Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

< Previous   Showing page 4 of 69   Next >
Show: All  

USN-2932-1: Linux kernel (Vivid HWE) vulnerabilities - 14th March 2016

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134) It was discovered that the Linux kernel did not ...

CVE-2013-4312 CVE-2015-7566 CVE-2015-7833 CVE-2015-8767 CVE-2016-0723 CVE-2016-2069 CVE-2016-2384 CVE-2016-2543 CVE-2016-2544 CVE-2016-2545 CVE-2016-2546 CVE-2016-2547 CVE-2016-2548 CVE-2016-2549 CVE-2016-2782 CVE-2016-3134

USN-2929-1: Linux kernel vulnerabilities - 14th March 2016

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134) It was discovered that the Linux kernel did not ...

CVE-2013-4312 CVE-2015-7566 CVE-2015-7833 CVE-2016-0723 CVE-2016-2384 CVE-2016-2543 CVE-2016-2544 CVE-2016-2545 CVE-2016-2546 CVE-2016-2547 CVE-2016-2548 CVE-2016-2549 CVE-2016-2782 CVE-2016-3134

USN-2929-2: Linux kernel (Trusty HWE) vulnerabilities - 14th March 2016

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134) It was discovered that the Linux kernel did not ...

CVE-2013-4312 CVE-2015-7566 CVE-2015-7833 CVE-2016-0723 CVE-2016-2384 CVE-2016-2543 CVE-2016-2544 CVE-2016-2545 CVE-2016-2546 CVE-2016-2547 CVE-2016-2548 CVE-2016-2549 CVE-2016-2782 CVE-2016-3134

USN-2931-1: Linux kernel (Utopic HWE) vulnerabilities - 14th March 2016

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134) It was discovered that the Linux kernel did not ...

CVE-2013-4312 CVE-2015-8767 CVE-2016-2069 CVE-2016-2384 CVE-2016-2543 CVE-2016-2544 CVE-2016-2545 CVE-2016-2546 CVE-2016-2547 CVE-2016-2548 CVE-2016-2549 CVE-2016-3134

USN-2930-2: Linux kernel (Wily HWE) vulnerabilities - 14th March 2016

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134) Ben Hawkes discovered an integer overflow in the Linux ...

CVE-2015-7566 CVE-2015-8767 CVE-2016-0723 CVE-2016-2384 CVE-2016-2543 CVE-2016-2544 CVE-2016-2545 CVE-2016-2546 CVE-2016-2547 CVE-2016-2548 CVE-2016-2549 CVE-2016-2782 CVE-2016-3134 CVE-2016-3135

USN-2930-1: Linux kernel vulnerabilities - 14th March 2016

Ben Hawkes discovered that the Linux netfilter implementation did not correctly perform validation when handling IPT_SO_SET_REPLACE events. A local unprivileged attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges. (CVE-2016-3134) Ben Hawkes discovered an integer overflow in the Linux ...

CVE-2015-7566 CVE-2015-8767 CVE-2016-0723 CVE-2016-2384 CVE-2016-2543 CVE-2016-2544 CVE-2016-2545 CVE-2016-2546 CVE-2016-2547 CVE-2016-2548 CVE-2016-2549 CVE-2016-2782 CVE-2016-3134 CVE-2016-3135

USN-2928-2: Linux kernel (OMAP4) vulnerability - 14th March 2016

Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectly performed a double-free. A local attacker with physical access could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

CVE-2016-2384

USN-2928-1: Linux kernel vulnerability - 14th March 2016

Andrey Konovalov discovered that the ALSA USB MIDI driver incorrectly performed a double-free. A local attacker with physical access could use this to cause a denial of service (system crash) or possibly execute arbitrary code with administrative privileges.

CVE-2016-2384

USN-2927-1: graphite2 vulnerabilities - 14th March 2016

It was discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2016-1977 CVE-2016-2790 CVE-2016-2791 CVE-2016-2792 CVE-2016-2793 CVE-2016-2794 CVE-2016-2795 CVE-2016-2796 CVE-2016-2797 CVE-2016-2798 CVE-2016-2799 CVE-2016-2800 CVE-2016-2801 CVE-2016-2802

USN-2920-1: Oxide vulnerabilities - 10th March 2016

It was discovered that the ContainerNode::parserRemoveChild function in Blink mishandled widget updates in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2016-1630) It was discovered that the PPB_Flash_MessageLoop_Impl::InternalRun function in Chromium mishandled nested message ...

