Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

< Previous   Showing page 3 of 65   Next >
Show: All  

USN-2814-1: NVIDIA graphics drivers vulnerability - 18th November 2015

It was discovered that the NVIDIA graphics drivers incorrectly sanitized user mode inputs. A local attacker could use this issue to possibly gain root privileges.

CVE-2015-7869

USN-2813-1: LXCFS vulnerabilities - 17th November 2015

It was discovered that LXCFS incorrectly enforced directory escapes. A local attacker could use this issue to possibly escalate privileges. (CVE-2015-1342) It was discovered that LXCFS incorrectly checked certain permissions. A local attacker could use this issue t possibly escalate privileges. (CVE-2015-1344)

CVE-2015-1342 CVE-2015-1344

USN-2812-1: libxml2 vulnerabilities - 16th November 2015

Florian Weimer discovered that libxml2 incorrectly handled certain XML data. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS and Ubuntu 15.04. ...

CVE-2015-1819 CVE-2015-7941 CVE-2015-7942 CVE-2015-8035

USN-2811-1: strongSwan vulnerability - 16th November 2015

It was discovered that the strongSwan eap-mschapv2 plugin incorrectly handled state. A remote attacker could use this issue to bypass authentication.

CVE-2015-8023

USN-2810-1: Kerberos vulnerabilities - 12th November 2015

It was discovered that the Kerberos kpasswd service incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause resource consumption, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS. (CVE-2002-2443) It was discovered that Kerberos incorrectly handled null bytes in certain ...

CVE-2002-2443 CVE-2014-5355 CVE-2015-2694 CVE-2015-2695 CVE-2015-2696 CVE-2015-2697 CVE-2015-2698

USN-2809-1: LXD vulnerability - 12th November 2015

Jeroen Simonetti discovered that LXD incorrectly set socket permissions. A local attacker could use this issue to escalate privileges.

LP: 1515689

USN-2807-1: Linux kernel (Wily HWE) vulnerability - 10th November 2015

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.

CVE-2015-5307

USN-2808-1: wpa_supplicant and hostapd vulnerabilities - 10th November 2015

It was discovered that wpa_supplicant incorrectly handled WMM Sleep Mode Response frame processing. A remote attacker could use this issue to perform broadcast/multicast packet injections, or cause a denial of service. (CVE-2015-5310) It was discovered that wpa_supplicant and hostapd incorrectly handled certain EAP-pwd messages. A remote attacker could use this ...

CVE-2015-5310 CVE-2015-5314 CVE-2015-5315 CVE-2015-5316

USN-2806-1: Linux kernel (Vivid HWE) vulnerability - 9th November 2015

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.

CVE-2015-5307

USN-2805-1: Linux kernel (Utopic HWE) vulnerability - 9th November 2015

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.

CVE-2015-5307

USN-2804-1: Linux kernel (Trusty HWE) vulnerability - 9th November 2015

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.

CVE-2015-5307

USN-2803-1: Linux kernel vulnerability - 9th November 2015

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.

CVE-2015-5307

USN-2802-1: Linux kernel vulnerability - 9th November 2015

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.

CVE-2015-5307

USN-2801-1: Linux kernel vulnerability - 9th November 2015

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.

CVE-2015-5307

USN-2800-1: Linux kernel vulnerability - 9th November 2015

Ben Serebrin discovered that the KVM hypervisor implementation in the Linux kernel did not properly catch Alignment Check exceptions. An attacker in a guest virtual machine could use this to cause a denial of service (system crash) in the host OS.

CVE-2015-5307

USN-2788-2: unzip regression - 9th November 2015

USN-2788-1 fixed vulnerabilities in unzip. One of the security patches caused a regression when extracting 0-byte files. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Gustavo Grieco discovered that unzip incorrectly handled certain password protected archives. If a user or automated system were tricked into ...

LP: 1513293

USN-2799-1: Linux kernel vulnerabilities - 5th November 2015

It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. (CVE-2015-2925) Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB ...

