Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Showing page 1 of 70   Next >
Show: All  

USN-3069-1: Eye of GNOME vulnerability - 25th August 2016

It was discovered that Eye of GNOME incorrectly handled certain invalid UTF-8 strings. If a user were tricked into opening a specially-crafted image, a remote attacker could use this issue to cause Eye of GNOME to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2016-6855

USN-3067-1: HarfBuzz vulnerabilities - 24th August 2016

Kostya Serebryany discovered that HarfBuzz incorrectly handled memory. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-8947) It was discovered that HarfBuzz incorrectly handled certain length checks. A remote attacker could use this issue to ...

CVE-2015-8947 CVE-2016-2052

USN-3068-1: Libidn vulnerabilities - 24th August 2016

Thijs Alkemade, Gustavo Grieco, Daniel Stenberg, and Nikos Mavrogiannopoulos discovered that Libidn incorrectly handled invalid UTF-8 characters. A remote attacker could use this issue to cause Libidn to crash, resulting in a denial of service, or possibly disclose sensitive memory. This issue only applied to Ubuntu 12.04 LTS and Ubuntu ...

CVE-2015-2059 CVE-2015-8948 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263

USN-3066-1: PostgreSQL vulnerabilities - 18th August 2016

Heikki Linnakangas discovered that PostgreSQL incorrectly handled certain nested CASE/WHEN expressions. A remote attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. (CVE-2016-5423) Nathan Bossart discovered that PostgreSQL incorrectly handled special characters in database and role names. A remote attacker could possibly ...

CVE-2016-5423 CVE-2016-5424

USN-3065-1: Libgcrypt vulnerability - 18th August 2016

Felix Dörre and Vladimir Klebanov discovered that Libgcrypt incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.

CVE-2016-6313

USN-3064-1: GnuPG vulnerability - 18th August 2016

Felix Dörre and Vladimir Klebanov discovered that GnuPG incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.

CVE-2016-6313

USN-3063-1: Fontconfig vulnerability - 17th August 2016

Tobias Stoeckmann discovered that Fontconfig incorrectly handled cache files. A local attacker could possibly use this issue with a specially crafted cache file to elevate privileges.

CVE-2016-5384

USN-3062-1: OpenJDK 7 vulnerabilities - 16th August 2016

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. (CVE-2016-3598, CVE-2016-3606, CVE-2016-3610) A vulnerability was discovered in the OpenJDK JRE related ...

CVE-2016-3458 CVE-2016-3500 CVE-2016-3508 CVE-2016-3550 CVE-2016-3598 CVE-2016-3606 CVE-2016-3610

USN-3061-1: OpenSSH vulnerabilities - 15th August 2016

Eddie Harari discovered that OpenSSH incorrectly handled password hashing when authenticating non-existing users. A remote attacker could perform a timing attack and enumerate valid users. (CVE-2016-6210) Tomas Kuthan, Andres Rojas, and Javier Nieto discovered that OpenSSH did not limit password lengths. A remote attacker could use this issue to cause ...

CVE-2016-6210 CVE-2016-6515

USN-3047-2: QEMU regression - 12th August 2016

USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403 caused a regression which resulted in save/restore failures when virtio memory balloon statistics are enabled. This update temporarily reverts the security fix for CVE-2016-5403 pending further investigation. We apologize for the inconvenience. Original advisory details: Li Qiang discovered that QEMU ...

LP: 1612089

USN-3060-1: GD library vulnerabilities - 10th August 2016

It was discovered that the GD library incorrectly handled certain malformed TGA images. If a user or automated system were tricked into processing a specially crafted TGA image, an attacker could cause a denial of service. (CVE-2016-6132, CVE-2016-6214) It was discovered that the GD library incorrectly handled memory when using ...

CVE-2016-6132 CVE-2016-6207 CVE-2016-6214

USN-3059-1: xmlrpc-epi vulnerability - 10th August 2016

It was discovered that xmlrpc-epi incorrectly handled lengths in the simplestring_addn function. A remote attacker could use this issue to cause applications using xmlrpc-epi such as PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2016-6296

USN-3057-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities - 10th August 2016

Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3135) It was discovered that the keyring implementation in the ...

