Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Showing page 1 of 61   Next >
Show: All  

USN-2734-1: Linux kernel vulnerability - 3rd September 2015

It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.

CVE-2015-5707

USN-2733-1: Linux kernel (Trusty HWE) vulnerability - 3rd September 2015

It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.

CVE-2015-5707

USN-2732-1: Linux kernel (OMAP4) vulnerability - 3rd September 2015

Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel.

CVE-2015-5697

USN-2731-1: Linux kernel vulnerability - 3rd September 2015

Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel.

CVE-2015-5697

USN-2730-1: OpenSLP vulnerabilities - 3rd September 2015

Georgi Geshev discovered that OpenSLP incorrectly handled processing certain service requests. A remote attacker could possibly use this issue to cause OpenSLP to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2012-4428) Qinghao Tang discovered that OpenSLP incorrectly handled processing ...

CVE-2012-4428 CVE-2015-5177

USN-2729-1: libvdpau vulnerabilities - 3rd September 2015

Florian Weimer discovered that libvdpau incorrectly handled certain environment variables. A local attacker could possibly use this issue to gain privileges.

CVE-2015-5198 CVE-2015-5199 CVE-2015-5200

USN-2728-1: Bind vulnerability - 2nd September 2015

Hanno Böck discovered that Bind incorrectly handled certain malformed keys when configured to perform DNSSEC validation. A remote attacker could use this issue with specially crafted zone data to cause Bind to crash, resulting in a denial of service.

CVE-2015-5722

USN-2727-1: GnuTLS vulnerabilities - 1st September 2015

It was discovered that GnuTLS incorrectly handled parsing CRL distribution points. A remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2015-3308) Kurt Roeckx discovered that GnuTLS incorrectly handled a long DistinguishedName (DN) entry in a certificate. A remote attacker could possibly ...

CVE-2015-3308 CVE-2015-6251

USN-2726-1: Expat vulnerability - 31st August 2015

It was discovered that Expat incorrectly handled malformed XML data. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code.

CVE-2015-1283

USN-2723-1: Firefox vulnerabilities - 27th August 2015

A use-after-free was discovered when resizing a canvas element during restyling in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the ...

CVE-2015-4497 CVE-2015-4498

USN-2725-1: cups-filters vulnerability - 27th August 2015

Seth Arnold discovered that ippusbxd in the cups-filters package would incorrectly listen to all configured network interfaces. A remote attacker could use this issue to possibly access locally-connected printers.

CVE-2015-6520

USN-2724-1: QEMU vulnerabilities - 27th August 2015

It was discovered that QEMU incorrectly handled a PRDT with zero complete sectors in the IDE functionality. A malicious guest could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-9718) Donghai Zhu discovered that QEMU incorrectly handled ...

CVE-2014-9718 CVE-2015-5165 CVE-2015-5166 CVE-2015-5225 CVE-2015-5745

USN-2722-1: GDK-PixBuf vulnerability - 26th August 2015

Gustavo Grieco discovered that GDK-PixBuf incorrectly handled scaling bitmap images. If a user or automated system were tricked into opening a BMP image file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2015-4491

USN-2712-1: Thunderbird vulnerabilities - 25th August 2015

Gary Kwong, Christian Holler, and Byron Campen discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with the privileges ofthe user ...

CVE-2015-4473 CVE-2015-4487 CVE-2015-4488 CVE-2015-4489 CVE-2015-4491

USN-2702-3: Firefox regression - 20th August 2015

USN-2702-1 fixed vulnerabilities in Firefox. After upgrading, some users in the US reported that their default search engine switched to Yahoo. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Gary Kwong, Christian Holler, Byron Campen, Tyson Smith, Bobby Holley, Chris Coulson, and Eric Rahm discovered ...

LP: 1485741

USN-2721-1: Subversion vulnerabilities - 20th August 2015

It was discovered that the Subversion mod_dav_svn module incorrectly handled REPORT requests for a resource that does not exist. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-3580) ...

CVE-2014-3580 CVE-2014-8108 CVE-2015-0202 CVE-2015-0248 CVE-2015-0251 CVE-2015-3184 CVE-2015-3187

USN-2720-1: Django vulnerability - 18th August 2015

Lin Hua Cheng discovered that Django incorrectly handled the session store. A remote attacker could use this issue to cause the session store to fill up, resulting in a denial of service.

CVE-2015-5963 CVE-2015-5964

USN-2710-2: OpenSSH regression - 18th August 2015

USN-2710-1 fixed vulnerabilities in OpenSSH. The upstream fix for CVE-2015-5600 caused a regression resulting in random authentication failures in non-default configurations. This update fixes the problem. Original advisory details: Moritz Jodeit discovered that OpenSSH incorrectly handled usernames when using PAM authentication. If an additional vulnerability were discovered in the OpenSSH ...

