Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Showing page 1 of 70   Next >
Show: All  

USN-3087-2: OpenSSL regression - 23rd September 2016

USN-3087-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Shi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request extension. A remote attacker could possibly use this ...

LP: 1626883

USN-3087-1: OpenSSL vulnerabilities - 22nd September 2016

Shi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request extension. A remote attacker could possibly use this issue to cause memory consumption, resulting in a denial of service. (CVE-2016-6304) Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this ...

CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306

USN-3073-1: Thunderbird vulnerabilities - 22nd September 2016

Christian Holler, Carsten Book, Gary Kwong, Jesse Ruderman, Andrew McCreight, and Phil Ringnalda discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary ...

CVE-2016-2836

USN-3076-1: Firefox vulnerabilities - 22nd September 2016

Atte Kettunen discovered an out-of-bounds read when handling certain Content Security Policy (CSP) directives in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2016-2827) Christoph Diehl, Christian Holler, Gary ...

CVE-2016-2827 CVE-2016-5256 CVE-2016-5257 CVE-2016-5270 CVE-2016-5271 CVE-2016-5272 CVE-2016-5273 CVE-2016-5274 CVE-2016-5275 CVE-2016-5276 CVE-2016-5277 CVE-2016-5278 CVE-2016-5279 CVE-2016-5280 CVE-2016-5281 CVE-2016-5282 CVE-2016-5283 CVE-2016-5284

USN-3085-1: GDK-PixBuf vulnerabilities - 21st September 2016

It was discovered that the GDK-PixBuf library did not properly handle specially crafted bmp images, leading to a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted bmp file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in ...

CVE-2015-7552 CVE-2015-8875 CVE-2016-6352

USN-3086-1: Irssi vulnerabilities - 21st September 2016

Gabriel Campana and Adrien Guinet discovered that the format parsing code in Irssi did not properly verify 24bit color codes. A remote attacker could use this to cause a denial of service (application crash). (CVE-2016-7044) Gabriel Campana and Adrien Guinet discovered that a buffer overflow existed in the format parsing ...

CVE-2016-7044 CVE-2016-7045

USN-3084-4: Linux kernel (Qualcomm Snapdragon) vulnerabilities - 19th September 2016

Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. (CVE-2016-6136) It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state ...

CVE-2016-5412 CVE-2016-6136 CVE-2016-6156

USN-3084-3: Linux kernel (Raspberry Pi 2) vulnerabilities - 19th September 2016

Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. (CVE-2016-6136) It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state ...

CVE-2016-5412 CVE-2016-6136 CVE-2016-6156

USN-3084-2: Linux kernel (Xenial HWE) vulnerabilities - 19th September 2016

USN-3084-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could ...

CVE-2016-5412 CVE-2016-6136 CVE-2016-6156

USN-3084-1: Linux kernel vulnerabilities - 19th September 2016

Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. (CVE-2016-6136) It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state ...

CVE-2016-5412 CVE-2016-6136 CVE-2016-6156

USN-3083-2: Linux kernel (Trusty HWE) vulnerabilities - 19th September 2016

USN-3083-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Dmitry Vyukov discovered that the IPv6 implementation in the Linux kernel did not properly handle options data, including ...

CVE-2015-8767 CVE-2016-3841

USN-3083-1: Linux kernel vulnerabilities - 19th September 2016

Dmitry Vyukov discovered that the IPv6 implementation in the Linux kernel did not properly handle options data, including a use-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-3841) It was discovered that a race condition existed when handling ...

CVE-2015-8767 CVE-2016-3841

USN-3082-2: Linux kernel (OMAP4) vulnerability - 19th September 2016

Chiachih Wu, Yuan-Tsung Lo, and Xuxian Jiang discovered that the legacy ABI for ARM (OABI) had incomplete access checks for epoll_wait(2) and semtimedop(2). A local attacker could use this to possibly execute arbitrary code.

CVE-2016-3857

USN-3082-1: Linux kernel vulnerability - 19th September 2016

Chiachih Wu, Yuan-Tsung Lo, and Xuxian Jiang discovered that the legacy ABI for ARM (OABI) had incomplete access checks for epoll_wait(2) and semtimedop(2). A local attacker could use this to possibly execute arbitrary code.

CVE-2016-3857

USN-3081-1: Tomcat vulnerability - 19th September 2016

Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges. (CVE-2016-1240) This update also reverts a change in behaviour introduced in USN-3024-1 by setting mapperContextRootRedirectEnabled to True by default.

