Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Show: All  

USN-2071-1: Linux kernel vulnerabilities - 3rd January 2014

Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. (CVE-2013-2930) Stephan Mueller reported an error in the Linux kernel's ansi ...

CVE-2013-2930 CVE-2013-4345 CVE-2013-4511 CVE-2013-4513 CVE-2013-4514 CVE-2013-4515 CVE-2013-6383 CVE-2013-6763 CVE-2013-7027

USN-2070-1: Linux kernel (Saucy HWE) vulnerabilities - 3rd January 2014

Vasily Kulikov reported a flaw in the Linux kernel's implementation of ptrace. An unprivileged local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2929) Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function ...

CVE-2013-2929 CVE-2013-2930 CVE-2013-4345 CVE-2013-4348 CVE-2013-4511 CVE-2013-4513 CVE-2013-4514 CVE-2013-4515 CVE-2013-4516 CVE-2013-6378 CVE-2013-6380 CVE-2013-6383 CVE-2013-6763 CVE-2013-7026

USN-2069-1: Linux kernel (Raring HWE) vulnerabilities - 3rd January 2014

Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to cause a denial of service (system crash) or possibly gain administrative privileges. (CVE-2013-4470) Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in ...

CVE-2013-4470 CVE-2013-4511 CVE-2013-4513 CVE-2013-4514 CVE-2013-4515 CVE-2013-4516 CVE-2013-6383 CVE-2013-6763 CVE-2013-7027

USN-2068-1: Linux kernel (Quantal HWE) vulnerabilities - 3rd January 2014

Dave Jones and Vince Weaver reported a flaw in the Linux kernel's per event subsystem that allows normal users to enable function tracing. An unprivileged local user could exploit this flaw to obtain potentially sensitive information from the kernel. (CVE-2013-2930) Stephan Mueller reported an error in the Linux kernel's ansi ...

CVE-2013-2930 CVE-2013-4345 CVE-2013-4511 CVE-2013-4513 CVE-2013-4514 CVE-2013-4515 CVE-2013-6383 CVE-2013-6763 CVE-2013-7027

USN-2067-1: Linux kernel (OMAP4) vulnerabilities - 3rd January 2014

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299) Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to ...

CVE-2013-4299 CVE-2013-4470 CVE-2013-4511 CVE-2013-4514 CVE-2013-4515 CVE-2013-4592 CVE-2013-6282 CVE-2013-6378 CVE-2013-6383 CVE-2013-6763 CVE-2013-7027

USN-2066-1: Linux kernel vulnerabilities - 3rd January 2014

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299) Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to ...

CVE-2013-4299 CVE-2013-4470 CVE-2013-4511 CVE-2013-4514 CVE-2013-4515 CVE-2013-4592 CVE-2013-6378 CVE-2013-6383 CVE-2013-6763 CVE-2013-7027

USN-2065-1: Linux kernel (EC2) vulnerabilities - 3rd January 2014

Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. (CVE-2013-4345) A flaw was discovered in the Linux kernel's IP Virtual Server (IP_VS) support. A local user with the CAP_NET_ADMIN capability could exploit ...

CVE-2013-4345 CVE-2013-4588 CVE-2013-6378 CVE-2013-6763

USN-2064-1: Linux kernel vulnerabilities - 3rd January 2014

Stephan Mueller reported an error in the Linux kernel's ansi cprng random number generator. This flaw makes it easier for a local attacker to break cryptographic protections. (CVE-2013-4345) A flaw was discovered in the Linux kernel's IP Virtual Server (IP_VS) support. A local user with the CAP_NET_ADMIN capability could exploit ...

CVE-2013-4345 CVE-2013-4588 CVE-2013-6378 CVE-2013-6763

USN-2063-1: NSS vulnerability - 20th December 2013

It was discovered that an intermediate certificate was incorrectly issued by a subordinate certificate authority of a trusted CA included in NSS. This intermediate certificate could be used in a man-in-the-middle attack, and has such been marked as untrusted in this update.

LP: 1263135

USN-2062-1: OpenStack Horizon vulnerability - 19th December 2013

Chris Chapman discovered cross-site scripting (XSS) vulnerabilities in Horizon via the Volumes and Network Topology pages. An authenticated attacker could exploit these to conduct stored cross-site scripting (XSS) attacks against users viewing these pages in order to modify the contents or steal confidential data within the same domain.

