Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

< Previous   Showing page 2 of 54   Next >
Show: All  

USN-2365-1: LibVNCServer vulnerabilities - 29th September 2014

Nicolas Ruff discovered that LibVNCServer incorrectly handled memory when being advertised large screen sizes by the server. If a user were tricked into connecting to a malicious server, an attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2014-6051, CVE-2014-6052) Nicolas Ruff discovered ...

CVE-2014-6051 CVE-2014-6052 CVE-2014-6053 CVE-2014-6054 CVE-2014-6055

USN-2364-1: Bash vulnerabilities - 27th September 2014

Florian Weimer and Todd Sabin discovered that the Bash parser incorrectly handled memory. An attacker could possibly use this issue to bypass certain environment restrictions and execute arbitrary code. (CVE-2014-7186, CVE-2014-7187) In addition, this update introduces a hardening measure which adds prefixes and suffixes around environment variable names which contain ...

CVE-2014-7186 CVE-2014-7187

USN-2363-2: Bash vulnerability - 25th September 2014

USN-2363-1 fixed a vulnerability in Bash. Due to a build issue, the patch for CVE-2014-7169 didn't get properly applied in the Ubuntu 14.04 LTS package. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Tavis Ormandy discovered that the security fix for Bash included in USN-2362-1 ...

CVE-2014-7169

USN-2363-1: Bash vulnerability - 25th September 2014

Tavis Ormandy discovered that the security fix for Bash included in USN-2362-1 was incomplete. An attacker could use this issue to bypass certain environment restrictions. (CVE-2014-7169)

CVE-2014-7169

USN-2360-2: Thunderbird vulnerabilities - 24th September 2014

USN-2360-1 fixed vulnerabilities in Firefox. This update provides the corresponding updates for Thunderbird. Original advisory details: Antoine Delignat-Lavaud and others discovered that NSS incorrectly handled parsing ASN.1 values. An attacker could use this issue to forge RSA certificates.

CVE-2014-1568

USN-2360-1: Firefox vulnerabilities - 24th September 2014

Antoine Delignat-Lavaud and others discovered that NSS incorrectly handled parsing ASN.1 values. An attacker could use this issue to forge RSA certificates.

CVE-2014-1568

USN-2361-1: NSS vulnerability - 24th September 2014

Antoine Delignat-Lavaud and others discovered that NSS incorrectly handled parsing ASN.1 values. An attacker could use this issue to forge RSA certificates.

CVE-2014-1568

USN-2362-1: Bash vulnerability - 24th September 2014

Stephane Chazelas discovered that Bash incorrectly handled trailing code in function definitions. An attacker could use this issue to bypass environment restrictions, such as SSH forced command environments.

CVE-2014-6271

USN-2359-1: Linux kernel vulnerabilities - 23rd September 2014

Jack Morgenstein reported a flaw in the page handling of the KVM (Kerenl Virtual Machine) subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service (host OS memory corruption) or possibly have other unspecified impact on the host OS. (CVE-2014-3601) Jason ...

CVE-2014-3601 CVE-2014-5077 CVE-2014-5471 CVE-2014-5472

USN-2358-1: Linux kernel (Trusty HWE) vulnerabilities - 23rd September 2014

Jack Morgenstein reported a flaw in the page handling of the KVM (Kerenl Virtual Machine) subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service (host OS memory corruption) or possibly have other unspecified impact on the host OS. (CVE-2014-3601) Jason ...

CVE-2014-3601 CVE-2014-5077 CVE-2014-5471 CVE-2014-5472

USN-2357-1: Linux kernel (OMAP4) vulnerabilities - 23rd September 2014

Jack Morgenstein reported a flaw in the page handling of the KVM (Kerenl Virtual Machine) subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service (host OS memory corruption) or possibly have other unspecified impact on the host OS. (CVE-2014-3601) Chris ...

CVE-2014-3601 CVE-2014-5471 CVE-2014-5472

USN-2356-1: Linux kernel vulnerabilities - 23rd September 2014

Jack Morgenstein reported a flaw in the page handling of the KVM (Kerenl Virtual Machine) subsystem in the Linux kernel. A guest OS user could exploit this flaw to cause a denial of service (host OS memory corruption) or possibly have other unspecified impact on the host OS. (CVE-2014-3601) Chris ...

CVE-2014-3601 CVE-2014-5471 CVE-2014-5472

USN-2355-1: Linux kernel (EC2) vulnerabilities - 23rd September 2014

Chris Evans reported an flaw in the Linux kernel's handling of iso9660 (compact disk filesystem) images. An attacker who can mount a custom iso9660 image either via a CD/DVD drive or a loopback mount could cause a denial of service (system crash or reboot). (CVE-2014-5471) Chris Evans reported an flaw ...

