Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Showing page 1 of 54   Next >
Show: All  

USN-2413-1: AppArmor vulnerability - 20th November 2014

An AppArmor policy miscompilation flaw was discovered in apparmor_parser. Under certain circumstances, a malicious application could use this flaw to perform operations that are not allowed by AppArmor policy. The flaw may also prevent applications from accessing resources that are allowed by AppArmor policy.

CVE-2014-1424

USN-2412-1: Ruby vulnerability - 20th November 2014

Tomas Hoger discovered that Ruby incorrectly handled XML entity expansion. An attacker could use this flaw to cause Ruby to consume large amounts of resources, resulting in a denial of service.

CVE-2014-8090

USN-2410-1: Oxide vulnerabilities - 19th November 2014

A buffer overflow was discovered in Skia. If a user were tricked in to opening a specially crafted website, an attacked could potentially exploit this to cause a denial of service via renderer crash or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-7904) Multiple use-after-frees were ...

CVE-2014-7904 CVE-2014-7907 CVE-2014-7908 CVE-2014-7909 CVE-2014-7910

USN-2411-1: mountall vulnerability - 18th November 2014

Saurav Sengupta discovered that mountall incorrectly handled umask when calling the mount utility, resulting in certain filesystems possibly being mounted with incorrect permissions.

CVE-2014-1421

USN-2409-1: QEMU vulnerabilities - 13th November 2014

Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host memory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-3615) Xavier Mehrenberger and Stephane Duverger discovered that QEMU incorrectly handled certain udp packets when ...

CVE-2014-3615 CVE-2014-3640 CVE-2014-3689 CVE-2014-5263 CVE-2014-5388 CVE-2014-7815

USN-2408-1: OpenStack Neutron vulnerability - 11th November 2014

Elena Ezhova discovered that OpenStack Neutron did not properly perform access control checks for attributes. A remote authenticated attacker could exploit this to bypass intended access controls and reset admin-only attributes to default values.

CVE-2014-6414

USN-2407-1: OpenStack Nova vulnerabilities - 11th November 2014

Garth Mollett discovered that OpenStack Nova did not properly clean up an instance when using rescue mode with the VMWare driver. A remove authenticated user could exploit this to bypass intended quota limits. By default, Ubuntu does not use the VMWare driver. (CVE-2014-3608) Amrith Kumar discovered that OpenStack Nova did ...

CVE-2014-3608 CVE-2014-7230

USN-2406-1: OpenStack Keystone vulnerability - 11th November 2014

Brant Knudson discovered that OpenStack Keystone did not properly perform input sanitization when performing endpoint catalog substitution. A remote attacker with privileged access for creating endpoints could exploit this to obtain sensitive information.

CVE-2014-3621

USN-2405-1: OpenStack Cinder vulnerabilities - 11th November 2014

Duncan Thomas discovered that OpenStack Cinder did not properly track the file format when using the GlusterFS of Smbfs drivers. A remote authenticated user could exploit this to potentially obtain file contents from the compute host. (CVE-2014-3641) Amrith Kumar discovered that OpenStack Cinder did not properly sanitize log message contents. ...

CVE-2014-3641 CVE-2014-7230

USN-2404-1: libvirt vulnerabilities - 11th November 2014

Pavel Hrdina discovered that libvirt incorrectly handled locking when processing the virConnectListAllDomains command. An attacker could use this issue to cause libvirtd to hang, resulting in a denial of service. (CVE-2014-3657) Eric Blake discovered that libvirt incorrectly handled permissions when processing the qemuDomainFormatXML command. An attacker with read-only privileges could ...

CVE-2014-3657 CVE-2014-7823

USN-2403-1: GnuTLS vulnerability - 11th November 2014

Sean Burford discovered that GnuTLS incorrectly handled printing certain elliptic curve parameters. A malicious remote server or client could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2014-8564

USN-2402-1: KDE workspace vulnerability - 10th November 2014

David Edmundson discovered that the KDE Clock KCM policykit helper did not properly guard against untrusted input. Under certain circumstances, a process running under the user's session could exploit this to run programs as the administrator.

CVE-2014-8651

USN-2401-1: Konversation vulnerability - 10th November 2014

Manuel Nickschas discovered that Konversation did not properly perform input sanitization when using Blowfish ECB encryption. A remote attacker could exploit this to cause a denial of service.

