Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Showing page 1 of 61   Next >
Show: All  

USN-2726-1: Expat vulnerability - 31st August 2015

It was discovered that Expat incorrectly handled malformed XML data. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code.

CVE-2015-1283

USN-2723-1: Firefox vulnerabilities - 27th August 2015

A use-after-free was discovered when resizing a canvas element during restyling in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the ...

CVE-2015-4497 CVE-2015-4498

USN-2725-1: cups-filters vulnerability - 27th August 2015

Seth Arnold discovered that ippusbxd in the cups-filters package would incorrectly listen to all configured network interfaces. A remote attacker could use this issue to possibly access locally-connected printers.

CVE-2015-6520

USN-2724-1: QEMU vulnerabilities - 27th August 2015

It was discovered that QEMU incorrectly handled a PRDT with zero complete sectors in the IDE functionality. A malicious guest could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-9718) Donghai Zhu discovered that QEMU incorrectly handled ...

CVE-2014-9718 CVE-2015-5165 CVE-2015-5166 CVE-2015-5225 CVE-2015-5745

USN-2722-1: GDK-PixBuf vulnerability - 26th August 2015

Gustavo Grieco discovered that GDK-PixBuf incorrectly handled scaling bitmap images. If a user or automated system were tricked into opening a BMP image file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2015-4491

USN-2712-1: Thunderbird vulnerabilities - 25th August 2015

Gary Kwong, Christian Holler, and Byron Campen discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges ofthe user ...

CVE-2015-4473 CVE-2015-4487 CVE-2015-4488 CVE-2015-4489 CVE-2015-4491

USN-2702-3: Firefox regression - 20th August 2015

USN-2702-1 fixed vulnerabilities in Firefox. After upgrading, some users in the US reported that their default search engine switched to Yahoo. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Gary Kwong, Christian Holler, Byron Campen, Tyson Smith, Bobby Holley, Chris Coulson, and Eric Rahm discovered ...

LP: 1485741

USN-2721-1: Subversion vulnerabilities - 20th August 2015

It was discovered that the Subversion mod_dav_svn module incorrectly handled REPORT requests for a resource that does not exist. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-3580) ...

CVE-2014-3580 CVE-2014-8108 CVE-2015-0202 CVE-2015-0248 CVE-2015-0251 CVE-2015-3184 CVE-2015-3187

USN-2720-1: Django vulnerability - 18th August 2015

Lin Hua Cheng discovered that Django incorrectly handled the session store. A remote attacker could use this issue to cause the session store to fill up, resulting in a denial of service.

CVE-2015-5963 CVE-2015-5964

USN-2710-2: OpenSSH regression - 18th August 2015

USN-2710-1 fixed vulnerabilities in OpenSSH. The upstream fix for CVE-2015-5600 caused a regression resulting in random authentication failures in non-default configurations. This update fixes the problem. Original advisory details: Moritz Jodeit discovered that OpenSSH incorrectly handled usernames when using PAM authentication. If an additional vulnerability were discovered in the OpenSSH ...

LP: 1485719

USN-2719-1: Linux kernel vulnerability - 17th August 2015

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

CVE-2015-3212

USN-2718-1: Linux kernel (Vivid HWE) vulnerability - 17th August 2015

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

CVE-2015-3212

USN-2717-1: Linux kernel (Utopic HWE) vulnerability - 17th August 2015

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

CVE-2015-3212

USN-2716-1: Linux kernel vulnerability - 17th August 2015

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

CVE-2015-3212

USN-2715-1: Linux kernel (Trusty HWE) vulnerability - 17th August 2015

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

CVE-2015-3212

USN-2714-1: Linux kernel (OMAP4) vulnerabilities - 17th August 2015

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2015-3212) A flaw was discovered in how the Linux ...

CVE-2015-3212 CVE-2015-5364 CVE-2015-5366

USN-2713-1: Linux kernel vulnerabilities - 17th August 2015

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2015-3212) A flaw was discovered in how the Linux ...

CVE-2015-3212 CVE-2015-5364 CVE-2015-5366

USN-2711-1: Net-SNMP vulnerabilities - 17th August 2015

It was discovered that Net-SNMP incorrectly handled certain trap messages when the -OQ option was used. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service. (CVE-2014-3565) Qinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing failures. A remote attacker could ...

CVE-2014-3565 CVE-2015-5621

USN-2710-1: OpenSSH vulnerabilities - 14th August 2015

Moritz Jodeit discovered that OpenSSH incorrectly handled usernames when using PAM authentication. If an additional vulnerability were discovered in the OpenSSH unprivileged child process, this issue could allow a remote attacker to perform user impersonation. (CVE number pending) Moritz Jodeit discovered that OpenSSH incorrectly handled context memory when using PAM ...

CVE-2015-5352 CVE-2015-5600

USN-2709-1: pollinate update - 14th August 2015

The pollinate package bundles the certificate for entropy.ubuntu.com. This update refreshes the certificate to match the new certificate for the server.