CVE-2016-1240 LP: 1609819

USN-3080-1: Python Imaging Library vulnerabilities - 15th September 2016

Eric Soroos discovered that the Python Imaging Library incorrectly handled certain malformed FLI or PhotoCD files. A remote attacker could use this issue to cause Python Imaging Library to crash, resulting in a denial of service. (CVE-2016-0775, CVE-2016-2533) Andrew Drake discovered that the Python Imaging Libray incorrectly validated input. A ...

CVE-2014-3589 CVE-2016-0775 CVE-2016-2533

USN-3058-1: Oxide vulnerabilities - 14th September 2016

An issue was discovered in Blink involving the provisional URL for an initially empty document. An attacker could potentially exploit this to spoof the currently displayed URL. (CVE-2016-5141) A use-after-free was discovered in the WebCrypto implementation in Blink. If a user were tricked in to opening a specially crafted website, ...

CVE-2016-5141 CVE-2016-5142 CVE-2016-5143 CVE-2016-5144 CVE-2016-5145 CVE-2016-5146 CVE-2016-5147 CVE-2016-5148 CVE-2016-5150 CVE-2016-5153 CVE-2016-5155 CVE-2016-5156 CVE-2016-5161 CVE-2016-5164 CVE-2016-5165 CVE-2016-5167

USN-3079-1: WebKitGTK+ vulnerabilities - 14th September 2016

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code ...

CVE-2016-1854 CVE-2016-1856 CVE-2016-1857 CVE-2016-1858 CVE-2016-1859 CVE-2016-4583 CVE-2016-4585 CVE-2016-4586 CVE-2016-4588 CVE-2016-4589 CVE-2016-4590 CVE-2016-4591 CVE-2016-4622 CVE-2016-4623 CVE-2016-4624 CVE-2016-4651

USN-3078-1: MySQL vulnerability - 13th September 2016

Dawid Golunski discovered that MySQL incorrectly handled configuration files. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. MySQL has been updated to 5.5.52 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 16.04 LTS has been updated to MySQL 5.7.15. In addition to ...

CVE-2016-6662

USN-3077-1: OpenJDK 6 vulnerabilities - 12th September 2016

A vulnerability was discovered in the OpenJDK JRE related to data integrity. An attacker could exploit this to expose sensitive data over the network or possibly execute arbitrary code. (CVE-2016-3458) Multiple vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial ...

CVE-2016-3458 CVE-2016-3500 CVE-2016-3508 CVE-2016-3550 CVE-2016-3606

USN-3075-1: Imlib2 vulnerabilities - 8th September 2016

Jakub Wilk discovered an out of bounds read in the GIF loader implementation in Imlib2. An attacker could use this to cause a denial of service (application crash) or possibly obtain sensitive information. (CVE-2016-3994) Yuriy M. Kaminskiy discovered an off-by-one error when handling coordinates in Imlib2. An attacker could use ...

CVE-2011-5326 CVE-2014-9762 CVE-2014-9763 CVE-2014-9764 CVE-2014-9771 CVE-2016-3993 CVE-2016-3994 CVE-2016-4024

USN-3074-1: File Roller vulnerability - 8th September 2016

It was discovered that File Roller incorrectly handled symlinks. If a user were tricked into extracting a specially-crafted archive, an attacker could delete files outside of the extraction directory.

CVE-2016-7162 LP: 1171236

USN-3070-4: Linux kernel (Xenial HWE) vulnerabilities - 30th August 2016

USN-3070-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw ...

CVE-2016-1237 CVE-2016-5244 CVE-2016-5400 CVE-2016-5696 CVE-2016-5728 CVE-2016-5828 CVE-2016-5829 CVE-2016-6197

USN-3070-3: Linux kernel (Qualcomm Snapdragon) vulnerabilities - 30th August 2016

A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. (CVE-2016-1237) Kangjie Lu discovered an information leak in the Reliable Datagram Sockets (RDS) implementation in the Linux kernel. A local attacker could ...

CVE-2016-1237 CVE-2016-5244 CVE-2016-5400 CVE-2016-5696 CVE-2016-5728 CVE-2016-5828 CVE-2016-5829 CVE-2016-6197

USN-3070-2: Linux kernel (Raspberry Pi 2) vulnerabilities - 30th August 2016

A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. (CVE-2016-1237) Kangjie Lu discovered an information leak in the Reliable Datagram Sockets (RDS) implementation in the Linux kernel. A local attacker could ...