CVE-2014-8483

USN-2400-1: LibreOffice vulnerability - 10th November 2014

It was discovered that LibreOffice incorrectly handled OLE preview generation. If a user were tricked into opening a crafted document, an attacker could possibly exploit this to embed arbitrary data into documents.

CVE-2014-3575

USN-2399-1: curl vulnerability - 10th November 2014

Symeon Paraschoudis discovered that curl incorrectly handled memory when being used with CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle(). This may result in sensitive data being incorrectly sent to the remote server.

CVE-2014-3707

USN-2398-1: LibreOffice vulnerability - 5th November 2014

It was discovered that LibreOffice incorrectly handled the Impress remote control port. An attacker could possibly use this issue to cause Impress to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2014-3693

USN-2397-1: Ruby vulnerabilities - 4th November 2014

Will Wood discovered that Ruby incorrectly handled the encodes() function. An attacker could possibly use this issue to cause Ruby to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service. (CVE-2014-4975) ...

CVE-2014-4975 CVE-2014-8080

USN-2396-1: Linux kernel vulnerabilities - 31st October 2014

Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash) of the guest. (CVE-2014-3647) A flaw was ...

CVE-2014-3610 CVE-2014-3611 CVE-2014-3646 CVE-2014-3647

USN-2395-1: Linux kernel vulnerabilities - 30th October 2014

Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash) of the guest. (CVE-2014-3647) A flaw was ...

CVE-2014-3610 CVE-2014-3611 CVE-2014-3646 CVE-2014-3647 CVE-2014-7145

USN-2394-1: Linux kernel (Trusty HWE) vulnerabilities - 30th October 2014

Nadav Amit reported that the KVM (Kernel Virtual Machine) mishandles noncanonical addresses when emulating instructions that change the rip (Instruction Pointer). A guest user with access to I/O or the MMIO can use this flaw to cause a denial of service (system crash) of the guest. (CVE-2014-3647) A flaw was ...

CVE-2014-3610 CVE-2014-3611 CVE-2014-3646 CVE-2014-3647 CVE-2014-7145

USN-2393-1: Wget vulnerability - 30th October 2014

HD Moore discovered that Wget contained a path traversal vulnerability when downloading symlinks using FTP. A malicious remote FTP server or a man in the middle could use this issue to cause Wget to overwrite arbitrary files, possibly leading to arbitrary code execution.

CVE-2014-4877

USN-2392-1: systemd-shim vulnerability - 30th October 2014

It was discovered that systemd-shim incorrectly shipped with a debugging clause enabled. A local attacker could possibly use this issue to cause a denial of service.

CVE-2014-8399

USN-2391-1: php5 vulnerabilities - 30th October 2014

Symeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime function. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2014-3668) Symeon Paraschoudis discovered that PHP incorrectly handled unserializing objects. A remote attacker could possibly use this issue to cause PHP ...

CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 CVE-2014-3710

USN-2390-1: Pidgin vulnerabilities - 28th October 2014

Jacob Appelbaum and an anonymous person discovered that Pidgin incorrectly handled certificate validation. A remote attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications. (CVE-2014-3694) Yves Younan and Richard Johnson discovered that Pidgin incorrectly handled certain malformed MXit emoticons. ...

CVE-2014-3694 CVE-2014-3695 CVE-2014-3696 CVE-2014-3698

USN-2389-1: libxml2 vulnerability - 27th October 2014

It was discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service.

CVE-2014-3660

USN-2388-2: OpenJDK 7 vulnerabilities - 23rd October 2014

USN-2388-1 fixed vulnerabilities in OpenJDK 7 for Ubuntu 14.04 LTS. This update provides the corresponding updates for Ubuntu 14.10. Original advisory details: A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-6457) ...

CVE-2014-6457 CVE-2014-6502 CVE-2014-6504 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6513 CVE-2014-6517 CVE-2014-6519 CVE-2014-6531 CVE-2014-6558

USN-2388-1: OpenJDK 7 vulnerabilities - 22nd October 2014

A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-6457) Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-6502, CVE-2014-6512, CVE-2014-6519, CVE-2014-6527, CVE-2014-6558) Several vulnerabilities were discovered in ...

CVE-2014-6457 CVE-2014-6502 CVE-2014-6504 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6517 CVE-2014-6519 CVE-2014-6527 CVE-2014-6531 CVE-2014-6558 LP: 1382205

USN-2387-1: pollinate update - 22nd October 2014

The pollinate package bundles the certificate for entropy.ubuntu.com. This update refreshes the certificate to match the one currently used on the server.

