Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Show: All  

USN-2022-1: Linux kernel (OMAP4) vulnerabilities - 8th November 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) Kees Cook discovered flaw in ...

CVE-2013-0343 CVE-2013-2888 CVE-2013-2889 CVE-2013-2892 CVE-2013-2893 CVE-2013-2895 CVE-2013-2896 CVE-2013-2897 CVE-2013-2899 CVE-2013-4350 CVE-2013-4387

USN-2021-1: Linux kernel vulnerabilities - 8th November 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) Kees Cook discovered flaw in ...

CVE-2013-0343 CVE-2013-2888 CVE-2013-2889 CVE-2013-2892 CVE-2013-2893 CVE-2013-2895 CVE-2013-2896 CVE-2013-2897 CVE-2013-2899 CVE-2013-4350 CVE-2013-4387

USN-2020-1: Linux kernel (Raring HWE) vulnerabilities - 8th November 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) Dan Carpenter discovered an information ...

CVE-2013-0343 CVE-2013-2147 CVE-2013-2889 CVE-2013-2893 CVE-2013-2894 CVE-2013-2895 CVE-2013-2897 CVE-2013-4270 CVE-2013-4343

USN-2019-1: Linux kernel (Quantal HWE) vulnerabilities - 8th November 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) Kees Cook discovered flaw in ...

CVE-2013-0343 CVE-2013-2888 CVE-2013-2889 CVE-2013-2892 CVE-2013-2893 CVE-2013-2895 CVE-2013-2896 CVE-2013-2897 CVE-2013-2899 CVE-2013-4350 CVE-2013-4387

USN-2018-1: Linux kernel (OMAP4) vulnerabilities - 8th November 2013

A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. (CVE-2012-5374) A denial of service flaw was discovered in ...

CVE-2012-5374 CVE-2012-5375 CVE-2013-2147

USN-2017-1: Linux kernel vulnerabilities - 8th November 2013

A denial of service flaw was discovered in the Btrfs file system in the Linux kernel. A local user could cause a denial of service by creating a large number of files with names that have the same CRC32 hash value. (CVE-2012-5374) A denial of service flaw was discovered in ...

CVE-2012-5374 CVE-2012-5375 CVE-2013-2147

USN-2016-1: Linux kernel (EC2) vulnerabilities - 8th November 2013

Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147) Kees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. ...

CVE-2013-2147 CVE-2013-2889 CVE-2013-2893 CVE-2013-2897 CVE-2013-4299

USN-2015-1: Linux kernel vulnerabilities - 8th November 2013

Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory. (CVE-2013-2147) Kees Cook discovered flaw in the Human Interface Device (HID) subsystem when CONFIG_HID_ZEROPLUS is enabled. ...

CVE-2013-2147 CVE-2013-2889 CVE-2013-2893 CVE-2013-2897 CVE-2013-4299

USN-2014-1: OpenSSH vulnerability - 8th November 2013

Markus Friedl discovered that OpenSSH incorrectly handled memory when the AES-GCM cipher was used. A remote authenticated attacker could use this issue to execute arbitrary code as their user, possibly bypassing shell or command restrictions.

CVE-2013-4548

USN-2013-1: MAAS vulnerabilities - 6th November 2013

It was discovered that maas-import-pxe-files incorrectly loaded configuration information from the current working directory. A local attacker could execute code as an administrator if maas-import-pxe-files were run from an attacker-controlled directory. (CVE-2013-1057) It was discovered that maas-import-pxe-files doesn't cryptographically verify downloaded content. An attacker could modify images without detection. (CVE-2013-1058)

CVE-2013-1057 CVE-2013-1058

USN-2012-1: Light Display Manager vulnerability - 6th November 2013

Christian Prim discovered that Light Display Manager incorrectly applied the AppArmor security profile when the Guest account is used. A local attacker could use this issue to possibly gain access to sensitive information.

CVE-2013-4459

USN-2011-1: Libav vulnerabilities - 4th November 2013

It was discovered that Libav incorrectly handled certain malformed media files. If a user were tricked into opening a crafted media file, an attacker could cause a denial of service via application crash, or possibly execute arbitrary code with the privileges of the user invoking the program.

LP: 1242802

USN-2010-1: Thunderbird vulnerabilities - 31st October 2013

Multiple memory safety issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted message with scripting enabled, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking ...

