Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Showing page 1 of 17   Next >
Show: All  

USN-2449-1: NTP vulnerabilities - 22nd December 2014

Neel Mehta discovered that NTP generated weak authentication keys. A remote attacker could possibly use this issue to brute force the authentication key and send requests if permitted by IP restrictions. (CVE-2014-9293) Stephen Roettger discovered that NTP generated weak MD5 keys. A remote attacker could possibly use this issue to ...

CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296

USN-2442-1: Linux kernel (EC2) vulnerabilities - 12th December 2014

An information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in ...

CVE-2014-3673 CVE-2014-3687 CVE-2014-3688 CVE-2014-7841 CVE-2014-8134 CVE-2014-8709 CVE-2014-8884 CVE-2014-9090

USN-2441-1: Linux kernel vulnerabilities - 12th December 2014

An information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in ...

CVE-2014-3673 CVE-2014-3687 CVE-2014-3688 CVE-2014-7841 CVE-2014-8134 CVE-2014-8709 CVE-2014-8884 CVE-2014-9090

USN-2440-1: Mutt vulnerability - 11th December 2014

Jakub Wilk discovered that the write_one_header function in mutt did not properly handle newline characters at the beginning of a header. An attacker could specially craft an email to cause mutt to crash, resulting in a denial of service.

CVE-2014-9116

USN-2439-1: QEMU vulnerabilities - 11th December 2014

Michael S. Tsirkin discovered that QEMU incorrectly handled certain parameters during ram load while performing a migration. An attacker able to manipulate savevm data could use this issue to possibly execute arbitrary code on the host. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 14.10. (CVE-2014-7840) ...

CVE-2014-7840 CVE-2014-8106

USN-2437-1: Bind vulnerability - 9th December 2014

Florian Maury discovered that Bind incorrectly handled delegation. A remote attacker could possibly use this issue to cause Bind to consume resources and crash, resulting in a denial of service.

CVE-2014-8500

USN-2435-1: Graphviz vulnerability - 8th December 2014

It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code.

CVE-2014-9157

USN-2434-2: Ghostscript vulnerability - 8th December 2014

USN-2434-1 fixed a vulnerability in JasPer. This update provides the corresponding fix for the JasPer library embedded in the Ghostscript package. Original advisory details: Jose Duart discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a ...

CVE-2014-9029

USN-2433-1: tcpdump vulnerabilities - 4th December 2014

Steffen Bauch discovered that tcpdump incorrectly handled printing OSLR packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-8767) Steffen Bauch discovered that tcpdump incorrectly handled printing GeoNet packets. A remote attacker could use this ...

CVE-2014-8767 CVE-2014-8768 CVE-2014-8769 CVE-2014-9140

USN-2432-1: GNU C Library vulnerabilities - 3rd December 2014

Siddhesh Poyarekar discovered that the GNU C Library incorrectly handled certain multibyte characters when using the iconv function. An attacker could possibly use this issue to cause applications to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2012-6656) Adhemerval Zanella ...

CVE-2012-6656 CVE-2014-6040 CVE-2014-7817

USN-2429-1: ppp vulnerability - 1st December 2014

It was discovered that ppp incorrectly handled certain options files. A local attacker could possibly use this issue to escalate privileges.

CVE-2014-3158

USN-2426-1: FLAC vulnerabilities - 27th November 2014

Michele Spagnuolo discovered that FLAC incorrectly handled certain malformed audio files. An attacker could use this issue to cause FLAC to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2014-8962 CVE-2014-9028

USN-2416-1: Linux kernel (EC2) vulnerabilities - 24th November 2014

Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (CVE-2014-4608) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A ...

CVE-2014-4608 CVE-2014-7975

USN-2415-1: Linux kernel vulnerability - 24th November 2014

Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability).

CVE-2014-7975

USN-2409-1: QEMU vulnerabilities - 13th November 2014

Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host memory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-3615) Xavier Mehrenberger and Stephane Duverger discovered that QEMU incorrectly handled certain udp packets when ...

CVE-2014-3615 CVE-2014-3640 CVE-2014-3689 CVE-2014-5263 CVE-2014-5388 CVE-2014-7815

USN-2399-1: curl vulnerability - 10th November 2014

Symeon Paraschoudis discovered that curl incorrectly handled memory when being used with CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle(). This may result in sensitive data being incorrectly sent to the remote server.

