Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

< Previous   Showing page 4 of 65   Next >
Show: All  

USN-2766-1: Spice vulnerabilities - 6th October 2015

Frediano Ziglio discovered multiple buffer overflows, undefined behavior signed integer operations, race conditions, memory leaks, and denial of service issues in Spice. A malicious guest operating system could potentially exploit these issues to escape virtualization. (CVE-2015-5260, CVE-2015-5261)

CVE-2015-5260 CVE-2015-5261

USN-2753-3: LXC regression - 5th October 2015

USN-2753-1 fixed a vulnerability in LXC. The update caused a regression that prevented some containers from starting. This regression only affected containers that had a path that contained a '/./' directory specified as a bind mount target in their configuration file. This update fixes the problem. We apologize for the ...

LP: 1501491

USN-2765-1: Linux kernel (Vivid HWE) vulnerability - 5th October 2015

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service (system crash).

CVE-2015-7613

USN-2764-1: Linux kernel (Utopic HWE) vulnerability - 5th October 2015

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service (system crash).

CVE-2015-7613

USN-2763-1: Linux kernel (Trusty HWE) vulnerability - 5th October 2015

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service (system crash).

CVE-2015-7613

USN-2762-1: Linux kernel vulnerability - 5th October 2015

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service (system crash).

CVE-2015-7613

USN-2761-1: Linux kernel vulnerability - 5th October 2015

Dmitry Vyukov discovered that the Linux kernel did not properly initialize IPC object state in certain situations. A local attacker could use this to escalate their privileges, expose confidential information, or cause a denial of service (system crash).

CVE-2015-7613

USN-2754-1: Thunderbird vulnerabilities - 5th October 2015

Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, and Cameron McCormack discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or ...

CVE-2015-4500 CVE-2015-4506 CVE-2015-4509 CVE-2015-4511 CVE-2015-4517 CVE-2015-4519 CVE-2015-4520 CVE-2015-4521 CVE-2015-4522 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7180

USN-2757-1: Oxide vulnerabilities - 5th October 2015

Two security issues were discovered in Blink and V8. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to bypass same-origin restrictions. (CVE-2015-1303, CVE-2015-1304)

CVE-2015-1303 CVE-2015-1304

USN-2743-4: Firefox regression - 5th October 2015

USN-2743-1 fixed vulnerabilities in Firefox. After upgrading, some users reported problems with bookmark creation and crashes in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell ...

LP: 1501277

USN-2760-1: Linux kernel (OMAP4) vulnerabilities - 1st October 2015

It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-5707) Marc-André Lureau discovered ...

CVE-2015-5707 CVE-2015-6252 CVE-2015-6526

USN-2759-1: Linux kernel vulnerabilities - 1st October 2015

It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges. (CVE-2015-5707) Marc-André Lureau discovered ...

CVE-2015-5707 CVE-2015-6252 CVE-2015-6526

USN-2758-1: PHP vulnerabilities - 30th September 2015

It was discovered that the PHP phar extension incorrectly handled certain files. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2015-5589) It was discovered that the PHP phar extension incorrectly handled certain filepaths. A remote attacker could use this issue ...

CVE-2015-5589 CVE-2015-5590 CVE-2015-6831 CVE-2015-6832 CVE-2015-6833 CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838

USN-2753-2: LXC regression - 30th September 2015

USN-2753-1 fixed a vulnerability in LXC. The update caused a regression that prevented some containers from starting. This regression only affected containers that had an absolute path specified as a bind mount target in their configuration file. This update fixes the problem. We apologize for the inconvenience. Original advisory details: ...

LP: 1501310

USN-2756-1: rpcbind vulnerability - 30th September 2015

It was discovered that rpcbind incorrectly handled certain memory structures. A remote attacker could use this issue to cause rpcbind to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2015-7236

USN-2755-1: Cyrus SASL vulnerability - 30th September 2015

It was discovered that Cyrus SASL incorrectly handled certain invalid password salts. An attacker could use this issue to cause Cyrus SASL to crash, resulting in a denial of service.

CVE-2013-4122

USN-2753-1: LXC vulnerability - 29th September 2015

Roman Fiedler discovered a directory traversal flaw in lxc-start. A local attacker with access to an LXC container could exploit this flaw to run programs inside the container that are not confined by AppArmor or expose unintended files in the host to the container.

CVE-2015-1335

USN-2752-1: Linux kernel vulnerabilities - 29th September 2015

Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. (CVE-2015-5697) Marc-André Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A ...

CVE-2015-5697 CVE-2015-6252

USN-2751-1: Linux kernel (Vivid HWE) vulnerabilities - 29th September 2015

Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. (CVE-2015-5697) Marc-André Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A ...