CVE-2013-1739 CVE-2013-5590 CVE-2013-5591 CVE-2013-5593 CVE-2013-5595 CVE-2013-5596 CVE-2013-5597 CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 CVE-2013-5602 CVE-2013-5603 CVE-2013-5604 LP: 1245422

USN-2009-1: Firefox vulnerabilities - 29th October 2013

Multiple memory safety issues were discovered in Firefox. If a user were tricked in to opening a specially crafted page, an attacker could possibly exploit these to cause a denial of service via application crash, or potentially execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2013-1739, CVE-2013-5590, ...

CVE-2013-1739 CVE-2013-5590 CVE-2013-5591 CVE-2013-5592 CVE-2013-5593 CVE-2013-5595 CVE-2013-5596 CVE-2013-5597 CVE-2013-5598 CVE-2013-5599 CVE-2013-5600 CVE-2013-5601 CVE-2013-5602 CVE-2013-5603 CVE-2013-5604 LP: 1245414

USN-2008-1: Suds vulnerability - 24th October 2013

Ralph Loader discovered that Suds incorrectly handled temporary files. A local attacker could possibly use this issue to overwrite arbitrary files. In the default installation of Ubuntu, this should be prevented by the Yama link restrictions.

CVE-2013-2217

USN-2007-1: Apport vulnerability - 24th October 2013

Martin Carpenter discovered that Apport set incorrect permissions on core dump files generated by setuid binaries. A local attacker could possibly use this issue to obtain privileged information.

CVE-2013-1067

USN-2006-1: MySQL vulnerabilities - 24th October 2013

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.1.72 in Ubuntu 10.04 LTS. Ubuntu 12.04 LTS, Ubuntu 12.10, Ubuntu 13.04 and Ubuntu 13.10 have been updated to MySQL 5.5.34. In addition to security fixes, ...

CVE-2013-3839 CVE-2013-5807

USN-2005-1: Cinder vulnerabilities - 23rd October 2013

Rongze Zhu discovered that the Cinder LVM driver did not zero out data when deleting snapshots. This could expose sensitive information to authenticated users when subsequent servers use the volume. (CVE-2013-4183) Grant Murphy discovered that Cinder would allow XML entity processing. A remote unauthenticated attacker could exploit this using the ...

CVE-2013-4179 CVE-2013-4183 CVE-2013-4202

USN-2004-1: python-glanceclient vulnerability - 23rd October 2013

Thomas Leaman discovered that the Python client library for Glance did not properly verify SSL certificates. A remote attacker could exploit this to perform a man in the middle attack.

CVE-2013-4111

USN-2000-1: Nova vulnerabilities - 23rd October 2013

It was discovered that Nova did not properly enforce the is_public property when determining flavor access. An authenticated attacker could exploit this to obtain sensitive information in private flavors. This issue only affected Ubuntu 12.10 and 13.10. (CVE-2013-2256, CVE-2013-4278) Grant Murphy discovered that Nova would allow XML entity processing. A ...

CVE-2013-2256 CVE-2013-4179 CVE-2013-4185 CVE-2013-4261 CVE-2013-4278

USN-2002-1: Keystone vulnerabilities - 23rd October 2013

Chmouel Boudjnah discovered that Keystone did not properly invalidate user tokens when a tenant was disabled which allowed an authenticated user to retain access via the token. (CVE-2013-4222) Kieran Spear discovered that Keystone did not properly verify PKI tokens when performing revocation when using the memcache and KVS backends. An ...

CVE-2013-4222 CVE-2013-4294

USN-2003-1: Glance vulnerability - 23rd October 2013

Stuart McLaren discovered that Glance did not properly enforce the 'download_image' policy for cached images. An authenticated user could exploit this to obtain sensitive information in an image protected by this setting.

CVE-2013-4428

USN-2001-1: Swift vulnerability - 23rd October 2013

Peter Portante discovered that Swift did not properly handle requests with old X-Timestamp values. An authenticated attacker could exploit this to cause a denial of service via disk consumption.

CVE-2013-4155

USN-1999-1: Linux kernel (OMAP4) vulnerability - 22nd October 2013

Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.

CVE-2013-2147

USN-1998-1: Linux kernel vulnerabilities - 21st October 2013

An information leak was discovered in the Linux kernel when reading broadcast messages from the notify_policy interface of the IPSec key_socket. A local user could exploit this flaw to examine potentially sensitive information in kernel memory. (CVE-2013-2237) Kees Cook discovered flaw in the Human Interface Device (HID) subsystem of the ...