CVE-2014-3707

USN-2393-1: Wget vulnerability - 30th October 2014

HD Moore discovered that Wget contained a path traversal vulnerability when downloading symlinks using FTP. A malicious remote FTP server or a man in the middle could use this issue to cause Wget to overwrite arbitrary files, possibly leading to arbitrary code execution.

CVE-2014-4877

USN-2391-1: php5 vulnerabilities - 30th October 2014

Symeon Paraschoudis discovered that PHP incorrectly handled the mkgmtime function. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service. (CVE-2014-3668) Symeon Paraschoudis discovered that PHP incorrectly handled unserializing objects. A remote attacker could possibly use this issue to cause PHP ...

CVE-2014-3668 CVE-2014-3669 CVE-2014-3670 CVE-2014-3710

USN-2389-1: libxml2 vulnerability - 27th October 2014

It was discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service.

CVE-2014-3660

USN-2386-1: OpenJDK 6 vulnerabilities - 16th October 2014

A vulnerability was discovered in the OpenJDK JRE related to information disclosure and data integrity. An attacker could exploit this to expose sensitive data over the network. (CVE-2014-6457) Several vulnerabilities were discovered in the OpenJDK JRE related to data integrity. (CVE-2014-6502, CVE-2014-6512, CVE-2014-6519, CVE-2014-6558) Several vulnerabilities were discovered in the ...

CVE-2014-6457 CVE-2014-6502 CVE-2014-6504 CVE-2014-6506 CVE-2014-6511 CVE-2014-6512 CVE-2014-6517 CVE-2014-6519 CVE-2014-6531 CVE-2014-6558 LP: 1382205

USN-2385-1: OpenSSL vulnerabilities - 16th October 2014

It was discovered that OpenSSL incorrectly handled memory when parsing DTLS SRTP extension data. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-3513) It was discovered that ...

CVE-2014-3513 CVE-2014-3567

USN-2383-1: wpa_supplicant vulnerability - 14th October 2014

Jouni Malinen discovered that the wpa_cli tool incorrectly sanitized strings when being used with action scripts. A remote attacker could possibly use this issue to execute arbitrary commands.

CVE-2014-3686

USN-2381-1: Rsyslog vulnerabilities - 9th October 2014

It was discovered that Rsyslog incorrectly handled invalid PRI values. An attacker could use this issue to send malformed messages to the Rsyslog server and cause it to stop responding, resulting in a denial of service and possibly message loss. (CVE-2014-3634, CVE-2014-3683)

CVE-2014-3634 CVE-2014-3683

USN-2380-1: Bash vulnerabilities - 9th October 2014

Michal Zalewski discovered that Bash incorrectly handled parsing certain function definitions. If an attacker were able to create an environment variable containing a function definition with a very specific name, these issues could possibly be used to bypass certain environment restrictions and execute arbitrary code. (CVE-2014-6277, CVE-2014-6278) Please note that ...

CVE-2014-6277 CVE-2014-6278

USN-2375-1: Linux kernel (EC2) vulnerabilities - 9th October 2014

Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. (CVE-2014-3184) Several bounds check flaws allowing for buffer overflows were discovered in ...

CVE-2014-3184 CVE-2014-3185 CVE-2014-6410

USN-2374-1: Linux kernel vulnerabilities - 9th October 2014

Ben Hawkes reported some off by one errors for report descriptors in the Linux kernel's HID stack. A physically proximate attacker could exploit these flaws to cause a denial of service (out-of-bounds write) via a specially crafted device. (CVE-2014-3184) Several bounds check flaws allowing for buffer overflows were discovered in ...

CVE-2014-3184 CVE-2014-3185 CVE-2014-6410

USN-2369-1: file vulnerability - 2nd October 2014

It was discovered that file incorrectly handled certain CDF documents. A attacker could use this issue to cause file to hang or crash, resulting in a denial of service.

CVE-2014-3587

USN-2366-1: libvirt vulnerabilities - 30th September 2014

Daniel P. Berrange and Richard Jones discovered that libvirt incorrectly handled XML documents containing XML external entity declarations. An attacker could use this issue to cause libvirtd to crash, resulting in a denial of service on all affected releases, or possibly read arbitrary files if fine grained access control was ...