LP: 1483762

USN-2702-2: Ubufox update - 11th August 2015

USN-2702-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubufox. Original advisory details: Gary Kwong, Christian Holler, Byron Campen, Tyson Smith, Bobby Holley, Chris Coulson, and Eric Rahm discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, ...

LP: 1483858

USN-2702-1: Firefox vulnerabilities - 11th August 2015

Gary Kwong, Christian Holler, Byron Campen, Tyson Smith, Bobby Holley, Chris Coulson, and Eric Rahm discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or ...

CVE-2015-4473 CVE-2015-4474 CVE-2015-4475 CVE-2015-4477 CVE-2015-4478 CVE-2015-4479 CVE-2015-4480 CVE-2015-4484 CVE-2015-4485 CVE-2015-4486 CVE-2015-4487 CVE-2015-4488 CVE-2015-4489 CVE-2015-4490 CVE-2015-4491 CVE-2015-4492 CVE-2015-4493

USN-2707-1: Firefox vulnerability - 7th August 2015

Cody Crews discovered a way to violate the same-origin policy to inject script in to a non-privileged part of the PDF viewer. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to read sensitive information from local files. (CVE-2015-4495)

CVE-2015-4495

USN-2706-1: OpenJDK 6 vulnerabilities - 6th August 2015

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-2590, CVE-2015-2628, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4760, CVE-2015-4748) Several vulnerabilities were discovered in the cryptographic components of ...

CVE-2015-2590 CVE-2015-2601 CVE-2015-2621 CVE-2015-2625 CVE-2015-2628 CVE-2015-2632 CVE-2015-2808 CVE-2015-4000 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760

USN-2705-1: Keystone vulnerabilities - 5th August 2015

Qin Zhao discovered Keystone disabled certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate. (CVE-2014-7144) Brant Knudson discovered Keystone disabled certification verification when the "insecure" option is set in ...

CVE-2014-7144 CVE-2015-1852

USN-2704-1: Swift vulnerabilities - 5th August 2015

Rajaneesh Singh discovered Swift does not properly enforce metadata limits. An attacker could abuse this issue to store more metadata than allowed by policy. (CVE-2014-7960) Clay Gerrard discovered Swift allowed users to delete the latest version of object regardless of object permissions when allow_version is configured. An attacker could use ...

CVE-2014-7960 CVE-2015-1856

USN-2703-1: Cinder vulnerability - 5th August 2015

Bastian Blank discovered that Cinder guessed image formats based on untrusted data. An attacker could use this to read arbitrary files from the Cinder host.

CVE-2015-1851

USN-2677-1: Oxide vulnerabilities - 4th August 2015

An uninitialized value issue was discovered in ICU. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service. (CVE-2015-1270) A use-after-free was discovered in the GPU process implementation in Chromium. If a user were tricked in ...

CVE-2015-1270 CVE-2015-1272 CVE-2015-1276 CVE-2015-1277 CVE-2015-1280 CVE-2015-1281 CVE-2015-1283 CVE-2015-1284 CVE-2015-1285 CVE-2015-1287 CVE-2015-1289 CVE-2015-1329 CVE-2015-5605 LP: 1466208

USN-2699-1: HPLIP vulnerability - 30th July 2015

Enrico Zini discovered that HPLIP used a short GPG key ID when downloading keys from the keyserver. An attacker could possibly use this to return a different key with a duplicate short key id and perform a man-in-the-middle attack on printer plugin installations.

CVE-2015-0839

USN-2698-1: SQLite vulnerabilities - 30th July 2015

It was discovered that SQLite incorrectly handled skip-scan optimization. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2013-7443) Michal Zalewski discovered that SQLite incorrectly handled dequoting of ...

CVE-2013-7443 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416

USN-2697-1: Ghostscript vulnerability - 30th July 2015

William Robinet and Stefan Cornelius discovered that Ghostscript did not correctly handle certain Postscript files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause a denial of service or possibly execute arbitrary code.

CVE-2015-3228

USN-2696-1: OpenJDK 7 vulnerabilities - 30th July 2015

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-2590, CVE-2015-2628, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4760, CVE-2015-4748) Several vulnerabilities were discovered in the cryptographic components of ...

CVE-2015-2590 CVE-2015-2601 CVE-2015-2613 CVE-2015-2621 CVE-2015-2625 CVE-2015-2628 CVE-2015-2632 CVE-2015-2808 CVE-2015-4000 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/LogJam

USN-2695-1: HTML Tidy vulnerabilities - 29th July 2015

Fernando Muñoz discovered that HTML Tidy incorrectly handled memory. If a user or automated system were tricked into processing specially crafted data, applications linked against HTML Tidy could be made to crash, leading to a denial of service, or possibly execute arbitrary code.

CVE-2015-5522 CVE-2015-5523

USN-2694-1: PCRE vulnerabilities - 29th July 2015

Michele Spagnuolo discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-8964) Kai Lu discovered that PCRE incorrectly handled ...