CVE-2015-5697 CVE-2015-6252

USN-2750-1: Linux kernel (Utopic HWE) vulnerability - 29th September 2015

It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.

CVE-2015-5707

USN-2749-1: Linux kernel (Trusty HWE) vulnerabilities - 29th September 2015

Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. (CVE-2015-5697) Marc-André Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A ...

CVE-2015-5697 CVE-2015-6252

USN-2748-1: Linux kernel vulnerabilities - 28th September 2015

Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel. (CVE-2015-5697) Marc-André Lureau discovered that the vhost driver did not properly release the userspace provided log file descriptor. A ...

CVE-2015-5697 CVE-2015-6252

USN-2747-1: NVIDIA graphics drivers vulnerability - 28th September 2015

Dario Weisser discovered that the NVIDIA graphics drivers incorrectly handled certain IOCTL writes. A local attacker could use this issue to possibly gain root privileges.

CVE-2015-5950

USN-2746-2: Simple Streams regression - 25th September 2015

USN-2746-1 fixed a vulnerability in Simple Streams. The update caused a regression preventing MAAS from downloading PXE images. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Simple Streams did not properly perform gpg verification in some situations. A remote attacker could ...

LP: 1499749

USN-2746-1: Simple Streams vulnerability - 24th September 2015

It was discovered that Simple Streams did not properly perform gpg verification in some situations. A remote attacker could use this to perform a man-in-the-middle attack and inject malicious content into the stream.

CVE-2015-1337

USN-2745-1: QEMU vulnerabilities - 24th September 2015

Lian Yihan discovered that QEMU incorrectly handled certain payload messages in the VNC display driver. A malicious guest could use this issue to cause the QEMU process to hang, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-5239) Qinghao Tang discovered ...

CVE-2015-5239 CVE-2015-5278 CVE-2015-5279 CVE-2015-6815 CVE-2015-6855

USN-2743-3: Unity Integration for Firefox, Unity Websites Integration and Ubuntu Online Accounts extension update - 24th September 2015

USN-2743-1 fixed vulnerabilities in Firefox. Future Firefox updates will require all addons be signed and unity-firefox-extension, webapps-greasemonkey and webaccounts-browser-extension will not go through the signing process. Because these addons currently break search engine installations (LP: #1069793), this update permanently disables the addons by removing them from the system. We apologize ...

LP: 1069793 LP: 1498681

USN-2744-1: Apport vulnerability - 24th September 2015

Halfdog discovered that Apport incorrectly handled kernel crash dump files. A local attacker could use this issue to cause a denial of service, or possibly elevate privileges. The default symlink protections for affected releases should reduce the vulnerability to a denial of service.

CVE-2015-1338

USN-2743-2: Ubufox update - 22nd September 2015

USN-2743-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubufox. Original advisory details: Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening ...

LP: 1498681

USN-2743-1: Firefox vulnerabilities - 22nd September 2015

Andrew Osmond, Olli Pettay, Andrew Sutherland, Christian Holler, David Major, Andrew McCreight, Cameron McCormack, Bob Clary and Randell Jesup discovered multiple memory safety issues in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service ...

CVE-2015-4500 CVE-2015-4501 CVE-2015-4502 CVE-2015-4504 CVE-2015-4506 CVE-2015-4507 CVE-2015-4508 CVE-2015-4509 CVE-2015-4510 CVE-2015-4512 CVE-2015-4516 CVE-2015-4517 CVE-2015-4519 CVE-2015-4520 CVE-2015-4521 CVE-2015-4522 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7180

USN-2742-1: OpenLDAP vulnerabilities - 16th September 2015

Denis Andzakovic discovered that OpenLDAP incorrectly handled certain BER data. A remote attacker could possibly use this issue to cause OpenLDAP to crash, resulting in a denial of service. (CVE-2015-6908) Dietrich Clauss discovered that the OpenLDAP package incorrectly shipped with a potentially unsafe default access control configuration. Depending on how ...

CVE-2014-9713 CVE-2015-6908

USN-2741-1: Unity Settings Daemon vulnerability - 16th September 2015

It was discovered that the Unity Settings Daemon incorrectly allowed removable media to be mounted when the screen is locked. If a vulnerability were discovered in some other desktop component, such as an image library, a local attacker could possibly use this issue to gain access to the session.

CVE-2015-1319

USN-2740-1: ICU vulnerabilities - 16th September 2015

Atte Kettunen discovered that ICU incorrectly handled certain converter names. If an application using ICU processed crafted data, a remote attacker could possibly cause it to crash. (CVE-2015-1270) It was discovered that ICU incorrectly handled certain memory operations when processing data. If an application using ICU processed crafted data, a ...