CVE-2013-2237 CVE-2013-2888 CVE-2013-2892 CVE-2013-2896 CVE-2013-2898 CVE-2013-2899 CVE-2013-4300

USN-1997-1: Linux kernel (OMAP4) vulnerability - 21st October 2013

Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.

CVE-2013-2147

USN-1996-1: Linux kernel vulnerability - 21st October 2013

Dan Carpenter discovered an information leak in the HP Smart Array and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.

CVE-2013-2147

USN-1995-1: Linux kernel (Raring HWE) vulnerabilities - 21st October 2013

An information leak was discovered in the Linux kernel when reading broadcast messages from the notify_policy interface of the IPSec key_socket. A local user could exploit this flaw to examine potentially sensitive information in kernel memory. (CVE-2013-2237) Kees Cook discovered flaw in the Human Interface Device (HID) subsystem of the ...

CVE-2013-2237 CVE-2013-2888 CVE-2013-2892 CVE-2013-2896 CVE-2013-2898 CVE-2013-2899 CVE-2013-4300

USN-1994-1: Linux kernel (Quantal HWE) vulnerability - 21st October 2013

Dan Carpenter discovered an information leak in the HP Smart Aray and Compaq SMART2 disk-array driver in the Linux kernel. A local user could exploit this flaw to obtain sensitive information from kernel memory.

CVE-2013-2147

USN-1993-1: Linux kernel (OMAP4) vulnerability - 21st October 2013

An information leak was discovered in the Linux kernel when reading broadcast messages from the notify_policy interface of the IPSec key_socket. A local user could exploit this flaw to examine potentially sensitive information in kernel memory.

CVE-2013-2237

USN-1992-1: Linux kernel vulnerability - 21st October 2013

An information leak was discovered in the Linux kernel when reading broadcast messages from the notify_policy interface of the IPSec key_socket. A local user could exploit this flaw to examine potentially sensitive information in kernel memory.

CVE-2013-2237

USN-1991-1: GNU C Library vulnerabilities - 21st October 2013

It was discovered that the GNU C Library incorrectly handled the strcoll() function. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. (CVE-2012-4412, CVE-2012-4424) It was discovered that the GNU C Library incorrectly handled multibyte characters in the regular expression matcher. An ...

CVE-2012-4412 CVE-2012-4424 CVE-2013-0242 CVE-2013-1914 CVE-2013-4237 CVE-2013-4332

USN-1990-1: X.Org X server vulnerabilities - 17th October 2013

Pedro Ribeiro discovered that the X.Org X server incorrectly handled memory operations when handling ImageText requests. An attacker could use this issue to cause X.Org to crash, or to possibly execute arbitrary code. (CVE-2013-4396) It was discovered that non-root X.Org X servers such as Xephyr incorrectly used cached xkb files. ...

CVE-2013-1056 CVE-2013-4396

USN-1989-1: ICU vulnerabilities - 15th October 2013

It was discovered that ICU contained a race condition affecting multi- threaded applications. If an application using ICU processed crafted data, an attacker could cause it to crash or potentially execute arbitrary code with the privileges of the user invoking the program. This issue only affected Ubuntu 12.04 LTS and ...

CVE-2013-0900 CVE-2013-2924

USN-1988-1: Cyrus SASL vulnerability - 9th October 2013

It was discovered that Cyrus SASL incorrectly handled certain invalid password salts. An attacker could use this issue to cause Cyrus SASL to crash, resulting in a denial of service.

CVE-2013-4122

USN-1987-1: GnuPG vulnerabilities - 9th October 2013

Daniel Kahn Gillmor discovered that GnuPG treated keys with empty usage flags as being valid for all usages. (CVE-2013-4351) Taylor R Campbell discovered that GnuPG incorrectly handled certain OpenPGP messages. If a user or automated system were tricked into processing a specially-crafted message, GnuPG could consume resources, resulting in a ...

CVE-2013-4351 CVE-2013-4402

USN-1986-1: Network Audio System (NAS) vulnerabilities - 1st October 2013

Hamid Zamani discovered multiple security issues in the Network Audio System (NAS) server. An attacker could possibly use these issues to cause a denial of service or execute arbitrary code. (CVE-2013-4256, CVE-2013-4257)

CVE-2013-4256 CVE-2013-4257

USN-1985-1: Python 3.3 vulnerabilities - 1st October 2013

Florian Weimer discovered that Python incorrectly handled matching multiple wildcards in ssl certificate hostnames. An attacker could exploit this to cause Python to consume resources, resulting in a denial of service. (CVE-2013-2099) Ryan Sleevi discovered that Python did not properly handle certificates with NULL characters in the Subject Alternative Name ...