CVE-2015-2925 CVE-2015-5257

USN-2798-1: Linux kernel (Vivid HWE) vulnerabilities - 5th November 2015

It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. (CVE-2015-2925) Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB ...

CVE-2015-2925 CVE-2015-5257

USN-2797-1: Linux kernel (Utopic HWE) vulnerabilities - 5th November 2015

It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing ...

CVE-2015-0272 CVE-2015-2925 CVE-2015-5257 CVE-2015-5283

USN-2796-1: Linux kernel (OMAP4) vulnerabilities - 5th November 2015

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service (system crash). (CVE-2015-7613) It was discovered that the Linux kernel did not check if ...

CVE-2015-0272 CVE-2015-2925 CVE-2015-5257 CVE-2015-7613

USN-2795-1: Linux kernel (Trusty HWE) vulnerabilities - 5th November 2015

It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. (CVE-2015-2925) Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB ...

CVE-2015-2925 CVE-2015-5257

USN-2794-1: Linux kernel vulnerabilities - 5th November 2015

It was discovered that in certain situations, a directory could be renamed outside of a bind mounted location. An attacker could use this to escape bind mount containment and gain access to sensitive information. (CVE-2015-2925) Moein Ghasemzadeh discovered that the USB WhiteHEAT serial driver contained hardcoded attributes about the USB ...

CVE-2015-2925 CVE-2015-5257

USN-2793-1: LibreOffice vulnerabilities - 5th November 2015

Federico Scrinzi discovered that LibreOffice incorrectly handled documents inserted into Writer or Calc via links. If a user were tricked into opening a specially crafted document, a remote attacker could possibly obtain the contents of arbitrary files. (CVE-2015-4551) It was discovered that LibreOffice incorrectly handled PrinterSetup data stored in ODF ...

CVE-2015-4551 CVE-2015-5212 CVE-2015-5213 CVE-2015-5214

USN-2792-1: Linux kernel vulnerabilities - 4th November 2015

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service (system crash). (CVE-2015-7613) It was discovered that the Linux kernel did not check if ...

CVE-2015-0272 CVE-2015-2925 CVE-2015-5257 CVE-2015-7613

USN-2785-1: Firefox vulnerabilities - 4th November 2015

Christian Holler, David Major, Jesse Ruderman, Tyson Smith, Boris Zbarsky, Randell Jesup, Olli Pettay, Karl Tomlinson, Jeff Walden, Gary Kwong, Andrew McCreight, Georg Fritzsche, and Carsten Book discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially ...

CVE-2015-4513 CVE-2015-4514 CVE-2015-4515 CVE-2015-4518 CVE-2015-7181 CVE-2015-7182 CVE-2015-7183 CVE-2015-7187 CVE-2015-7188 CVE-2015-7189 CVE-2015-7193 CVE-2015-7194 CVE-2015-7195 CVE-2015-7196 CVE-2015-7197 CVE-2015-7198 CVE-2015-7199 CVE-2015-7200

USN-2791-1: NSS vulnerabilities - 4th November 2015

Tyson Smith and David Keeler discovered that NSS incorrectly handled decoding certain ASN.1 data. An remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2015-7181 CVE-2015-7182

USN-2790-1: NSPR vulnerability - 4th November 2015

Ryan Sleevi discovered that NSPR incorrectly handled memory allocation. A remote attacker could use this issue to cause NSPR to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2015-7183

USN-2789-1: XScreenSaver vulnerability - 3rd November 2015

It was discovered that XScreenSaver incorrectly handled unplugging an external monitor. An attacker with physical access could use this flaw to gain access to a locked session.

CVE-2015-8025

USN-2788-1: unzip vulnerabilities - 29th October 2015

Gustavo Grieco discovered that unzip incorrectly handled certain password protected archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code. (CVE-2015-7696) Gustavo Grieco discovered that unzip incorrectly handled certain malformed archives. If a user or automated system ...

CVE-2015-7696 CVE-2015-7697

USN-2787-1: audiofile vulnerability - 28th October 2015

Fabrizio Gennari discovered that audiofile incorrectly handled changing both the sample format and the number of channels. If a user or automated system were tricked into processing a specially crafted file, audiofile could be made to crash, leading to a denial of service, or possibly execute arbitrary code.