CVE-2014-5471 CVE-2014-5472

USN-2354-1: Linux kernel vulnerabilities - 23rd September 2014

Chris Evans reported an flaw in the Linux kernel's handling of iso9660 (compact disk filesystem) images. An attacker who can mount a custom iso9660 image either via a CD/DVD drive or a loopback mount could cause a denial of service (system crash or reboot). (CVE-2014-5471) Chris Evans reported an flaw ...

CVE-2014-5471 CVE-2014-5472

USN-2353-1: APT vulnerability - 23rd September 2014

It was discovered that APT incorrectly handled certain http URLs. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to cause APT to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should ...

CVE-2014-6273

USN-2352-1: DBus vulnerabilities - 22nd September 2014

Simon McVittie discovered that DBus incorrectly handled the file descriptors message limit. A local attacker could use this issue to cause DBus to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-3635) Alban Crequy ...

CVE-2014-3635 CVE-2014-3636 CVE-2014-3637 CVE-2014-3638 CVE-2014-3639

USN-2351-1: nginx vulnerability - 22nd September 2014

Antoine Delignat-Lavaud and Karthikeyan Bhargavan discovered that nginx incorrectly reused cached SSL sessions. An attacker could possibly use this issue in certain configurations to obtain access to information from a different virtual host.

CVE-2014-3616

USN-2350-1: NSS update - 22nd September 2014

The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.17 which includes the latest CA certificate bundle.

LP: 1372410

USN-2349-1: Libav vulnerabilities - 17th September 2014

It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

LP: 1370175

USN-2319-3: OpenJDK 7 update - 16th September 2014

USN-2319-1 fixed vulnerabilities in OpenJDK 7. This update provides stability fixes for the arm64 and ppc64el architectures. Original advisory details: Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive ...

LP: 1370307

USN-2348-1: APT vulnerabilities - 16th September 2014

It was discovered that APT did not re-verify downloaded files when the If-Modified-Since wasn't met. (CVE-2014-0487) It was discovered that APT did not invalidate repository data when it switched from an unauthenticated to an authenticated state. (CVE-2014-0488) It was discovered that the APT Acquire::GzipIndexes option caused APT to skip checksum ...

CVE-2014-0487 CVE-2014-0488 CVE-2014-0489 CVE-2014-0490

USN-2347-1: Django vulnerabilities - 16th September 2014

Florian Apolloner discovered that Django incorrectly validated URLs. A remote attacker could use this issue to conduct phishing attacks. (CVE-2014-0480) David Wilson discovered that Django incorrectly handled file name generation. A remote attacker could use this issue to cause Django to consume resources, resulting in a denial of service. (CVE-2014-0481) ...

CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483

USN-2346-1: curl vulnerabilities - 15th September 2014

Tim Ruehsen discovered that curl incorrectly handled partial literal IP addresses. This could lead to the disclosure of cookies to the wrong site, and malicious sites being able to set cookies for others. (CVE-2014-3613) Tim Ruehsen discovered that curl incorrectly allowed cookies to be set for Top Level Domains (TLDs). ...

CVE-2014-3613 CVE-2014-3620

USN-2330-1: Thunderbird vulnerabilities - 11th September 2014

Jan de Mooij, Christian Holler, Karl Tomlinson, Randell Jesup, Gary Kwong, Jesse Ruderman and JW Wang discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service ...

CVE-2014-1553 CVE-2014-1562 CVE-2014-1563 CVE-2014-1564 CVE-2014-1565 CVE-2014-1567

USN-2344-1: PHP vulnerabilities - 9th September 2014

It was discovered that the Fileinfo component in php5 contains an integer overflow. An attacker could use this flaw to cause a denial of service or possibly execute arbitrary code via a crafted CDF file. (CVE-2014-3587) It was discovered that the php_parserr function contains multiple buffer overflows. An attacker could ...

CVE-2014-3587 CVE-2014-3597

USN-2343-1: NSS vulnerability - 9th September 2014

Tyson Smith and Jesse Schwartzentruber discovered that NSS contained a race condition when performing certificate validation. An attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2014-1544

USN-2342-1: QEMU vulnerabilities - 8th September 2014

Michael S. Tsirkin, Anthony Liguori, and Michael Roth discovered multiple issues with QEMU state loading after migration. An attacker able to modify the state data could use these issues to cause a denial of service, or possibly execute arbitrary code. (CVE-2013-4148, CVE-2013-4149, CVE-2013-4150, CVE-2013-4151, CVE-2013-4526, CVE-2013-4527, CVE-2013-4529, CVE-2013-4530, CVE-2013-4531, CVE-2013-4532, ...