CVE-2016-1237 CVE-2016-5244 CVE-2016-5400 CVE-2016-5696 CVE-2016-5728 CVE-2016-5828 CVE-2016-5829 CVE-2016-6197

USN-3072-2: Linux kernel (OMAP4) vulnerabilities - 29th August 2016

Kangjie Lu discovered an information leak in the Reliable Datagram Sockets (RDS) implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-5244) Yue Cao et al discovered a flaw in the TCP implementation's handling of challenge acks in the Linux ...

CVE-2016-5244 CVE-2016-5696 CVE-2016-5829

USN-3072-1: Linux kernel vulnerabilities - 29th August 2016

Kangjie Lu discovered an information leak in the Reliable Datagram Sockets (RDS) implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-5244) Yue Cao et al discovered a flaw in the TCP implementation's handling of challenge acks in the Linux ...

CVE-2016-5244 CVE-2016-5696 CVE-2016-5829

USN-3071-2: Linux kernel (Trusty HWE) vulnerabilities - 29th August 2016

USN-3071-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Kangjie Lu discovered an information leak in the Reliable Datagram Sockets (RDS) implementation in the Linux kernel. A ...

CVE-2016-5244 CVE-2016-5696 CVE-2016-5728 CVE-2016-5828 CVE-2016-5829

USN-3071-1: Linux kernel vulnerabilities - 29th August 2016

Kangjie Lu discovered an information leak in the Reliable Datagram Sockets (RDS) implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-5244) Yue Cao et al discovered a flaw in the TCP implementation's handling of challenge acks in the Linux ...

CVE-2016-5244 CVE-2016-5696 CVE-2016-5728 CVE-2016-5828 CVE-2016-5829

USN-3070-1: Linux kernel vulnerabilities - 29th August 2016

A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. (CVE-2016-1237) Kangjie Lu discovered an information leak in the Reliable Datagram Sockets (RDS) implementation in the Linux kernel. A local attacker could ...

CVE-2016-1237 CVE-2016-5244 CVE-2016-5400 CVE-2016-5696 CVE-2016-5728 CVE-2016-5828 CVE-2016-5829 CVE-2016-6197

USN-3069-1: Eye of GNOME vulnerability - 25th August 2016

It was discovered that Eye of GNOME incorrectly handled certain invalid UTF-8 strings. If a user were tricked into opening a specially-crafted image, a remote attacker could use this issue to cause Eye of GNOME to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2016-6855

USN-3067-1: HarfBuzz vulnerabilities - 24th August 2016

Kostya Serebryany discovered that HarfBuzz incorrectly handled memory. A remote attacker could use this issue to cause HarfBuzz to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-8947) It was discovered that HarfBuzz incorrectly handled certain length checks. A remote attacker could use this issue to ...

CVE-2015-8947 CVE-2016-2052

USN-3068-1: Libidn vulnerabilities - 24th August 2016

Thijs Alkemade, Gustavo Grieco, Daniel Stenberg, and Nikos Mavrogiannopoulos discovered that Libidn incorrectly handled invalid UTF-8 characters. A remote attacker could use this issue to cause Libidn to crash, resulting in a denial of service, or possibly disclose sensitive memory. This issue only applied to Ubuntu 12.04 LTS and Ubuntu ...

CVE-2015-2059 CVE-2015-8948 CVE-2016-6261 CVE-2016-6262 CVE-2016-6263

USN-3066-1: PostgreSQL vulnerabilities - 18th August 2016

Heikki Linnakangas discovered that PostgreSQL incorrectly handled certain nested CASE/WHEN expressions. A remote attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. (CVE-2016-5423) Nathan Bossart discovered that PostgreSQL incorrectly handled special characters in database and role names. A remote attacker could possibly ...

CVE-2016-5423 CVE-2016-5424

USN-3065-1: Libgcrypt vulnerability - 18th August 2016

Felix Dörre and Vladimir Klebanov discovered that Libgcrypt incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.

CVE-2016-6313

USN-3064-1: GnuPG vulnerability - 18th August 2016

Felix Dörre and Vladimir Klebanov discovered that GnuPG incorrectly handled mixing functions in the random number generator. An attacker able to obtain 4640 bits from the RNG can trivially predict the next 160 bits of output.