CVE-2015-7747

USN-2786-1: PHP vulnerabilities - 28th October 2015

It was discovered that the PHP phar extension incorrectly handled certain files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2015-7803, CVE-2015-7804)

CVE-2015-7803 CVE-2015-7804

USN-2784-1: OpenJDK 7 vulnerabilities - 28th October 2015

Multiple vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2015-4805, CVE-2015-4835, CVE-2015-4843, CVE-2015-4844, CVE-2015-4860, CVE-2015-4868, CVE-2015-4881, CVE-2015-4883) A vulnerability was discovered in the OpenJDK JRE ...

CVE-2015-4734 CVE-2015-4803 CVE-2015-4805 CVE-2015-4806 CVE-2015-4835 CVE-2015-4840 CVE-2015-4842 CVE-2015-4843 CVE-2015-4844 CVE-2015-4860 CVE-2015-4868 CVE-2015-4872 CVE-2015-4881 CVE-2015-4882 CVE-2015-4883 CVE-2015-4893 CVE-2015-4903 CVE-2015-4911

USN-2783-1: NTP vulnerabilities - 27th October 2015

Aleksis Kauppinen discovered that NTP incorrectly handled certain remote config packets. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2015-5146) Miroslav Lichvar discovered that NTP incorrectly handled logconfig directives. In a non-default configuration, a ...

CVE-2015-5146 CVE-2015-5194 CVE-2015-5195 CVE-2015-5196 CVE-2015-5219 CVE-2015-5300 CVE-2015-7691 CVE-2015-7692 CVE-2015-7701 CVE-2015-7702 CVE-2015-7703 CVE-2015-7704 CVE-2015-7705 CVE-2015-7850 CVE-2015-7852 CVE-2015-7853 CVE-2015-7855 CVE-2015-7871

USN-2782-1: Apport vulnerability - 27th October 2015

Gabriel Campana discovered that Apport incorrectly handled Python module imports. A local attacker could use this issue to elevate privileges.

CVE-2015-1341

USN-2781-1: MySQL vulnerabilities - 26th October 2015

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.46 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 15.04 and Ubuntu 15.10 have been updated to MySQL 5.6.27. In addition to security fixes, the ...

CVE-2015-4730 CVE-2015-4766 CVE-2015-4792 CVE-2015-4800 CVE-2015-4802 CVE-2015-4815 CVE-2015-4816 CVE-2015-4819 CVE-2015-4826 CVE-2015-4830 CVE-2015-4833 CVE-2015-4836 CVE-2015-4858 CVE-2015-4861 CVE-2015-4862 CVE-2015-4864 CVE-2015-4866 CVE-2015-4870 CVE-2015-4879 CVE-2015-4890 CVE-2015-4895 CVE-2015-4904 CVE-2015-4910 CVE-2015-4913

USN-2780-2: MiniUPnP vulnerability - 23rd October 2015

USN-2780-1 fixed a vulnerability in the MiniUPnP library in Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 15.04. This update provides the corresponding update for Ubuntu 15.10. Original advisory details: Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionality of the MiniUPnP library. A remote attacker could ...

CVE-2015-6031

USN-2770-2: Oxide vulnerabilities - 22nd October 2015

USN-2770-1 fixed vulnerabilities in Oxide in Ubuntu 14.04 LTS and Ubuntu 15.04. This update provides the corresponding updates for Ubuntu 15.10. Original advisory details: It was discovered that ContainerNode::parserInsertBefore in Blink would incorrectly proceed with a DOM tree insertion in some circumstances. If a user were tricked in to opening ...

CVE-2015-6755 CVE-2015-6757 CVE-2015-6759 CVE-2015-6761 CVE-2015-6762 CVE-2015-6763 CVE-2015-7834

USN-2780-1: MiniUPnP vulnerability - 20th October 2015

Aleksandar Nikolic discovered a buffer overflow vulnerability in the XML parser functionality of the MiniUPnP library. A remote attacker could use this to cause a denial of service (application crash) or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library.