CVE-2013-4148 CVE-2013-4149 CVE-2013-4150 CVE-2013-4151 CVE-2013-4526 CVE-2013-4527 CVE-2013-4529 CVE-2013-4530 CVE-2013-4531 CVE-2013-4532 CVE-2013-4533 CVE-2013-4534 CVE-2013-4535 CVE-2013-4536 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2013-4540 CVE-2013-4541 CVE-2013-4542 CVE-2013-6399 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0182 CVE-2014-0222 CVE-2014-0223 CVE-2014-3461 CVE-2014-3471

USN-2341-1: CUPS vulnerabilities - 8th September 2014

Salvatore Bonaccorso discovered that the CUPS web interface incorrectly validated permissions and incorrectly handled symlinks. An attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation.

CVE-2014-5029 CVE-2014-5030 CVE-2014-5031

USN-2306-3: GNU C Library regression - 8th September 2014

USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS, the fix for CVE-2013-4357 introduced a memory leak in getaddrinfo. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Maksymilian Arciemowicz discovered that the GNU C Library incorrectly handled the getaddrinfo() function. An attacker ...

LP: 1364584

USN-2340-1: procmail vulnerability - 4th September 2014

Tavis Ormandy discovered that the formail tool incorrectly handled certain malformed mail headers. An attacker could use this flaw to cause formail to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2014-3618

USN-2339-2: Libgcrypt vulnerability - 3rd September 2014

Daniel Genkin, Adi Shamir, and Eran Tromer discovered that Libgcrypt was susceptible to an adaptive chosen ciphertext attack via physical side channels. A local attacker could use this attack to possibly recover private keys.

CVE-2014-5270

USN-2339-1: GnuPG vulnerability - 3rd September 2014

Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an adaptive chosen ciphertext attack via physical side channels. A local attacker could use this attack to possibly recover private keys.

CVE-2014-5270

USN-2338-1: Lua vulnerability - 3rd September 2014

It was discovered that Lua incorrectly handled certain vararg functions with a large number of fixed parameters. An attacker could use this issue to cause Lua applications to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2014-5461

USN-2326-1: Oxide vulnerabilities - 2nd September 2014

A use-after-free was discovered in the SVG implementation in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via renderer crash, or execute arbitrary code with the privileges of the sandboxed render process. (CVE-2014-3168) ...

CVE-2014-3168 CVE-2014-3169 CVE-2014-3171 CVE-2014-3173 CVE-2014-3174 CVE-2014-3175

USN-2329-1: Firefox vulnerabilities - 2nd September 2014

Jan de Mooij, Christian Holler, Karl Tomlinson, Randell Jesup, Gary Kwong, Jesse Ruderman, JW Wang and David Weir discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via ...

CVE-2014-1553 CVE-2014-1554 CVE-2014-1562 CVE-2014-1563 CVE-2014-1564 CVE-2014-1565 CVE-2014-1567

USN-2337-1: Linux kernel vulnerabilities - 2nd September 2014

A flaw was discovered in the Linux kernel virtual machine's (kvm) validation of interrupt requests (irq). A guest OS user could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0155) Andy Lutomirski discovered a flaw in the authorization of netlink socket operations when a socket is ...

CVE-2014-0155 CVE-2014-0181 CVE-2014-0206 CVE-2014-4014 CVE-2014-4027 CVE-2014-4171 CVE-2014-4508 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656 CVE-2014-4667 CVE-2014-5045

USN-2336-1: Linux kernel (Trusty HWE) vulnerabilities - 2nd September 2014

A flaw was discovered in the Linux kernel virtual machine's (kvm) validation of interrupt requests (irq). A guest OS user could exploit this flaw to cause a denial of service (host OS crash). (CVE-2014-0155) Andy Lutomirski discovered a flaw in the authorization of netlink socket operations when a socket is ...

CVE-2014-0155 CVE-2014-0181 CVE-2014-0206 CVE-2014-4014 CVE-2014-4027 CVE-2014-4171 CVE-2014-4508 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656 CVE-2014-4667 CVE-2014-5045

USN-2335-1: Linux kernel (OMAP4) vulnerabilities - 2nd September 2014

An flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917) An information leak was discovered in the rd_mcp backend of the iSCSI ...