CVE-2016-3135 CVE-2016-4470 CVE-2016-4794 CVE-2016-5243

USN-3056-1: Linux kernel (Raspberry Pi 2) vulnerabilities - 10th August 2016

Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3135) It was discovered that the keyring implementation in the ...

CVE-2016-3135 CVE-2016-4470 CVE-2016-4794 CVE-2016-5243

USN-3055-1: Linux kernel vulnerabilities - 10th August 2016

Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3135) It was discovered that the keyring implementation in the ...

CVE-2016-3135 CVE-2016-4470 CVE-2016-4794 CVE-2016-5243

USN-3054-1: Linux kernel (Xenial HWE) vulnerabilities - 10th August 2016

Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3135) It was discovered that the keyring implementation in the ...

CVE-2016-3135 CVE-2016-4470 CVE-2016-4794 CVE-2016-5243

USN-3053-1: Linux kernel (Vivid HWE) vulnerabilities - 10th August 2016

A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. (CVE-2016-1237) It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing ...

CVE-2016-1237 CVE-2016-4470 CVE-2016-4794 CVE-2016-5243

USN-3052-1: Linux kernel vulnerabilities - 10th August 2016

It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-4470) Kangjie Lu discovered an information leak in the ...

CVE-2016-4470 CVE-2016-5243

USN-3051-1: Linux kernel (Trusty HWE) vulnerabilities - 10th August 2016

It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-4470) Kangjie Lu discovered an information leak in the ...

CVE-2016-4470 CVE-2016-5243

USN-3050-1: Linux kernel (OMAP4) vulnerabilities - 10th August 2016

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134) Vitaly Kuznetsov discovered that the Linux kernel did not ...

CVE-2016-3134 CVE-2016-3961 CVE-2016-4470 CVE-2016-5243

USN-3049-1: Linux kernel vulnerabilities - 10th August 2016

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134) Vitaly Kuznetsov discovered that the Linux kernel did not ...

CVE-2016-3134 CVE-2016-3961 CVE-2016-4470 CVE-2016-5243

USN-3048-1: curl vulnerabilities - 8th August 2016

Bru Rom discovered that curl incorrectly handled client certificates when resuming a TLS session. (CVE-2016-5419) It was discovered that curl incorrectly handled client certificates when reusing TLS connections. (CVE-2016-5420) Marcelo Echeverria and Fernando Muñoz discovered that curl incorrectly reused a connection struct, contrary to expectations. This issue only applied to ...

CVE-2016-5419 CVE-2016-5420 CVE-2016-5421

USN-3041-1: Oxide vulnerabilities - 5th August 2016

Multiple security issues were discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read uninitialized memory, cause a denial of service (application crash) or execute arbitrary code. (CVE-2016-1705) It was discovered that the PPAPI implementation does not ...

CVE-2016-1705 CVE-2016-1706 CVE-2016-1710 CVE-2016-1711 CVE-2016-5127 CVE-2016-5128 CVE-2016-5129 CVE-2016-5130 CVE-2016-5131 CVE-2016-5132 CVE-2016-5133 CVE-2016-5134 CVE-2016-5135 CVE-2016-5137

USN-3044-1: Firefox vulnerabilities - 5th August 2016

Gustavo Grieco discovered an out-of-bounds read during XML parsing in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or obtain sensitive information. (CVE-2016-0718) Toni Huttunen discovered that once a ...

CVE-2016-0718 CVE-2016-2830 CVE-2016-2835 CVE-2016-2836 CVE-2016-2837 CVE-2016-2838 CVE-2016-2839 CVE-2016-5250 CVE-2016-5251 CVE-2016-5252 CVE-2016-5254 CVE-2016-5255 CVE-2016-5258 CVE-2016-5259 CVE-2016-5260 CVE-2016-5261 CVE-2016-5262 CVE-2016-5263 CVE-2016-5264 CVE-2016-5265 CVE-2016-5266 CVE-2016-5268

USN-3047-1: QEMU vulnerabilities - 4th August 2016

Li Qiang discovered that QEMU incorrectly handled 53C9X Fast SCSI controller emulation. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with ...

