-1: wpa_supplicant and hostapd vulnerabilities - 16th June 2015

Kostya Kortchinsky discovered multiple flaws in wpa_supplicant and hostapd. A remote attacker could use these issues to cause wpa_supplicant or hostapd to crash, resulting in a denial of service. (CVE-2015-4141, CVE-2015-4142, CVE-2015-4143, CVE-2015-4144, CVE-2015-4145, CVE-2015-4146)

CVE-2015-4141 CVE-2015-4142 CVE-2015-4143 CVE-2015-4144 CVE-2015-4145 CVE-2015-4146

USN-2649-1: devscripts vulnerability - 16th June 2015

It was discovered that the uupdate tool incorrectly handled symlinks. If a user or automated system were tricked into processing specially crafted files, a remote attacker could possibly replace arbitrary files, leading to a privilege escalation.

CVE-2014-1833

USN-2648-1: Aptdaemon vulnerability - 16th June 2015

Tavis Ormandy discovered that Aptdeamon incorrectly handled the simulate dbus method. A local attacker could use this issue to possibly expose sensitive information, or perform other file access as the root user.

CVE-2015-1323

USN-2647-1: Linux kernel vulnerability - 15th June 2015

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.

CVE-2015-1328

USN-2646-1: Linux kernel vulnerability - 15th June 2015

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.

CVE-2015-1328

USN-2645-1: Linux kernel (Vivid HWE) vulnerability - 15th June 2015

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.

CVE-2015-1328

USN-2644-1: Linux kernel (Utopic HWE) vulnerability - 15th June 2015

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.

CVE-2015-1328

USN-2643-1: Linux kernel vulnerability - 15th June 2015

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.

CVE-2015-1328

USN-2642-1: Linux kernel (Trusty HWE) vulnerability - 15th June 2015

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.

CVE-2015-1328

USN-2641-1: Linux kernel (OMAP4) vulnerability - 15th June 2015

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.

CVE-2015-1328

USN-2640-1: Linux kernel vulnerability - 15th June 2015

Philip Pettersson discovered a privilege escalation when using overlayfs mounts inside of user namespaces. A local user could exploit this flaw to gain administrative privileges on the system.

CVE-2015-1328

USN-2639-1: OpenSSL vulnerabilities - 11th June 2015

Praveen Kariyanahalli, Ivan Fratric and Felix Groebert discovered that OpenSSL incorrectly handled memory when buffering DTLS data. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-8176) Joseph Barr-Pixton discovered that OpenSSL incorrectly handled malformed ECParameters ...

CVE-2014-8176 CVE-2015-1788 CVE-2015-1789 CVE-2015-1790 CVE-2015-1791 CVE-2015-1792

USN-2638-1: Linux kernel vulnerabilities - 10th June 2015

Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2015-0275) Wen Xu discovered a use-after-free flaw in the ...

CVE-2015-0275 CVE-2015-3636 CVE-2015-4036

USN-2637-1: Linux kernel vulnerabilities - 10th June 2015

Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2015-0275) Wen Xu discovered a use-after-free flaw in the ...

CVE-2015-0275 CVE-2015-3636

USN-2636-1: Linux kernel (Vivid HWE) vulnerabilities - 10th June 2015

Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2015-0275) Wen Xu discovered a use-after-free flaw in the ...

CVE-2015-0275 CVE-2015-3636 CVE-2015-4036

USN-2635-1: Linux kernel (Utopic HWE) vulnerabilities - 10th June 2015

Xiong Zhou discovered a bug in the way the EXT4 filesystem handles fallocate zero range functionality when the page size is greater than the block size. A local attacker could exploit this flaw to cause a denial of service (system crash). (CVE-2015-0275) Wen Xu discovered a use-after-free flaw in the ...

CVE-2015-0275 CVE-2015-3636

USN-2634-1: Linux kernel vulnerabilities - 10th June 2015

Wen Xu discovered a use-after-free flaw in the Linux kernel's ipv4 ping support. A local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges on the system. (CVE-2015-3636) A memory corruption flaw was discovered in the Linux kernel's scsi subsystem. A local ...

CVE-2015-3636 CVE-2015-4036

USN-2633-1: Linux kernel (Trusty HWE) vulnerabilities - 10th June 2015

Wen Xu discovered a use-after-free flaw in the Linux kernel's ipv4 ping support. A local user could exploit this flaw to cause a denial of service (system crash) or gain administrative privileges on the system. (CVE-2015-3636) A memory corruption flaw was discovered in the Linux kernel's scsi subsystem. A local ...

CVE-2015-3636 CVE-2015-4036

USN-2632-1: Linux kernel (OMAP4) vulnerabilities - 10th June 2015

Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service (host crash). (CVE-2015-2150) A privilege escalation was discovered in the fork syscall via the int80 ...

CVE-2015-2150 CVE-2015-2830 CVE-2015-3331 CVE-2015-3636 CVE-2015-4167

USN-2631-1: Linux kernel vulnerabilities - 10th June 2015

Jan Beulich discovered the Xen virtual machine subsystem of the Linux kernel did not properly restrict access to PCI command registers. A local guest user could exploit this flaw to cause a denial of service (host crash). (CVE-2015-2150) A privilege escalation was discovered in the fork syscall via the int80 ...

CVE-2015-2150 CVE-2015-2830 CVE-2015-3331 CVE-2015-3636 CVE-2015-4167

USN-2630-1: QEMU vulnerabilities - 10th June 2015

Matt Tait discovered that QEMU incorrectly handled the virtual PCNET driver. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attackers ...

CVE-2015-3209 CVE-2015-4037 CVE-2015-4103 CVE-2015-4104 CVE-2015-4105 CVE-2015-4106

USN-2629-1: CUPS vulnerabilities - 10th June 2015

It was discovered that CUPS incorrectly handled reference counting when handling localized strings. A remote attacker could use this issue to escalate permissions, upload a replacement CUPS configuration file, and execute arbitrary code. (CVE-2015-1158) It was discovered that the CUPS templating engine contained a cross-site scripting issue. A remote attacker ...

CVE-2015-1158 CVE-2015-1159

USN-2628-1: strongSwan vulnerability - 8th June 2015

Alexander E. Patrakov discovered that strongSwan incorrectly handled certain IKEv2 setups. A malicious server could possibly use this issue to obtain user credentials.

CVE-2015-4171

USN-2627-1: t1utils vulnerability - 3rd June 2015

Jakub Wilk discovered that t1utils incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially crafted font, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.

CVE-2015-3905

USN-2626-1: Qt vulnerabilities - 3rd June 2015

Wolfgang Schenk discovered that Qt incorrectly handled certain malformed GIF images. If a user or automated system were tricked into opening a specially crafted GIF image, a remote attacker could use this issue to cause Qt to crash, resulting in a denial of service. This issue only applied to Ubuntu ...

CVE-2014-0190 CVE-2015-0295 CVE-2015-1858 CVE-2015-1859 CVE-2015-1860

USN-2625-1: Apache HTTP Server update - 2nd June 2015

As a security improvement, this update makes the following changes to the Apache package in Ubuntu 12.04 LTS: Added support for ECC keys and ECDH ciphers. The SSLProtocol configuration directive now allows specifying the TLSv1.1 and TLSv1.2 protocols. Ephemeral key handling has been improved, including allowing DH parameters to be ...

LP: 1197884 LP: 1400473

Showing page 1 of 60   Next >
Show: All