LP: 1485719

USN-2719-1: Linux kernel vulnerability - 17th August 2015

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

CVE-2015-3212

USN-2718-1: Linux kernel (Vivid HWE) vulnerability - 17th August 2015

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

CVE-2015-3212

USN-2717-1: Linux kernel (Utopic HWE) vulnerability - 17th August 2015

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

CVE-2015-3212

USN-2716-1: Linux kernel vulnerability - 17th August 2015

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

CVE-2015-3212

USN-2715-1: Linux kernel (Trusty HWE) vulnerability - 17th August 2015

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash).

CVE-2015-3212

USN-2714-1: Linux kernel (OMAP4) vulnerabilities - 17th August 2015

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2015-3212) A flaw was discovered in how the Linux ...

CVE-2015-3212 CVE-2015-5364 CVE-2015-5366

USN-2713-1: Linux kernel vulnerabilities - 17th August 2015

Marcelo Ricardo Leitner discovered a race condition in the Linux kernel's SCTP address configuration lists when using Address Configuration Change (ASCONF) options on a socket. An unprivileged local user could exploit this flaw to cause a denial of service (system crash). (CVE-2015-3212) A flaw was discovered in how the Linux ...

CVE-2015-3212 CVE-2015-5364 CVE-2015-5366

USN-2711-1: Net-SNMP vulnerabilities - 17th August 2015

It was discovered that Net-SNMP incorrectly handled certain trap messages when the -OQ option was used. A remote attacker could use this issue to cause Net-SNMP to crash, resulting in a denial of service. (CVE-2014-3565) Qinghao Tang discovered that Net-SNMP incorrectly handled SNMP PDU parsing failures. A remote attacker could ...

CVE-2014-3565 CVE-2015-5621

USN-2710-1: OpenSSH vulnerabilities - 14th August 2015

Moritz Jodeit discovered that OpenSSH incorrectly handled usernames when using PAM authentication. If an additional vulnerability were discovered in the OpenSSH unprivileged child process, this issue could allow a remote attacker to perform user impersonation. (CVE number pending) Moritz Jodeit discovered that OpenSSH incorrectly handled context memory when using PAM ...

CVE-2015-5352 CVE-2015-5600

USN-2709-1: pollinate update - 14th August 2015

The pollinate package bundles the certificate for entropy.ubuntu.com. This update refreshes the certificate to match the new certificate for the server.

LP: 1483762

USN-2702-2: Ubufox update - 11th August 2015

USN-2702-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Ubufox. Original advisory details: Gary Kwong, Christian Holler, Byron Campen, Tyson Smith, Bobby Holley, Chris Coulson, and Eric Rahm discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, ...

LP: 1483858

USN-2702-1: Firefox vulnerabilities - 11th August 2015

Gary Kwong, Christian Holler, Byron Campen, Tyson Smith, Bobby Holley, Chris Coulson, and Eric Rahm discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or ...

CVE-2015-4473 CVE-2015-4474 CVE-2015-4475 CVE-2015-4477 CVE-2015-4478 CVE-2015-4479 CVE-2015-4480 CVE-2015-4484 CVE-2015-4485 CVE-2015-4486 CVE-2015-4487 CVE-2015-4488 CVE-2015-4489 CVE-2015-4490 CVE-2015-4491 CVE-2015-4492 CVE-2015-4493

USN-2707-1: Firefox vulnerability - 7th August 2015

Cody Crews discovered a way to violate the same-origin policy to inject script in to a non-privileged part of the PDF viewer. If a user were tricked in to opening a specially crafted website, an attacker could exploit this to read sensitive information from local files. (CVE-2015-4495)

CVE-2015-4495

USN-2706-1: OpenJDK 6 vulnerabilities - 6th August 2015

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-2590, CVE-2015-2628, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4760, CVE-2015-4748) Several vulnerabilities were discovered in the cryptographic components of ...

CVE-2015-2590 CVE-2015-2601 CVE-2015-2621 CVE-2015-2625 CVE-2015-2628 CVE-2015-2632 CVE-2015-2808 CVE-2015-4000 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760

USN-2705-1: Keystone vulnerabilities - 5th August 2015

Qin Zhao discovered Keystone disabled certification verification when the "insecure" option is set in a paste configuration (paste.ini) file regardless of the value, which allows remote attackers to conduct man-in-the-middle attacks via a crafted certificate. (CVE-2014-7144) Brant Knudson discovered Keystone disabled certification verification when the "insecure" option is set in ...

CVE-2014-7144 CVE-2015-1852

USN-2704-1: Swift vulnerabilities - 5th August 2015

Rajaneesh Singh discovered Swift does not properly enforce metadata limits. An attacker could abuse this issue to store more metadata than allowed by policy. (CVE-2014-7960) Clay Gerrard discovered Swift allowed users to delete the latest version of object regardless of object permissions when allow_version is configured. An attacker could use ...

CVE-2014-7960 CVE-2015-1856

USN-2703-1: Cinder vulnerability - 5th August 2015

Bastian Blank discovered that Cinder guessed image formats based on untrusted data. An attacker could use this to read arbitrary files from the Cinder host.