CVE-2016-1630 CVE-2016-1631 CVE-2016-1633 CVE-2016-1634 CVE-2016-1636 CVE-2016-1637 CVE-2016-1641 CVE-2016-1642 CVE-2016-1643 CVE-2016-1644 CVE-2016-2843 CVE-2016-2844 CVE-2016-2845

USN-2926-1: OTR vulnerability - 10th March 2016

Markus Vervier discovered that OTR incorrectly handled large incoming messages. A remote attacker could use this issue to cause OTR to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2016-2851

USN-2925-1: Bind vulnerabilities - 9th March 2016

It was discovered that Bind incorrectly handled input received by the rndc control channel. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2016-1285) It was discovered that Bind incorrectly parsed resource record signatures for DNAME resource records. A remote ...

CVE-2016-1285 CVE-2016-1286

USN-2924-1: NSS vulnerability - 9th March 2016

Francis Gabriel discovered that NSS incorrectly handled decoding certain ASN.1 data. An remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2016-1950

USN-2917-1: Firefox vulnerabilities - 9th March 2016

Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. ...

CVE-2016-1950 CVE-2016-1952 CVE-2016-1953 CVE-2016-1954 CVE-2016-1955 CVE-2016-1956 CVE-2016-1957 CVE-2016-1958 CVE-2016-1959 CVE-2016-1960 CVE-2016-1961 CVE-2016-1962 CVE-2016-1963 CVE-2016-1964 CVE-2016-1965 CVE-2016-1966 CVE-2016-1967 CVE-2016-1968 CVE-2016-1973 CVE-2016-1974 CVE-2016-1977 CVE-2016-2790 CVE-2016-2791 CVE-2016-2792 CVE-2016-2793 CVE-2016-2794 CVE-2016-2795 CVE-2016-2796 CVE-2016-2797 CVE-2016-2798 CVE-2016-2799 CVE-2016-2800 CVE-2016-2801 CVE-2016-2802

USN-2923-1: BeanShell vulnerability - 8th March 2016

Alvaro Muñoz and Christian Schneider discovered that BeanShell incorrectly handled deserialization. A remote attacker could possibly use this issue to execute arbitrary code.

CVE-2016-2510

USN-2922-1: Samba vulnerabilities - 8th March 2016

Jeremy Allison discovered that Samba incorrectly handled ACLs on symlink paths. A remote attacker could use this issue to overwrite the ownership of ACLs using symlinks. (CVE-2015-7560) Garming Sam and Douglas Bagnall discovered that the Samba internal DNS server incorrectly handled certain DNS TXT records. A remote attacker could use ...

CVE-2013-0213 CVE-2013-0214 CVE-2015-7560 CVE-2016-0771

USN-2904-1: Thunderbird vulnerabilities - 8th March 2016

Karthikeyan Bhargavan and Gaetan Leurent discovered that NSS incorrectly allowed MD5 to be used for TLS 1.2 connections. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to view sensitive information. (CVE-2015-7575) Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If ...

CVE-2015-7575 CVE-2016-1523 CVE-2016-1930 CVE-2016-1935

USN-2915-3: Django regression - 7th March 2016

USN-2915-1 fixed vulnerabilities in Django. The upstream fix for CVE-2016-2512 introduced a regression for certain applications. This update fixes the problem by applying the complete upstream regression fix. Original advisory details: Mark Striemer discovered that Django incorrectly handled user-supplied redirect URLs containing basic authentication credentials. A remote attacker could possibly ...

LP: 1553251

USN-2921-1: Squid vulnerabilities - 7th March 2016

Sebastian Krahmer discovered that Squid incorrectly handled certain SNMP requests. If SNMP is enabled, a remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-6270) Alex Rousskov discovered that Squid incorrectly handled certain malformed responses. A remote ...

CVE-2014-6270 CVE-2016-2571

USN-2915-2: Django regression - 7th March 2016

USN-2915-1 fixed vulnerabilities in Django. The upstream fix for CVE-2016-2512 introduced a regression for certain applications. This update fixes the problem. Original advisory details: Mark Striemer discovered that Django incorrectly handled user-supplied redirect URLs containing basic authentication credentials. A remote attacker could possibly use this issue to perform a cross-site ...