CVE-2015-1270 CVE-2015-2632 CVE-2015-4760

USN-2739-1: FreeType vulnerabilities - 10th September 2015

It was discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or hang, resulting in a denial of service, or possibly expose uninitialized memory.

CVE-2014-9745 LP: 1449225

USN-2738-1: Linux kernel vulnerability - 9th September 2015

It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.

CVE-2015-5707

USN-2737-1: Linux kernel (Vivid HWE) vulnerability - 9th September 2015

It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.

CVE-2015-5707

USN-2735-1: Oxide vulnerabilities - 8th September 2015

It was discovered that the DOM tree could be corrupted during parsing in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions or cause a denial of service. (CVE-2015-1291) An issue was discovered in NavigatorServiceWorker::serviceWorker ...

CVE-2015-1291 CVE-2015-1292 CVE-2015-1293 CVE-2015-1294 CVE-2015-1299 CVE-2015-1300 CVE-2015-1301 CVE-2015-1332 LP: 1470905

USN-2736-1: Spice vulnerability - 8th September 2015

Frediano Ziglio discovered that Spice incorrectly handled monitor configs. A malicious guest could use this issue to cause a denial of service, or possibly execute arbitrary code on the host as the user running the QEMU process. In the default installation, when QEMU is used with libvirt, attackers would be ...

CVE-2015-3247

USN-2734-1: Linux kernel vulnerability - 3rd September 2015

It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.

CVE-2015-5707

USN-2733-1: Linux kernel (Trusty HWE) vulnerability - 3rd September 2015

It was discovered that an integer overflow error existed in the SCSI generic (sg) driver in the Linux kernel. A local attacker with write permission to a SCSI generic device could use this to cause a denial of service (system crash) or potentially escalate their privileges.

CVE-2015-5707

USN-2732-1: Linux kernel (OMAP4) vulnerability - 3rd September 2015

Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel.

CVE-2015-5697

USN-2731-1: Linux kernel vulnerability - 3rd September 2015

Benjamin Randazzo discovered an information leak in the md (multiple device) driver when the bitmap_info.file is disabled. A local privileged attacker could use this to obtain sensitive information from the kernel.

CVE-2015-5697

USN-2730-1: OpenSLP vulnerabilities - 3rd September 2015

Georgi Geshev discovered that OpenSLP incorrectly handled processing certain service requests. A remote attacker could possibly use this issue to cause OpenSLP to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2012-4428) Qinghao Tang discovered that OpenSLP incorrectly handled processing ...

CVE-2012-4428 CVE-2015-5177

USN-2729-1: libvdpau vulnerabilities - 3rd September 2015

Florian Weimer discovered that libvdpau incorrectly handled certain environment variables. A local attacker could possibly use this issue to gain privileges.

CVE-2015-5198 CVE-2015-5199 CVE-2015-5200

USN-2728-1: Bind vulnerability - 2nd September 2015

Hanno Böck discovered that Bind incorrectly handled certain malformed keys when configured to perform DNSSEC validation. A remote attacker could use this issue with specially crafted zone data to cause Bind to crash, resulting in a denial of service.

CVE-2015-5722

USN-2727-1: GnuTLS vulnerabilities - 1st September 2015

It was discovered that GnuTLS incorrectly handled parsing CRL distribution points. A remote attacker could possibly use this issue to cause a denial of service, or execute arbitrary code. (CVE-2015-3308) Kurt Roeckx discovered that GnuTLS incorrectly handled a long DistinguishedName (DN) entry in a certificate. A remote attacker could possibly ...

CVE-2015-3308 CVE-2015-6251

USN-2726-1: Expat vulnerability - 31st August 2015

It was discovered that Expat incorrectly handled malformed XML data. If a user or application linked against Expat were tricked into opening a crafted XML file, an attacker could cause a denial of service, or possibly execute arbitrary code.

CVE-2015-1283

USN-2723-1: Firefox vulnerabilities - 27th August 2015

A use-after-free was discovered when resizing a canvas element during restyling in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the ...

CVE-2015-4497 CVE-2015-4498

USN-2725-1: cups-filters vulnerability - 27th August 2015

Seth Arnold discovered that ippusbxd in the cups-filters package would incorrectly listen to all configured network interfaces. A remote attacker could use this issue to possibly access locally-connected printers.

CVE-2015-6520

USN-2724-1: QEMU vulnerabilities - 27th August 2015

It was discovered that QEMU incorrectly handled a PRDT with zero complete sectors in the IDE functionality. A malicious guest could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-9718) Donghai Zhu discovered that QEMU incorrectly handled ...

CVE-2014-9718 CVE-2015-5165 CVE-2015-5166 CVE-2015-5225 CVE-2015-5745

< Previous   Showing page 4 of 65   Next >
Show: All