CVE-2016-6313

USN-3063-1: Fontconfig vulnerability - 17th August 2016

Tobias Stoeckmann discovered that Fontconfig incorrectly handled cache files. A local attacker could possibly use this issue with a specially crafted cache file to elevate privileges.

CVE-2016-5384

USN-3062-1: OpenJDK 7 vulnerabilities - 16th August 2016

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service, expose sensitive data over the network, or possibly execute arbitrary code. (CVE-2016-3598, CVE-2016-3606, CVE-2016-3610) A vulnerability was discovered in the OpenJDK JRE related ...

CVE-2016-3458 CVE-2016-3500 CVE-2016-3508 CVE-2016-3550 CVE-2016-3598 CVE-2016-3606 CVE-2016-3610

USN-3061-1: OpenSSH vulnerabilities - 15th August 2016

Eddie Harari discovered that OpenSSH incorrectly handled password hashing when authenticating non-existing users. A remote attacker could perform a timing attack and enumerate valid users. (CVE-2016-6210) Tomas Kuthan, Andres Rojas, and Javier Nieto discovered that OpenSSH did not limit password lengths. A remote attacker could use this issue to cause ...

CVE-2016-6210 CVE-2016-6515

USN-3047-2: QEMU regression - 12th August 2016

USN-3047-1 fixed vulnerabilities in QEMU. The patch to fix CVE-2016-5403 caused a regression which resulted in save/restore failures when virtio memory balloon statistics are enabled. This update temporarily reverts the security fix for CVE-2016-5403 pending further investigation. We apologize for the inconvenience. Original advisory details: Li Qiang discovered that QEMU ...

LP: 1612089

USN-3060-1: GD library vulnerabilities - 10th August 2016

It was discovered that the GD library incorrectly handled certain malformed TGA images. If a user or automated system were tricked into processing a specially crafted TGA image, an attacker could cause a denial of service. (CVE-2016-6132, CVE-2016-6214) It was discovered that the GD library incorrectly handled memory when using ...

CVE-2016-6132 CVE-2016-6207 CVE-2016-6214

USN-3059-1: xmlrpc-epi vulnerability - 10th August 2016

It was discovered that xmlrpc-epi incorrectly handled lengths in the simplestring_addn function. A remote attacker could use this issue to cause applications using xmlrpc-epi such as PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2016-6296

USN-3057-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities - 10th August 2016

Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3135) It was discovered that the keyring implementation in the ...

CVE-2016-3135 CVE-2016-4470 CVE-2016-4794 CVE-2016-5243

USN-3056-1: Linux kernel (Raspberry Pi 2) vulnerabilities - 10th August 2016

Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3135) It was discovered that the keyring implementation in the ...

CVE-2016-3135 CVE-2016-4470 CVE-2016-4794 CVE-2016-5243

USN-3055-1: Linux kernel vulnerabilities - 10th August 2016

Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3135) It was discovered that the keyring implementation in the ...

CVE-2016-3135 CVE-2016-4470 CVE-2016-4794 CVE-2016-5243

USN-3054-1: Linux kernel (Xenial HWE) vulnerabilities - 10th August 2016

Ben Hawkes discovered an integer overflow in the Linux netfilter implementation. On systems running 32 bit kernels, a local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3135) It was discovered that the keyring implementation in the ...

CVE-2016-3135 CVE-2016-4470 CVE-2016-4794 CVE-2016-5243

USN-3053-1: Linux kernel (Vivid HWE) vulnerabilities - 10th August 2016

A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. (CVE-2016-1237) It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing ...

CVE-2016-1237 CVE-2016-4470 CVE-2016-4794 CVE-2016-5243

USN-3052-1: Linux kernel vulnerabilities - 10th August 2016

It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-4470) Kangjie Lu discovered an information leak in the ...

CVE-2016-4470 CVE-2016-5243

USN-3051-1: Linux kernel (Trusty HWE) vulnerabilities - 10th August 2016

It was discovered that the keyring implementation in the Linux kernel did not ensure a data structure was initialized before referencing it after an error condition occurred. A local attacker could use this to cause a denial of service (system crash). (CVE-2016-4470) Kangjie Lu discovered an information leak in the ...

CVE-2016-4470 CVE-2016-5243

USN-3050-1: Linux kernel (OMAP4) vulnerabilities - 10th August 2016

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134) Vitaly Kuznetsov discovered that the Linux kernel did not ...

CVE-2016-3134 CVE-2016-3961 CVE-2016-4470 CVE-2016-5243

Showing page 1 of 70   Next >
Show: All