CVE-2013-2099 CVE-2013-4238

USN-1984-1: Python 3.2 vulnerabilities - 1st October 2013

Florian Weimer discovered that Python incorrectly handled matching multiple wildcards in ssl certificate hostnames. An attacker could exploit this to cause Python to consume resources, resulting in a denial of service. (CVE-2013-2099) Ryan Sleevi discovered that Python did not properly handle certificates with NULL characters in the Subject Alternative Name ...

CVE-2013-2099 CVE-2013-4238

USN-1983-1: Python 2.7 vulnerabilities - 1st October 2013

Florian Weimer discovered that Python incorrectly handled matching multiple wildcards in ssl certificate hostnames. An attacker could exploit this to cause Python to consume resources, resulting in a denial of service. This issue only affected Ubuntu 13.04. (CVE-2013-2099) Ryan Sleevi discovered that Python did not properly handle certificates with NULL ...

CVE-2013-2099 CVE-2013-4238

USN-1982-1: Python 2.6 vulnerability - 1st October 2013

Ryan Sleevi discovered that Python did not properly handle certificates with NULL characters in the Subject Alternative Name field. An attacker could exploit this to perform a man in the middle attack to view sensitive information or alter encrypted communications.

CVE-2013-4238

USN-1981-1: HPLIP vulnerabilities - 30th September 2013

It was discovered that HPLIP incorrectly handled temporary files when using the fax capabilities. A local attacker could possibly use this issue to overwrite arbitrary files. This issue only applied to Ubuntu 10.04 LTS. (CVE-2011-2722) Tim Waugh discovered that HPLIP incorrectly handled temporary files when printing. A local attacker could ...

CVE-2011-2722 CVE-2013-0200

USN-1978-1: libKDcraw vulnerabilities - 30th September 2013

It was discovered that libKDcraw incorrectly handled photo files. If a user or automated system were tricked into processing a specially crafted photo file, applications linked against libKDcraw could be made to crash, resulting in a denial of service. (CVE-2013-1438, CVE-2013-1439)

CVE-2013-1438 CVE-2013-1439

USN-1980-1: Vino vulnerability - 30th September 2013

Jonathan Claudius discovered that Vino incorrectly handled closing invalid connections. A remote attacker could use this issue to cause Vino to consume resources, resulting in a denial of service.

CVE-2013-5745

USN-1979-1: txt2man vulnerability - 30th September 2013

Patrick J Cherry discovered that txt2man contained leftover debugging code that incorrectly created a temporary file. A local attacker could possibly use this issue to overwrite arbitrary files. In the default Ubuntu installation, this should be prevented by the Yama link restrictions.

CVE-2013-1444

USN-1977-1: Linux kernel (EC2) vulnerabilities - 30th September 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) Kees Cook discovered flaw in ...

CVE-2013-0343 CVE-2013-2888 CVE-2013-2892

USN-1976-1: Linux kernel vulnerabilities - 30th September 2013

An information leak was discovered in the handling of ICMPv6 Router Advertisement (RA) messages in the Linux kernel's IPv6 network stack. A remote attacker could exploit this flaw to cause a denial of service (excessive retries and address-generation outage), and consequently obtain sensitive information. (CVE-2013-0343) Kees Cook discovered flaw in ...

CVE-2013-0343 CVE-2013-2888 CVE-2013-2892

USN-1975-1: Linux kernel (OMAP4) vulnerabilities - 27th September 2013

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). (CVE-2013-4254) A failure to validate block numbers was discovered in the Linux kernel's implementation of the ...

CVE-2013-1819 CVE-2013-4254

USN-1974-1: Linux kernel vulnerabilities - 27th September 2013

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). (CVE-2013-4254) A memory leak was discovered in the user namespace facility of the Linux kernel. A ...

CVE-2013-4205 CVE-2013-4254

USN-1973-1: Linux kernel (OMAP4) vulnerabilities - 27th September 2013

Vince Weaver discovered a flaw in the perf subsystem of the Linux kernel on ARM platforms. A local user could exploit this flaw to gain privileges or cause a denial of service (system crash). (CVE-2013-4254) A failure to validate block numbers was discovered in the Linux kernel's implementation of the ...

CVE-2013-1819 CVE-2013-2237 CVE-2013-4254

Show: All