CVE-2013-6858

USN-2061-1: OpenStack Keystone vulnerability - 19th December 2013

Steven Hardy discovered that Keystone did not properly enforce trusts when using the ec2tokens API. An authenticated attacker could exploit this to retrieve a token not scoped to the trust and elevate privileges to the trustor's roles.

CVE-2013-6391

USN-2060-1: libjpeg, libjpeg-turbo vulnerabilities - 19th December 2013

Michal Zalewski discovered that libjpeg and libjpeg-turbo incorrectly handled certain memory operations. An attacker could use this issue with a specially-crafted JPEG file to possibly expose sensitive information.

CVE-2013-6629 CVE-2013-6630

USN-2059-1: GnuPG vulnerability - 18th December 2013

Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an adaptive chosen ciphertext attack via acoustic emanations. A local attacker could use this attack to possibly recover private keys.

CVE-2013-4576

USN-2058-1: curl vulnerability - 18th December 2013

Marc Deslauriers discovered that libcurl incorrectly verified CN and SAN name fields when digital signature verification was disabled in the GnuTLS backend. When libcurl is being used in this uncommon way by specific applications, an attacker could exploit this to perform a man in the middle attack to view sensitive ...

CVE-2013-6422

USN-2057-1: Qt vulnerability - 17th December 2013

It was discovered that QXmlSimpleReader in Qt incorrectly handled XML entity expansion. An attacker could use this flaw to cause Qt applications to consume large amounts of resources, resulting in a denial of service.

CVE-2013-4549

USN-2056-1: DjVuLibre vulnerability - 16th December 2013

It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, applications could be made to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2012-6535

USN-2055-1: PHP vulnerabilities - 12th December 2013

Stefan Esser discovered that PHP incorrectly parsed certificates. An attacker could use a malformed certificate to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-6420) It was discovered that PHP incorrectly handled DateInterval objects. An attacker could use this issue to cause PHP ...

CVE-2013-6420 CVE-2013-6712

USN-2053-1: Thunderbird vulnerabilities - 11th December 2013

Ben Turner, Bobby Holley, Jesse Ruderman and Christian Holler discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code ...

CVE-2013-5609 CVE-2013-5613 CVE-2013-5615 CVE-2013-5616 CVE-2013-5618 CVE-2013-6629 CVE-2013-6630 CVE-2013-6671 CVE-2013-6673 LP: 1258653

USN-2052-1: Firefox vulnerabilities - 11th December 2013

Ben Turner, Bobby Holley, Jesse Ruderman, Christian Holler and Christoph Diehl discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary code with ...

CVE-2013-5609 CVE-2013-5610 CVE-2013-5611 CVE-2013-5612 CVE-2013-5613 CVE-2013-5614 CVE-2013-5615 CVE-2013-5616 CVE-2013-5618 CVE-2013-5619 CVE-2013-6629 CVE-2013-6630 CVE-2013-6671 CVE-2013-6672 CVE-2013-6673 LP: 1258513

USN-2054-1: Samba vulnerabilities - 11th December 2013

It was discovered that Winbind incorrectly handled invalid group names with the require_membership_of parameter. If an administrator used an invalid group name by mistake, access was granted instead of having the login fail. (CVE-2012-6150) Stefan Metzmacher and Michael Adam discovered that Samba incorrectly handled DCE-RPC fragment length fields. A remote ...

CVE-2012-6150 CVE-2013-4408 CVE-2013-4475

USN-2051-1: GIMP vulnerability - 9th December 2013

Murray McAllister discovered that GIMP incorrectly handled malformed XWD files. If a user were tricked into opening a specially crafted XWD file, an attacker could cause GIMP to crash, or possibly execute arbitrary code with the user's privileges.

CVE-2013-1913 CVE-2013-1978

USN-2050-1: Linux kernel (OMAP4) vulnerabilities - 7th December 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) Dan Carpenter discovered an information ...

CVE-2013-0343 CVE-2013-2147 CVE-2013-2888 CVE-2013-2889 CVE-2013-2892 CVE-2013-2893 CVE-2013-2895 CVE-2013-2896 CVE-2013-2897 CVE-2013-2899 CVE-2013-4299 CVE-2013-4350 CVE-2013-4387 CVE-2013-4470

USN-2049-1: Linux kernel vulnerabilities - 7th December 2013

Miroslav Vadkerti discovered a flaw in how the permissions for network sysctls are handled in the Linux kernel. An unprivileged local user could exploit this flaw to have privileged access to files in /proc/sys/net/. (CVE-2013-4270) A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user ...