LP: 1553251

USN-2919-1: JasPer vulnerabilities - 3rd March 2016

Jacob Baines discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. (CVE-2016-1577) Tyler Hicks discovered that JasPer incorrectly ...

CVE-2016-1577 CVE-2016-2116

USN-2918-1: pixman vulnerability - 3rd March 2016

Vincent LE GARREC discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, a remote attacker could cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2014-9766

USN-2916-1: Perl vulnerabilities - 2nd March 2016

It was discovered that Perl incorrectly handled certain regular expressions with an invalid backreference. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-7422) Markus Vervier discovered that Perl incorrectly handled nesting in the Data::Dumper module. An ...

CVE-2013-7422 CVE-2014-4330 CVE-2016-2381

USN-2915-1: Django vulnerabilities - 1st March 2016

Mark Striemer discovered that Django incorrectly handled user-supplied redirect URLs containing basic authentication credentials. A remote attacker could possibly use this issue to perform a cross-site scripting attack or a malicious redirect. (CVE-2016-2512) Sjoerd Job Postmus discovered that Django incorrectly handled timing when doing password hashing operations. A remote attacker ...

CVE-2016-2512 CVE-2016-2513

USN-2914-1: OpenSSL vulnerabilities - 1st March 2016

Yuval Yarom, Daniel Genkin, and Nadia Heninger discovered that OpenSSL was vulnerable to a side-channel attack on modular exponentiation. On certain CPUs, a local attacker could possibly use this issue to recover RSA keys. This flaw is known as CacheBleed. (CVE-2016-0702) Adam Langley discovered that OpenSSL incorrectly handled memory when ...

CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799

USN-2909-2: Linux kernel (Utopic HWE) regression - 27th February 2016

USN-2909-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 14.10 backport kernel within VMWare virtual machines. This update fixes the problem. We apologize for the inconvenience. ...

LP: 1548587

USN-2910-2: Linux kernel (Vivid HWE) regression - 27th February 2016

USN-2910-1 fixed vulnerabilities in the Ubuntu 15.04 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 15.04 backport kernel within VMWare virtual machines. This update fixes the problem. We apologize for the inconvenience. ...

LP: 1548587

USN-2908-5: Linux kernel (Wily HWE) regression - 27th February 2016

USN-2908-2 fixed vulnerabilities in the Ubuntu 15.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 15.10 backport kernel within VMWare virtual machines. This update fixes the problem. We apologize for the inconvenience. ...

LP: 1548587

USN-2908-4: Linux kernel regression - 26th February 2016

USN-2908-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 15.10 guests running within VMWare virtual machines. This update fixes the problem. We apologize for the inconvenience. Original advisory details: halfdog discovered that OverlayFS, when mounting on ...

LP: 1548587

USN-2913-3: OpenSSL update - 24th February 2016

USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the OpenSSL package to properly handle the removal. Original advisory details: The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20160104 package, ...

LP: 1528645

USN-2913-2: glib-networking update - 24th February 2016

USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the glib-networking package to properly handle the removal. Original advisory details: The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20160104 package, ...

LP: 1528645

USN-2913-4: GnuTLS update - 24th February 2016

USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the GnuTLS package to properly handle the removal. Original advisory details: The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20160104 package, ...

LP: 1528645

USN-2913-1: ca-certificates update - 24th February 2016

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20160104 package, including the removal of the SPI CA and CA certificates with 1024-bit RSA keys.

LP: 1528645

USN-2903-2: NSS regression - 23rd February 2016

USN-2903-1 fixed a vulnerability in NSS. An incorrect package versioning change in Ubuntu 12.04 LTS caused a regression when building software against NSS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Hanno Böck discovered that NSS incorrectly handled certain division functions, possibly leading to cryptographic ...

LP: 1547147

USN-2912-1: libssh vulnerabilities - 23rd February 2016

Mariusz Ziulek discovered that libssh incorrectly handled certain packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service. (CVE-2015-3146) Aris Adamantiadis discovered that libssh incorrectly generated ephemeral secret keys of 128 bits instead of the recommended 1024 or 2048 bits ...