CVE-2014-0179 CVE-2014-3633 CVE-2014-5177

USN-2364-1: Bash vulnerabilities - 27th September 2014

Florian Weimer and Todd Sabin discovered that the Bash parser incorrectly handled memory. An attacker could possibly use this issue to bypass certain environment restrictions and execute arbitrary code. (CVE-2014-7186, CVE-2014-7187) In addition, this update introduces a hardening measure which adds prefixes and suffixes around environment variable names which contain ...

CVE-2014-7186 CVE-2014-7187

USN-2363-1: Bash vulnerability - 25th September 2014

Tavis Ormandy discovered that the security fix for Bash included in USN-2362-1 was incomplete. An attacker could use this issue to bypass certain environment restrictions. (CVE-2014-7169)

CVE-2014-7169

USN-2361-1: NSS vulnerability - 24th September 2014

Antoine Delignat-Lavaud and others discovered that NSS incorrectly handled parsing ASN.1 values. An attacker could use this issue to forge RSA certificates.

CVE-2014-1568

USN-2362-1: Bash vulnerability - 24th September 2014

Stephane Chazelas discovered that Bash incorrectly handled trailing code in function definitions. An attacker could use this issue to bypass environment restrictions, such as SSH forced command environments.

CVE-2014-6271

USN-2355-1: Linux kernel (EC2) vulnerabilities - 23rd September 2014

Chris Evans reported an flaw in the Linux kernel's handling of iso9660 (compact disk filesystem) images. An attacker who can mount a custom iso9660 image either via a CD/DVD drive or a loopback mount could cause a denial of service (system crash or reboot). (CVE-2014-5471) Chris Evans reported an flaw ...

CVE-2014-5471 CVE-2014-5472

USN-2354-1: Linux kernel vulnerabilities - 23rd September 2014

Chris Evans reported an flaw in the Linux kernel's handling of iso9660 (compact disk filesystem) images. An attacker who can mount a custom iso9660 image either via a CD/DVD drive or a loopback mount could cause a denial of service (system crash or reboot). (CVE-2014-5471) Chris Evans reported an flaw ...

CVE-2014-5471 CVE-2014-5472

USN-2353-1: APT vulnerability - 23rd September 2014

It was discovered that APT incorrectly handled certain http URLs. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could be exploited to cause APT to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should ...

CVE-2014-6273

USN-2352-1: DBus vulnerabilities - 22nd September 2014

Simon McVittie discovered that DBus incorrectly handled the file descriptors message limit. A local attacker could use this issue to cause DBus to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-3635) Alban Crequy ...

CVE-2014-3635 CVE-2014-3636 CVE-2014-3637 CVE-2014-3638 CVE-2014-3639

USN-2350-1: NSS update - 22nd September 2014

The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.17 which includes the latest CA certificate bundle.

LP: 1372410

USN-2348-1: APT vulnerabilities - 16th September 2014

It was discovered that APT did not re-verify downloaded files when the If-Modified-Since wasn't met. (CVE-2014-0487) It was discovered that APT did not invalidate repository data when it switched from an unauthenticated to an authenticated state. (CVE-2014-0488) It was discovered that the APT Acquire::GzipIndexes option caused APT to skip checksum ...

CVE-2014-0487 CVE-2014-0488 CVE-2014-0489 CVE-2014-0490

USN-2347-1: Django vulnerabilities - 16th September 2014

Florian Apolloner discovered that Django incorrectly validated URLs. A remote attacker could use this issue to conduct phishing attacks. (CVE-2014-0480) David Wilson discovered that Django incorrectly handled file name generation. A remote attacker could use this issue to cause Django to consume resources, resulting in a denial of service. (CVE-2014-0481) ...

CVE-2014-0480 CVE-2014-0481 CVE-2014-0482 CVE-2014-0483

USN-2346-1: curl vulnerabilities - 15th September 2014

Tim Ruehsen discovered that curl incorrectly handled partial literal IP addresses. This could lead to the disclosure of cookies to the wrong site, and malicious sites being able to set cookies for others. (CVE-2014-3613) Tim Ruehsen discovered that curl incorrectly allowed cookies to be set for Top Level Domains (TLDs). ...

CVE-2014-3613 CVE-2014-3620

USN-2344-1: PHP vulnerabilities - 9th September 2014

It was discovered that the Fileinfo component in php5 contains an integer overflow. An attacker could use this flaw to cause a denial of service or possibly execute arbitrary code via a crafted CDF file. (CVE-2014-3587) It was discovered that the php_parserr function contains multiple buffer overflows. An attacker could ...