LP: 1381359

USN-2386-1: OpenJDK 6 vulnerabilities - 16th October 2014

A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-6457) Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-6502, CVE-2014-6512, CVE-2014-6519, CVE-2014-6558) Several vulnerabilities were discovered in the ...

CVE-2014-6457 CVE-2014-6502 CVE-2014-6504 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6517 CVE-2014-6519 CVE-2014-6531 CVE-2014-6558 LP: 1382205

USN-2385-1: OpenSSL vulnerabilities - 16th October 2014

It was discovered that OpenSSL incorrectly handled memory when parsing DTLS SRTP extension data. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-3513) It was discovered that ...

CVE-2014-3513 CVE-2014-3567

USN-2384-1: MySQL vulnerabilities - 15th October 2014

Multiple security issues were discovered in MySQL and this update includes a new upstream MySQL version to fix these issues. MySQL has been updated to 5.5.40. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: ...

CVE-2012-5615 CVE-2014-4274 CVE-2014-4287 CVE-2014-6463 CVE-2014-6464 CVE-2014-6469 CVE-2014-6478 CVE-2014-6484 CVE-2014-6491 CVE-2014-6494 CVE-2014-6495 CVE-2014-6496 CVE-2014-6500 CVE-2014-6505 CVE-2014-6507 CVE-2014-6520 CVE-2014-6530 CVE-2014-6551 CVE-2014-6555 CVE-2014-6559

USN-2373-1: Thunderbird vulnerabilities - 15th October 2014

Bobby Holley, Christian Holler, David Bolter, Byron Campen and Jon Coppeard discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute ...

CVE-2014-1574 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1581 CVE-2014-1585 CVE-2014-1586

USN-2383-1: wpa_supplicant vulnerability - 14th October 2014

Jouni Malinen discovered that the wpa_cli tool incorrectly sanitized strings when being used with action scripts. A remote attacker could possibly use this issue to execute arbitrary commands.

CVE-2014-3686

USN-2372-1: Firefox vulnerabilities - 14th October 2014

Bobby Holley, Christian Holler, David Bolter, Byron Campen, Jon Coppeard, Carsten Book, Martijn Wargers, Shih-Chiang Chien, Terrence Cole and Jeff Walden discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial ...

CVE-2014-1574 CVE-2014-1575 CVE-2014-1576 CVE-2014-1577 CVE-2014-1578 CVE-2014-1580 CVE-2014-1581 CVE-2014-1582 CVE-2014-1583 CVE-2014-1584 CVE-2014-1585 CVE-2014-1586

USN-2345-1: Oxide vulnerabilities - 14th October 2014

Multiple use-after-free issues were discovered in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3178, CVE-2014-3190, CVE-2014-3191, CVE-2014-3192) ...

CVE-2014-3178 CVE-2014-3179 CVE-2014-3188 CVE-2014-3190 CVE-2014-3191 CVE-2014-3192 CVE-2014-3194 CVE-2014-3195 CVE-2014-3197 CVE-2014-3199 CVE-2014-3200 CVE-2014-7967

USN-2382-1: Requests vulnerabilities - 14th October 2014

Jakub Wilk discovered that Requests incorrectly reused authentication credentials after being redirected. An attacker could possibly use this issue to obtain authentication credentials intended for another site. (CVE-2014-1829, CVE-2014-1830)

CVE-2014-1829 CVE-2014-1830

USN-2381-1: Rsyslog vulnerabilities - 9th October 2014

It was discovered that Rsyslog incorrectly handled invalid PRI values. An attacker could use this issue to send malformed messages to the Rsyslog server and cause it to stop responding, resulting in a denial of service and possibly message loss. (CVE-2014-3634, CVE-2014-3683)

CVE-2014-3634 CVE-2014-3683

USN-2380-1: Bash vulnerabilities - 9th October 2014

Michal Zalewski discovered that Bash incorrectly handled parsing certain function definitions. If an attacker were able to create an environment variable containing a function definition with a very specific name, these issues could possibly be used to bypass certain environment restrictions and execute arbitrary code. (CVE-2014-6277, CVE-2014-6278) Please note that ...