CVE-2014-3917 CVE-2014-4027 CVE-2014-4171 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656 CVE-2014-4667 CVE-2014-5077

USN-2334-1: Linux kernel vulnerabilities - 2nd September 2014

An flaw was discovered in the Linux kernel's audit subsystem when auditing certain syscalls. A local attacker could exploit this flaw to obtain potentially sensitive single-bit values from kernel memory or cause a denial of service (OOPS). (CVE-2014-3917) An information leak was discovered in the rd_mcp backend of the iSCSI ...

CVE-2014-3917 CVE-2014-4027 CVE-2014-4171 CVE-2014-4508 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656 CVE-2014-4667 CVE-2014-5077

USN-2331-1: LibreOffice vulnerability - 2nd September 2014

Rohan Durve and James Kettle discovered LibreOffice Calc sometimes allowed for command injection when opening spreadsheets. If a user were tricked into opening a crafted Calc spreadsheet, an attacker could exploit this to run programs as your login.

CVE-2014-3524

USN-2333-1: Linux kernel (EC2) vulnerabilities - 2nd September 2014

A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service (system crash) via an open system call. (CVE-2014-0203) Toralf Förster reported an error in the Linux kernels syscall auditing on ...

CVE-2014-0203 CVE-2014-4508 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656 CVE-2014-4667 CVE-2014-5077

USN-2332-1: Linux kernel vulnerabilities - 2nd September 2014

A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service (system crash) via an open system call. (CVE-2014-0203) Toralf Förster reported an error in the Linux kernels syscall auditing on ...

CVE-2014-0203 CVE-2014-4508 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656 CVE-2014-4667 CVE-2014-5077

USN-2328-1: GNU C Library vulnerability - 28th August 2014

Tavis Ormandy and John Haxby discovered that the GNU C Library contained an off-by-one error when performing transliteration module loading. A local attacker could exploit this to gain administrative privileges. (CVE-2014-5119) USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS and Ubuntu 12.04 LTS the security update ...

CVE-2014-5119

USN-2327-1: Squid 3 vulnerability - 27th August 2014

Matthew Daley discovered that Squid 3 did not properly perform input validation in request parsing. A remote attacker could send crafted Range requests to cause a denial of service.

CVE-2014-3609

USN-2319-2: OpenJDK 7 regression - 25th August 2014

USN-2319-1 fixed vulnerabilities in OpenJDK 7. Due to an upstream regression, verifying of the init method call would fail when it was done from inside a branch when stack frames are activated. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Several vulnerabilities were discovered in ...

LP: 1360392

USN-2325-1: OpenStack Nova vulnerability - 21st August 2014

Alex Gaynor discovered that OpenStack Nova would sometimes respond with variable times when comparing authentication tokens. If nova were configured to proxy metadata requests via Neutron, a remote authenticated attacker could exploit this to conduct timing attacks and ascertain configuration details of another instance.

CVE-2014-3517

USN-2324-1: OpenStack Keystone vulnerabilities - 21st August 2014

Steven Hardy discovered that OpenStack Keystone did not properly handle chained delegation. A remove authenticated attacker could use this to gain privileges by creating a new token with additional roles. (CVE-2014-3476) Jamie Lennox discovered that OpenStack Keystone did not properly validate the project id. A remote authenticated attacker may be ...

CVE-2014-3476 CVE-2014-3520 CVE-2014-5251 CVE-2014-5252 CVE-2014-5253

USN-2323-1: OpenStack Horizon vulnerabilities - 21st August 2014

Jason Hullinger discovered that OpenStack Horizon did not properly perform input sanitization on Heat templates. If a user were tricked into using a specially crafted Heat template, an attacker could conduct cross-site scripting attacks. With cross-site scripting vulnerabilities, if a user were tricked into viewing server output during a crafted ...

CVE-2014-3473 CVE-2014-3474 CVE-2014-3475 CVE-2014-3594

USN-2322-1: OpenStack Glance vulnerability - 21st August 2014

Thomas Leaman and Stuart McLaren discovered that OpenStack Glance did not properly honor the image_size_cap configuration option. A remote authenticated attacker could exploit this to cause a denial of service via disk consumption.

CVE-2014-5356

USN-2321-1: OpenStack Neutron vulnerabilities - 21st August 2014

Liping Mao discovered that OpenStack Neutron did not properly handle requests for a large number of allowed address pairs. A remote authenticated attacker could exploit this to cause a denial of service. (CVE-2014-3555) Zhi Kun Liu discovered that OpenStack Neutron incorrectly filtered certain tokens. An attacker could possibly use this ...

CVE-2014-3555 CVE-2014-4615

< Previous   Showing page 2 of 54   Next >
Show: All