CVE-2014-3587 CVE-2014-3597

USN-2343-1: NSS vulnerability - 9th September 2014

Tyson Smith and Jesse Schwartzentruber discovered that NSS contained a race condition when performing certificate validation. An attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2014-1544

USN-2342-1: QEMU vulnerabilities - 8th September 2014

Michael S. Tsirkin, Anthony Liguori, and Michael Roth discovered multiple issues with QEMU state loading after migration. An attacker able to modify the state data could use these issues to cause a denial of service, or possibly execute arbitrary code. (CVE-2013-4148, CVE-2013-4149, CVE-2013-4150, CVE-2013-4151, CVE-2013-4526, CVE-2013-4527, CVE-2013-4529, CVE-2013-4530, CVE-2013-4531, CVE-2013-4532, ...

CVE-2013-4148 CVE-2013-4149 CVE-2013-4150 CVE-2013-4151 CVE-2013-4526 CVE-2013-4527 CVE-2013-4529 CVE-2013-4530 CVE-2013-4531 CVE-2013-4532 CVE-2013-4533 CVE-2013-4534 CVE-2013-4535 CVE-2013-4536 CVE-2013-4537 CVE-2013-4538 CVE-2013-4539 CVE-2013-4540 CVE-2013-4541 CVE-2013-4542 CVE-2013-6399 CVE-2014-0142 CVE-2014-0143 CVE-2014-0144 CVE-2014-0145 CVE-2014-0146 CVE-2014-0147 CVE-2014-0182 CVE-2014-0222 CVE-2014-0223 CVE-2014-3461 CVE-2014-3471

USN-2341-1: CUPS vulnerabilities - 8th September 2014

Salvatore Bonaccorso discovered that the CUPS web interface incorrectly validated permissions and incorrectly handled symlinks. An attacker could possibly use this issue to bypass file permissions and read arbitrary files, possibly leading to a privilege escalation.

CVE-2014-5029 CVE-2014-5030 CVE-2014-5031

USN-2306-3: GNU C Library regression - 8th September 2014

USN-2306-1 fixed vulnerabilities in the GNU C Library. On Ubuntu 10.04 LTS, the fix for CVE-2013-4357 introduced a memory leak in getaddrinfo. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Maksymilian Arciemowicz discovered that the GNU C Library incorrectly handled the getaddrinfo() function. An attacker ...

LP: 1364584

USN-2340-1: procmail vulnerability - 4th September 2014

Tavis Ormandy discovered that the formail tool incorrectly handled certain malformed mail headers. An attacker could use this flaw to cause formail to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2014-3618

USN-2339-2: Libgcrypt vulnerability - 3rd September 2014

Daniel Genkin, Adi Shamir, and Eran Tromer discovered that Libgcrypt was susceptible to an adaptive chosen ciphertext attack via physical side channels. A local attacker could use this attack to possibly recover private keys.

CVE-2014-5270

USN-2339-1: GnuPG vulnerability - 3rd September 2014

Daniel Genkin, Adi Shamir, and Eran Tromer discovered that GnuPG was susceptible to an adaptive chosen ciphertext attack via physical side channels. A local attacker could use this attack to possibly recover private keys.

CVE-2014-5270

USN-2333-1: Linux kernel (EC2) vulnerabilities - 2nd September 2014

A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service (system crash) via an open system call. (CVE-2014-0203) Toralf Förster reported an error in the Linux kernels syscall auditing on ...

CVE-2014-0203 CVE-2014-4508 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656 CVE-2014-4667 CVE-2014-5077

USN-2332-1: Linux kernel vulnerabilities - 2nd September 2014

A bug was discovered in the handling of pathname components when used with an autofs direct mount. A local user could exploit this flaw to cause a denial of service (system crash) via an open system call. (CVE-2014-0203) Toralf Förster reported an error in the Linux kernels syscall auditing on ...

CVE-2014-0203 CVE-2014-4508 CVE-2014-4652 CVE-2014-4653 CVE-2014-4654 CVE-2014-4655 CVE-2014-4656 CVE-2014-4667 CVE-2014-5077

Showing page 1 of 17   Next >
Show: All