CVE-2015-3146 CVE-2016-0739

USN-2905-1: Oxide vulnerability - 23rd February 2016

A security issue was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions or a sandbox protection mechanism. (CVE-2016-1629)

CVE-2016-1629

USN-2911-2: Linux kernel (OMAP4) vulnerability - 22nd February 2016

It was discovered that the Linux kernel keyring subsystem contained a race between read and revoke operations. A local attacker could use this to cause a denial of service (system crash).

CVE-2015-7550

USN-2911-1: Linux kernel vulnerability - 22nd February 2016

It was discovered that the Linux kernel keyring subsystem contained a race between read and revoke operations. A local attacker could use this to cause a denial of service (system crash).

CVE-2015-7550

USN-2910-1: Linux kernel (Vivid HWE) vulnerabilities - 22nd February 2016

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. (CVE-2016-1576) halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged ...

CVE-2015-7550 CVE-2015-8543 CVE-2015-8569 CVE-2015-8575 CVE-2015-8785 CVE-2016-1575 CVE-2016-1576

USN-2909-1: Linux kernel (Utopic HWE) vulnerabilities - 22nd February 2016

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. (CVE-2016-1576) halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged ...

CVE-2015-8785 CVE-2016-1575 CVE-2016-1576

USN-2908-1: Linux kernel vulnerabilities - 22nd February 2016

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. (CVE-2016-1576) halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged ...

CVE-2013-4312 CVE-2015-8785 CVE-2016-1575 CVE-2016-1576 CVE-2016-2069

USN-2908-2: Linux kernel (Wily HWE) vulnerabilities - 22nd February 2016

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. (CVE-2016-1576) halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged ...

CVE-2013-4312 CVE-2015-8785 CVE-2016-1575 CVE-2016-1576 CVE-2016-2069

USN-2908-3: Linux kernel (Raspberry Pi 2) vulnerabilities - 22nd February 2016

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. (CVE-2016-1576) halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged ...

CVE-2013-4312 CVE-2015-8785 CVE-2016-1575 CVE-2016-1576 CVE-2016-2069

USN-2907-2: Linux kernel (Trusty HWE) vulnerabilities - 22nd February 2016

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. (CVE-2016-1576) halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged ...

CVE-2015-7550 CVE-2015-8543 CVE-2015-8569 CVE-2015-8575 CVE-2015-8785 CVE-2016-1575 CVE-2016-1576

USN-2907-1: Linux kernel vulnerabilities - 22nd February 2016

halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. (CVE-2016-1576) halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged ...

CVE-2015-7550 CVE-2015-8543 CVE-2015-8569 CVE-2015-8575 CVE-2015-8785 CVE-2016-1575 CVE-2016-1576

USN-2906-1: GNU cpio vulnerabilities - 22nd February 2016

Alexander Cherepanov discovered that GNU cpio incorrectly handled symbolic links when used with the --no-absolute-filenames option. If a user or automated system were tricked into extracting a specially-crafted cpio archive, a remote attacker could possibly use this issue to write arbitrary files. This issue only affected Ubuntu 12.04 LTS and ...

CVE-2015-1197 CVE-2016-2037

USN-2895-1: Oxide vulnerabilities - 18th February 2016

The DOM implementation in Chromium did not properly restrict frame-attach operations from occurring during or after frame-detach operations. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2016-1623) An integer underflow was discovered in Brotli. If a ...

CVE-2016-1623 CVE-2016-1624

USN-2903-1: NSS vulnerability - 17th February 2016

Hanno Böck discovered that NSS incorrectly handled certain division functions, possibly leading to cryptographic weaknesses. (CVE-2016-1938) This update also refreshes the NSS package to version 3.21 which includes the latest CA certificate bundle, and removes the SPI CA.

CVE-2016-1938

USN-2902-1: graphite2 vulnerabilities - 17th February 2016

Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2016-1521 CVE-2016-1522 CVE-2016-1523 CVE-2016-1526

USN-2901-1: xdelta3 vulnerability - 17th February 2016

It was discovered that xdelta3 incorrectly handled certain files. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could use this issue to cause xdelta3 to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2014-9765

< Previous   Showing page 4 of 69   Next >
Show: All