CVE-2015-6031

USN-2770-1: Oxide vulnerabilities - 20th October 2015

It was discovered that ContainerNode::parserInsertBefore in Blink would incorrectly proceed with a DOM tree insertion in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same origin restrictions. (CVE-2015-6755) A use-after-free was discovered in the service worker ...

CVE-2015-6755 CVE-2015-6757 CVE-2015-6759 CVE-2015-6761 CVE-2015-6762 CVE-2015-6763 CVE-2015-7834

USN-2779-1: Linux kernel vulnerabilities - 20th October 2015

It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing ...

CVE-2015-0272 CVE-2015-5156 CVE-2015-6937 CVE-2015-7312

USN-2778-1: Linux kernel (Vivid HWE) vulnerabilities - 20th October 2015

It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing ...

CVE-2015-0272 CVE-2015-5156 CVE-2015-6937 CVE-2015-7312

USN-2777-1: Linux kernel (Utopic HWE) vulnerabilities - 19th October 2015

It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service (system crash) or possibly execute code with administrative privileges. (CVE-2015-5156) Benjamin Randazzo discovered an information leak in the ...

CVE-2015-5156 CVE-2015-5697 CVE-2015-6252 CVE-2015-6937 CVE-2015-7312

USN-2776-1: Linux kernel vulnerabilities - 19th October 2015

It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing ...

CVE-2015-0272 CVE-2015-5156 CVE-2015-6937 CVE-2015-7312

USN-2775-1: Linux kernel (Trusty HWE) vulnerabilities - 19th October 2015

It was discovered that the Linux kernel did not check if a new IPv6 MTU set by a user space application was valid. A remote attacker could forge a route advertisement with an invalid MTU that a user space daemon like NetworkManager would honor and apply to the kernel, causing ...

CVE-2015-0272 CVE-2015-5156 CVE-2015-6937 CVE-2015-7312

USN-2774-1: Linux kernel (OMAP4) vulnerabilities - 19th October 2015

It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service (system crash) or possibly execute code with administrative privileges. (CVE-2015-5156) It was discovered that the Reliable Datagram Sockets ...

CVE-2015-5156 CVE-2015-6937

USN-2773-1: Linux kernel vulnerabilities - 19th October 2015

It was discovered that virtio networking in the Linux kernel did not handle fragments correctly, leading to kernel memory corruption. A remote attacker could use this to cause a denial of service (system crash) or possibly execute code with administrative privileges. (CVE-2015-5156) It was discovered that the Reliable Datagram Sockets ...

CVE-2015-5156 CVE-2015-6937

USN-2768-1: Firefox vulnerability - 16th October 2015

Abdulrahman Alqabandi and Ben Kelly discovered that the fetch() API did not correctly implement the Cross Origin Resource Sharing (CORS) specification. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive information from other origins. (CVE-2015-7184)

CVE-2015-7184

USN-2772-1: PostgreSQL vulnerabilities - 16th October 2015

Josh Kupershmidt discovered the pgCrypto extension could expose several bytes of server memory if the crypt() function was provided a too-short salt. An attacker could use this flaw to read private data. (CVE-2015-5288) Oskari Saarenmaa discovered that the json and jsonb handlers could exhaust available stack space. An attacker could ...

CVE-2015-5288 CVE-2015-5289

USN-2771-1: Click vulnerability - 15th October 2015

It was discovered that click did not properly perform input sanitization during click package installation. If a user were tricked into installing a crafted click package, a remote attacker could exploit this to escalate privileges by tricking click into installing lenient security policy for the installed application.

CVE-2015-8768 LP: 1506467

USN-2709-2: pollinate update - 14th October 2015

USN-2709-1 updated pollinate's certificate for entropy.ubuntu.com but did not include a new certificate authority certificate. This update fixes the problem. We apologize for the inconvenience. Original advisory details: The pollinate package bundles the certificate for entropy.ubuntu.com. This update refreshes the certificate to match the new certificate for the server.

LP: 1506238

< Previous   Showing page 3 of 65   Next >
Show: All