CVE-2014-6277 CVE-2014-6278

USN-2379-1: Linux kernel vulnerabilities - 9th October 2014

Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code via specially crafted devices. (CVE-2014-3181) Ben Hawkes reported some off by one errors for report descriptors ...

CVE-2014-3181 CVE-2014-3184 CVE-2014-3185 CVE-2014-3186 CVE-2014-3631 CVE-2014-6410 CVE-2014-6416 CVE-2014-6417 CVE-2014-6418

USN-2378-1: Linux kernel (Trusty HWE) vulnerabilities - 9th October 2014

Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code via specially crafted devices. (CVE-2014-3181) Ben Hawkes reported some off by one errors for report descriptors ...

CVE-2014-3181 CVE-2014-3184 CVE-2014-3185 CVE-2014-3186 CVE-2014-3631 CVE-2014-6410 CVE-2014-6416 CVE-2014-6417 CVE-2014-6418

USN-2377-1: Linux kernel (OMAP4) vulnerabilities - 9th October 2014

Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code via specially crafted devices. (CVE-2014-3181) Ben Hawkes reported some off by one errors for report descriptors ...

CVE-2014-3181 CVE-2014-3184 CVE-2014-3185 CVE-2014-3186 CVE-2014-6410 CVE-2014-6416 CVE-2014-6417 CVE-2014-6418

USN-2376-1: Linux kernel vulnerabilities - 9th October 2014

Steven Vittitoe reported multiple stack buffer overflows in Linux kernel's magicmouse HID driver. A physically proximate attacker could exploit this flaw to cause a denial of service (system crash) or possibly execute arbitrary code via specially crafted devices. (CVE-2014-3181) Ben Hawkes reported some off by one errors for report descriptors ...

CVE-2014-3181 CVE-2014-3184 CVE-2014-3185 CVE-2014-3186 CVE-2014-6410 CVE-2014-6416 CVE-2014-6417 CVE-2014-6418

USN-2375-1: Linux kernel (EC2) vulnerabilities - 9th October 2014

Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. (CVE-2014-3184) Several bounds check flaws allowing for buffer overflows were discovered in ...

CVE-2014-3184 CVE-2014-3185 CVE-2014-6410

USN-2374-1: Linux kernel vulnerabilities - 9th October 2014

Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. (CVE-2014-3184) Several bounds check flaws allowing for buffer overflows were discovered in ...

CVE-2014-3184 CVE-2014-3185 CVE-2014-6410

USN-2371-1: Exuberant Ctags vulnerability - 8th October 2014

It was discovered that Exuberant Ctags incorrectly handled certain minified js files. An attacker could use this issue to possibly cause Exuberant Ctags to consume resources, resulting in a denial of service.

CVE-2014-7204

USN-2370-1: APT vulnerability - 8th October 2014

Guillem Jover discovered that APT incorrectly created a temporary file when handling the changelog command. A local attacker could use this issue to overwrite arbitrary files. In the default installation of Ubuntu, this should be prevented by the kernel link restrictions.

CVE-2014-7206

USN-2369-1: file vulnerability - 2nd October 2014

It was discovered that file incorrectly handled certain CDF documents. A attacker could use this issue to cause file to hang or crash, resulting in a denial of service.

CVE-2014-3587

USN-2368-1: OpenVPN vulnerability - 2nd October 2014

It was discovered that OpenVPN incorrectly handled HMAC comparisons when running in UDP mode. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could possibly be used to perform a plaintext recovery attack.

CVE-2013-2061

USN-2367-1: OpenSSL update - 2nd October 2014

For compatibility reasons, OpenSSL in Ubuntu 12.04 LTS disables TLSv1.2 by default when being used as a client. When forcing the use of TLSv1.2, another compatibility feature (OPENSSL_MAX_TLS1_2_CIPHER_LENGTH) was used that would truncate the cipher list. This would prevent certain ciphers from being selected, and would prevent secure renegotiations. This ...

LP: 1376447

USN-2366-1: libvirt vulnerabilities - 30th September 2014

Daniel P. Berrange and Richard Jones discovered that libvirt incorrectly handled XML documents containing XML external entity declarations. An attacker could use this issue to cause libvirtd to crash, resulting in a denial of service on all affected releases, or possibly read arbitrary files if fine grained access control was ...

CVE-2014-0179 CVE-2014-3633 CVE-2014-5177

Showing page 1 of 54   Next >
Show: All