CVE-2016-4439 CVE-2016-4441 CVE-2016-4453 CVE-2016-4454 CVE-2016-4952 CVE-2016-5105 CVE-2016-5106 CVE-2016-5107 CVE-2016-5126 CVE-2016-5238 CVE-2016-5337 CVE-2016-5338 CVE-2016-5403 CVE-2016-6351

USN-3046-1: LibreOffice vulnerability - 4th August 2016

Yves Younan and Richard Johnson discovered that LibreOffice incorrectly handled presentation files. If a user were tricked into opening a specially crafted presentation file, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code.

CVE-2016-1513

USN-3045-1: PHP vulnerabilities - 2nd August 2016

It was discovered that PHP incorrectly handled certain SplMinHeap::compare operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-4116) It was discovered that PHP ...

CVE-2015-4116 CVE-2015-8873 CVE-2015-8876 CVE-2015-8935 CVE-2016-5093 CVE-2016-5094 CVE-2016-5095 CVE-2016-5096 CVE-2016-5114 CVE-2016-5385 CVE-2016-5399 CVE-2016-5768 CVE-2016-5769 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 CVE-2016-6288 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-6297

USN-3043-1: OpenJDK 8 vulnerabilities - 27th July 2016

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. (CVE-2016-3587, CVE-2016-3598, CVE-2016-3606, CVE-2016-3610) A vulnerability was discovered in the OpenJDK JRE ...

CVE-2016-3458 CVE-2016-3500 CVE-2016-3508 CVE-2016-3550 CVE-2016-3587 CVE-2016-3598 CVE-2016-3606 CVE-2016-3610

USN-3042-1: KDE-Libs vulnerability - 26th July 2016

Andreas Cord-Landwehr discovered that KDE-Libs incorrectly handled extracting certain archives. If a user were tricked into extracting a specially-crafted archive, a remote attacker could use this issue to overwrite arbitrary files out of the extraction directory.

CVE-2016-6232

USN-3040-1: MySQL vulnerabilities - 21st July 2016

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.50 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.10 has been updated to MySQL 5.6.31. Ubuntu 16.04 LTS has been updated to MySQL 5.7.13. ...

CVE-2016-3424 CVE-2016-3459 CVE-2016-3477 CVE-2016-3486 CVE-2016-3501 CVE-2016-3518 CVE-2016-3521 CVE-2016-3588 CVE-2016-3614 CVE-2016-3615 CVE-2016-5436 CVE-2016-5437 CVE-2016-5439 CVE-2016-5440 CVE-2016-5441 CVE-2016-5442 CVE-2016-5443

USN-3039-1: Django vulnerability - 19th July 2016

It was discovered that Django incorrectly handled the admin's add/change related popup. A remote attacker could possibly use this issue to perform a cross-site scripting attack.

CVE-2016-6186

USN-3038-1: Apache HTTP Server vulnerability - 18th July 2016

It was discovered that the Apache HTTP Server would set the HTTP_PROXY environment variable based on the contents of the Proxy header from HTTP requests. A remote attacker could possibly use this issue in combination with CGI scripts that honour the HTTP_PROXY variable to redirect outgoing HTTP requests.

CVE-2016-5387

USN-3023-1: Thunderbird vulnerabilities - 18th July 2016

It was discovered that NSPR incorrectly handled memory allocation. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-1951) Christian Holler, Gary Kwong, Jesse Ruderman, Tyson Smith, Timothy ...

CVE-2016-1951 CVE-2016-2818

USN-3037-1: Linux kernel (Vivid HWE) vulnerability - 14th July 2016

Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O (AIO) ring buffer to the other nodes. A local attacker could use this to cause a denial of service (system crash).

CVE-2016-3070

USN-3036-1: Linux kernel (Utopic HWE) vulnerability - 14th July 2016

Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O (AIO) ring buffer to the other nodes. A local attacker could use this to cause a denial of service (system crash).

CVE-2016-3070

USN-3035-3: Linux kernel (Wily HWE) vulnerability - 14th July 2016

USN-3035-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 15.10 for Ubuntu 14.04 LTS. Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O ...

CVE-2016-3070

USN-3035-2: Linux kernel (Raspberry Pi 2) vulnerability - 14th July 2016

Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O (AIO) ring buffer to the other nodes. A local attacker could use this to cause a denial of service (system crash).

CVE-2016-3070

USN-3035-1: Linux kernel vulnerability - 14th July 2016

Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O (AIO) ring buffer to the other nodes. A local attacker could use this to cause a denial of service (system crash).