CVE-2013-4270 CVE-2013-4299 CVE-2013-4343 CVE-2013-4350 CVE-2013-4387 CVE-2013-4470

USN-2048-2: curl regression - 6th December 2013

USN-2048-1 fixed a vulnerability in curl. The security fix uncovered a bug in the curl command line tool which resulted in the --insecure (-k) option not working as intended. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Scott Cantor discovered that libcurl incorrectly verified CN ...

LP: 1258366

USN-2048-1: curl vulnerability - 5th December 2013

Scott Cantor discovered that libcurl incorrectly verified CN and SAN name fields when digital signature verification was disabled. When libcurl is being used in this uncommon way by specific applications, an attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted ...

CVE-2013-4545

USN-2047-1: pixman vulnerability - 3rd December 2013

Bryan Quigley discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, an attacker could cause a denial of service via application crash.

LP: 1197921

USN-2046-1: Linux kernel (OMAP4) vulnerabilities - 3rd December 2013

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299) Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to ...

CVE-2013-4299 CVE-2013-4470

USN-2045-1: Linux kernel vulnerabilities - 3rd December 2013

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299) Alan Chester reported a flaw in the IPv6 Stream Control Transmission Protocol (SCTP) of the Linux kernel. A remote attacker could exploit this ...

CVE-2013-4299 CVE-2013-4350 CVE-2013-4387

USN-2044-1: Linux kernel (OMAP4) vulnerabilities - 3rd December 2013

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299) Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to ...

CVE-2013-4299 CVE-2013-4470

USN-2043-1: Linux kernel vulnerabilities - 3rd December 2013

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299) Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmentation Offload (UFO). An unprivileged local user could exploit this flaw to ...

CVE-2013-4299 CVE-2013-4470

USN-2042-1: Linux kernel (Saucy HWE) vulnerabilities - 3rd December 2013

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299) Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmenttation Offload (UFO). An unprivileged local user could exploit this flaw to ...

CVE-2013-4299 CVE-2013-4470

USN-2041-1: Linux kernel (Raring HWE) vulnerabilities - 3rd December 2013

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299) Alan Chester reported a flaw in the IPv6 Stream Control Transmission Protocol (SCTP) of the Linux kernel. A remote attacker could exploit this ...

CVE-2013-4299 CVE-2013-4350 CVE-2013-4387

USN-2040-1: Linux kernel (Quantal HWE) vulnerabilities - 3rd December 2013

A flaw was discovered in the Linux kernel's dm snapshot facility. A remote authenticated user could exploit this flaw to obtain sensitive information or modify/corrupt data. (CVE-2013-4299) Hannes Frederic Sowa discovered a flaw in the Linux kernel's UDP Fragmenttation Offload (UFO). An unprivileged local user could exploit this flaw to ...

CVE-2013-4299 CVE-2013-4470

USN-2039-1: Linux kernel (OMAP4) vulnerabilities - 3rd December 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) A flaw was discovered in ...

CVE-2013-0343 CVE-2013-2140 CVE-2013-2888 CVE-2013-2889 CVE-2013-2892 CVE-2013-2893 CVE-2013-2895 CVE-2013-2896 CVE-2013-2897 CVE-2013-2899 CVE-2013-4350 CVE-2013-4387

USN-2038-1: Linux kernel vulnerabilities - 3rd December 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) A flaw was discovered in ...

CVE-2013-0343 CVE-2013-2140 CVE-2013-2888 CVE-2013-2889 CVE-2013-2892 CVE-2013-2893 CVE-2013-2895 CVE-2013-2896 CVE-2013-2897 CVE-2013-2899 CVE-2013-4350 CVE-2013-4387

USN-2037-1: Linux kernel (EC2) vulnerabilities - 3rd December 2013

A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux ...

CVE-2012-2121 CVE-2013-4511

USN-2036-1: Linux kernel vulnerabilities - 3rd December 2013

A flaw was discovered in the Linux kernel's KVM (kernel virtual machine). An administrative user in the guest OS could leverage this flaw to cause a denial of service in the host OS. (CVE-2012-2121) Multiple integer overflow flaws were discovered in the Alchemy LCD frame- buffer drivers in the Linux ...

CVE-2012-2121 CVE-2013-4511

USN-2035-1: Ruby vulnerabilities - 27th November 2013

Charlie Somerville discovered that Ruby incorrectly handled floating point number conversion. An attacker could possibly use this issue with an application that converts text to floating point numbers to cause the application to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-4164) Vit Ondruch discovered that ...