CVE-2015-1851

USN-2677-1: Oxide vulnerabilities - 4th August 2015

An uninitialized value issue was discovered in ICU. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service. (CVE-2015-1270) A use-after-free was discovered in the GPU process implementation in Chromium. If a user were tricked in ...

CVE-2015-1270 CVE-2015-1272 CVE-2015-1276 CVE-2015-1277 CVE-2015-1280 CVE-2015-1281 CVE-2015-1283 CVE-2015-1284 CVE-2015-1285 CVE-2015-1287 CVE-2015-1289 CVE-2015-1329 CVE-2015-5605 LP: 1466208

USN-2699-1: HPLIP vulnerability - 30th July 2015

Enrico Zini discovered that HPLIP used a short GPG key ID when downloading keys from the keyserver. An attacker could possibly use this to return a different key with a duplicate short key id and perform a man-in-the-middle attack on printer plugin installations.

CVE-2015-0839

USN-2698-1: SQLite vulnerabilities - 30th July 2015

It was discovered that SQLite incorrectly handled skip-scan optimization. An attacker could use this issue to cause applications using SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2013-7443) Michal Zalewski discovered that SQLite incorrectly handled dequoting of ...

CVE-2013-7443 CVE-2015-3414 CVE-2015-3415 CVE-2015-3416

USN-2697-1: Ghostscript vulnerability - 30th July 2015

William Robinet and Stefan Cornelius discovered that Ghostscript did not correctly handle certain Postscript files. If a user or automated system were tricked into opening a specially crafted file, an attacker could cause a denial of service or possibly execute arbitrary code.

CVE-2015-3228

USN-2696-1: OpenJDK 7 vulnerabilities - 30th July 2015

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity, and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-2590, CVE-2015-2628, CVE-2015-4731, CVE-2015-4732, CVE-2015-4733, CVE-2015-4760, CVE-2015-4748) Several vulnerabilities were discovered in the cryptographic components of ...

CVE-2015-2590 CVE-2015-2601 CVE-2015-2613 CVE-2015-2621 CVE-2015-2625 CVE-2015-2628 CVE-2015-2632 CVE-2015-2808 CVE-2015-4000 CVE-2015-4731 CVE-2015-4732 CVE-2015-4733 CVE-2015-4748 CVE-2015-4749 CVE-2015-4760 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/LogJam

USN-2695-1: HTML Tidy vulnerabilities - 29th July 2015

Fernando Muñoz discovered that HTML Tidy incorrectly handled memory. If a user or automated system were tricked into processing specially crafted data, applications linked against HTML Tidy could be made to crash, leading to a denial of service, or possibly execute arbitrary code.

CVE-2015-5522 CVE-2015-5523

USN-2694-1: PCRE vulnerabilities - 29th July 2015

Michele Spagnuolo discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-8964) Kai Lu discovered that PCRE incorrectly handled ...

CVE-2014-8964 CVE-2015-2325 CVE-2015-2326 CVE-2015-3210 CVE-2015-5073

USN-2693-1: Bind vulnerabilities - 28th July 2015

Jonathan Foote discovered that Bind incorrectly handled certain TKEY queries. A remote attacker could use this issue with a specially crafted packet to cause Bind to crash, resulting in a denial of service. (CVE-2015-5477) Pories Ediansyah discovered that Bind incorrectly handled certain configurations involving DNS64. A remote attacker could use ...

CVE-2012-5689 CVE-2015-5477

USN-2692-1: QEMU vulnerabilities - 28th July 2015

Matt Tait discovered that QEMU incorrectly handled PIT emulation. In a non-default configuration, a malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with ...

CVE-2015-3214 CVE-2015-5154 CVE-2015-5158

USN-2691-1: Linux kernel vulnerabilities - 28th July 2015

Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-3290) Colin King discovered a flaw in the add_key function of the Linux kernel's ...

CVE-2015-1333 CVE-2015-3290 CVE-2015-3291 CVE-2015-5157

USN-2690-1: Linux kernel (Vivid HWE) vulnerabilities - 28th July 2015

Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-3290) Colin King discovered a flaw in the add_key function of the Linux kernel's ...

CVE-2015-1333 CVE-2015-3290 CVE-2015-3291 CVE-2015-5157

USN-2689-1: Linux kernel (Utopic HWE) vulnerabilities - 28th July 2015

Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-3290) Colin King discovered a flaw in the add_key function of the Linux kernel's ...

CVE-2015-1333 CVE-2015-3290 CVE-2015-3291 CVE-2015-5157

USN-2688-1: Linux kernel vulnerabilities - 28th July 2015

Andy Lutomirski discovered a flaw in the Linux kernel's handling of nested NMIs (non-maskable interrupts). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-3290) Colin King discovered a flaw in the add_key function of the Linux kernel's ...

CVE-2015-1333 CVE-2015-3290 CVE-2015-3291 CVE-2015-5157

Showing page 1 of 61   Next >
Show: All