CVE-2016-3070

USN-3034-2: Linux kernel (Trusty HWE) vulnerability - 14th July 2016

USN-3034-1 fixed a vulnerability in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by ...

CVE-2016-3070

USN-3034-1: Linux kernel vulnerability - 14th July 2016

Jan Stancek discovered that the Linux kernel's memory manager did not properly handle moving pages mapped by the asynchronous I/O (AIO) ring buffer to the other nodes. A local attacker could use this to cause a denial of service (system crash).

CVE-2016-3070

USN-3033-1: libarchive vulnerabilities - 14th July 2016

Hanno Böck discovered that libarchive contained multiple security issues when processing certain malformed archive files. A remote attacker could use this issue to cause libarchive to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-8916, CVE-2015-8917 CVE-2015-8919, CVE-2015-8920, CVE-2015-8921, CVE-2015-8922, CVE-2015-8923, CVE-2015-8924, CVE-2015-8925, CVE-2015-8926, CVE-2015-8928, CVE-2015-8930, ...

CVE-2015-8916 CVE-2015-8917 CVE-2015-8919 CVE-2015-8920 CVE-2015-8921 CVE-2015-8922 CVE-2015-8923 CVE-2015-8924 CVE-2015-8925 CVE-2015-8926 CVE-2015-8928 CVE-2015-8930 CVE-2015-8931 CVE-2015-8932 CVE-2015-8933 CVE-2015-8934 CVE-2016-4300 CVE-2016-4302 CVE-2016-4809 CVE-2016-5844

USN-3032-1: eCryptfs vulnerability - 14th July 2016

It was discovered that eCryptfs incorrectly configured the encrypted swap partition for certain drive types. An attacker could use this issue to discover sensitive information.

CVE-2016-6224

USN-3031-1: Pidgin vulnerabilities - 12th July 2016

Yves Younan discovered that Pidgin contained multiple issues in the MXit protocol support. A remote attacker could use this issue to cause Pidgin to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2016-2365 CVE-2016-2366 CVE-2016-2367 CVE-2016-2368 CVE-2016-2369 CVE-2016-2370 CVE-2016-2371 CVE-2016-2372 CVE-2016-2373 CVE-2016-2374 CVE-2016-2375 CVE-2016-2376 CVE-2016-2377 CVE-2016-2378 CVE-2016-2380 CVE-2016-4323

USN-3030-1: GD library vulnerabilities - 11th July 2016

It was discovered that the GD library incorrectly handled memory when using gdImageScaleTwoPass(). A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. (CVE-2013-7456) It was discovered that the GD library incorrectly handled certain malformed XBM images. If a ...

CVE-2013-7456 CVE-2016-5116 CVE-2016-5766 CVE-2016-6128 CVE-2016-6161

USN-3029-1: NSS vulnerability - 11th July 2016

Tyson Smith and Jed Davis discovered that NSS incorrectly handled memory. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. This update refreshes the NSS package to version 3.23 which includes the latest CA certificate bundle. ...

CVE-2016-2834

USN-3028-1: NSPR vulnerability - 11th July 2016

It was discovered that NSPR incorrectly handled memory allocation. A remote attacker could use this issue to cause NSPR to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2016-1951

USN-3027-1: Tomcat vulnerability - 6th July 2016

It was discovered that the Tomcat Fileupload library incorrectly handled certain upload requests. A remote attacker could possibly use this issue to cause a denial of service.

CVE-2016-3092

USN-3026-2: libusbmuxd vulnerability - 5th July 2016

It was discovered that libusbmuxd incorrectly handled socket permissions. A remote attacker could use this issue to access services on iOS devices, contrary to expectations.

CVE-2016-5104

USN-3026-1: libimobiledevice vulnerability - 5th July 2016

It was discovered that libimobiledevice incorrectly handled socket permissions. A remote attacker could use this issue to access services on iOS devices, contrary to expectations.

CVE-2016-5104

USN-3025-1: GIMP vulnerability - 5th July 2016

It was discovered that GIMP incorrectly handled malformed XCF files. If a user were tricked into opening a specially crafted XCF file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges.

CVE-2016-4994

Showing page 1 of 70   Next >
Show: All