CVE-2013-2065 CVE-2013-4164

USN-2034-1: OpenStack Keystone vulnerability - 25th November 2013

Brant Knudson discovered a logic error in the LDAP backend in Keystone where removing a role on a tenant for a user who does not have that role would instead add the role to the user. An authenticated user could use this to gain privileges. Ubuntu is not configured to ...

CVE-2013-4477

USN-2033-1: OpenJDK 6 vulnerabilities - 21st November 2013

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit these to expose sensitive data over the network. (CVE-2013-3829, CVE-2013-5783, CVE-2013-5804) Several vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial ...

CVE-2013-3829 CVE-2013-4002 CVE-2013-5772 CVE-2013-5774 CVE-2013-5778 CVE-2013-5780 CVE-2013-5782 CVE-2013-5783 CVE-2013-5784 CVE-2013-5790 CVE-2013-5797 CVE-2013-5802 CVE-2013-5803 CVE-2013-5804 CVE-2013-5809 CVE-2013-5814 CVE-2013-5817 CVE-2013-5820 CVE-2013-5823 CVE-2013-5825 CVE-2013-5829 CVE-2013-5830 CVE-2013-5840 CVE-2013-5842 CVE-2013-5849 CVE-2013-5850 CVE-2013-5851

USN-2032-1: Thunderbird vulnerabilities - 21st November 2013

Multiple security issues were discovered in Thunderbird. If a user were tricked into connecting to a malicious server, an attacker could possibly exploit these to cause a denial of service via application crash, potentially execute arbitrary code, or lead to information disclosure. (CVE-2013-1741, CVE-2013-2566, CVE-2013-5605, CVE-2013-5607)

CVE-2013-1741 CVE-2013-2566 CVE-2013-5605 CVE-2013-5607 LP: 1253027

USN-2031-1: Firefox vulnerabilities - 20th November 2013

Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, potentially execute arbitrary code, or lead to information disclosure. (CVE-2013-1741, CVE-2013-2566, CVE-2013-5605, CVE-2013-5607)

CVE-2013-1741 CVE-2013-2566 CVE-2013-5605 CVE-2013-5607 LP: 1251576

USN-2030-1: NSS vulnerabilities - 18th November 2013

Multiple security issues were discovered in NSS. If a user were tricked into connecting to a malicious server, an attacker could possibly exploit these to cause a denial of service via application crash, potentially execute arbitrary code, or lead to information disclosure. This update also adds TLS v1.2 support to ...

CVE-2013-1739 CVE-2013-1741 CVE-2013-5605 CVE-2013-5606

USN-2029-1: Apache Commons FileUpload vulnerability - 13th November 2013

It was discovered that Apache Commons FileUpload incorrectly handled file names with NULL bytes in serialized instances. An attacker could use this issue to possibly write to arbitrary files.

CVE-2013-2186

USN-2028-1: Apache XML Security for Java vulnerability - 12th November 2013

James Forshaw discovered that Apache XML Security for Java incorrectly validated CanonicalizationMethod parameters. An attacker could use this flaw to spoof XML signatures.

CVE-2013-2172

USN-2027-1: SPICE vulnerability - 12th November 2013

Tomas Jamrisko discovered that SPICE incorrectly handled long passwords in SPICE tickets. An attacker could use this issue to cause the SPICE server to crash, resulting in a denial of service.

CVE-2013-4282

USN-2026-1: libvirt vulnerability - 11th November 2013

It was discovered that libvirt incorrectly checked privileges when the virConnectDomainXMLToNative API function was used. An attacker could possibly use this flaw to gain write privileges, contrary to expected behaviour.

CVE-2013-4401

USN-2025-1: Libav vulnerabilities - 11th November 2013

It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

LP: 1249621

USN-2024-1: Linux kernel (OMAP4) vulnerabilities - 8th November 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) Kees Cook discovered flaw in ...

CVE-2013-0343 CVE-2013-2888 CVE-2013-2889 CVE-2013-2892 CVE-2013-2893 CVE-2013-2895 CVE-2013-2896 CVE-2013-2897 CVE-2013-2899 CVE-2013-4350 CVE-2013-4387

USN-2023-1: Linux kernel vulnerabilities - 8th November 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) Dan Carpenter discovered an information ...

CVE-2013-0343 CVE-2013-2147 CVE-2013-2889 CVE-2013-2893 CVE-2013-2894 CVE-2013-2895 CVE-2013-2897 CVE-2013-4343

Show: All