CVE-2014-8964 CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073

USN-2693-1: Bind vulnerabilities - 28th July 2015

Jonathan Foote discovered that Bind incorrectly handled certain TKEY queries. A remote attacker could use this issue with a specially crafted packet to cause Bind to crash, resulting in a denial of service. (CVE-2015-5477) Pories Ediansyah discovered that Bind incorrectly handled certain configurations involving DNS64. A remote attacker could use ...

CVE-2012-5689 CVE-2015-5477

USN-2692-1: QEMU vulnerabilities - 28th July 2015

Matt Tait discovered that QEMU incorrectly handled PIT emulation. In a non-default configuration, a malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with ...

CVE-2015-3214 CVE-2015-5154 CVE-2015-5158

USN-2691-1: Linux kernel vulnerabilities - 28th July 2015

Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-3290) Colin King discovered a flaw in the add_key function of the Linux kernel's ...

CVE-2015-1333 CVE-2015-3290 CVE-2015-3291 CVE-2015-5157

USN-2690-1: Linux kernel (Vivid HWE) vulnerabilities - 28th July 2015

Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-3290) Colin King discovered a flaw in the add_key function of the Linux kernel's ...

CVE-2015-1333 CVE-2015-3290 CVE-2015-3291 CVE-2015-5157

USN-2689-1: Linux kernel (Utopic HWE) vulnerabilities - 28th July 2015

Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-3290) Colin King discovered a flaw in the add_key function of the Linux kernel's ...

CVE-2015-1333 CVE-2015-3290 CVE-2015-3291 CVE-2015-5157

USN-2688-1: Linux kernel vulnerabilities - 28th July 2015

Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-3290) Colin King discovered a flaw in the add_key function of the Linux kernel's ...

CVE-2015-1333 CVE-2015-3290 CVE-2015-3291 CVE-2015-5157

USN-2687-1: Linux kernel (Trusty HWE) vulnerabilities - 28th July 2015

Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-3290) Colin King discovered a flaw in the add_key function of the Linux kernel's ...

CVE-2015-1333 CVE-2015-3290 CVE-2015-3291 CVE-2015-5157

USN-2686-1: Apache HTTP Server vulnerabilities - 27th July 2015

It was discovered that the Apache HTTP Server incorrectly parsed chunk headers. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks. (CVE-2015-3183) It was discovered that the Apache HTTP Server incorrectly handled the ap_some_auth_required API. A remote attacker could possibly use this issue to bypass ...

CVE-2015-3183 CVE-2015-3185

USN-2684-1: Linux kernel vulnerabilities - 23rd July 2015

A flaw was discovered in the kvm (kernel virtual machine) subsystem's kvm_apic_has_events function. A unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2015-4692) Daniel Borkmann reported a kernel crash in the Linux kernel's BPF filter JIT optimization. A local attacker could exploit this ...

CVE-2015-4692 CVE-2015-4700 CVE-2015-5364 CVE-2015-5366

USN-2683-1: Linux kernel (Vivid HWE) vulnerabilities - 23rd July 2015

A flaw was discovered in the kvm (kernel virtual machine) subsystem's kvm_apic_has_events function. A unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2015-4692) Daniel Borkmann reported a kernel crash in the Linux kernel's BPF filter JIT optimization. A local attacker could exploit this ...

CVE-2015-4692 CVE-2015-4700 CVE-2015-5364 CVE-2015-5366

USN-2682-1: Linux kernel (Utopic HWE) vulnerabilities - 23rd July 2015

A flaw was discovered in the kvm (kernel virtual machine) subsystem's kvm_apic_has_events function. A unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2015-4692) A flaw was discovered in how the Linux kernel handles invalid UDP checksums. A remote attacker could exploit this flaw ...

CVE-2015-4692 CVE-2015-5364 CVE-2015-5366

USN-2681-1: Linux kernel vulnerabilities - 23rd July 2015

A flaw was discovered in the user space memory copying for the pipe iovecs in the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-1805) A flaw was discovered in the kvm (kernel virtual machine) ...

CVE-2015-1805 CVE-2015-4692 CVE-2015-4700 CVE-2015-5364 CVE-2015-5366 CVE-2015-5706

USN-2680-1: Linux kernel (Trusty HWE) vulnerabilities - 23rd July 2015

A flaw was discovered in the user space memory copying for the pipe iovecs in the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-1805) A flaw was discovered in the kvm (kernel virtual machine) ...

CVE-2015-1805 CVE-2015-4692 CVE-2015-4700 CVE-2015-5364 CVE-2015-5366 CVE-2015-5706

USN-2679-1: Linux kernel (OMAP4) vulnerabilities - 23rd July 2015

A flaw was discovered in the user space memory copying for the pipe iovecs in the Linux kernel. An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-1805) Daniel Borkmann reported a kernel crash in the Linux kernel's ...

CVE-2015-1805 CVE-2015-4700

Showing page 1 of 61   Next >
Show: All