Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact security@ubuntu.com. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Showing page 1 of 18   Next >
Show: All  

USN-2520-1: CUPS vulnerability - 26th February 2015

Peter De Wachter discovered that CUPS incorrectly handled certain malformed compressed raster files. A remote attacker could use this issue to cause CUPS to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2014-9679

USN-2519-1: GNU C Library vulnerabilities - 26th February 2015

Arnaud Le Blanc discovered that the GNU C Library incorrectly handled file descriptors when resolving DNS queries under high load. This may cause a denial of service in other applications, or an information leak. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2013-7423) It ...

CVE-2013-7423 CVE-2014-9402 CVE-2015-1472 CVE-2015-1473

USN-2512-1: Linux kernel (EC2) vulnerabilities - 26th February 2015

A race condition was discovered in the Linux kernel's key ring. A local user could cause a denial of service (memory corruption or panic) or possibly have unspecified impact via the keyctl commands. (CVE-2014-9529) A memory leak was discovered in the ISO 9660 CDROM file system when parsing rock ridge ...

CVE-2014-9529 CVE-2014-9584

USN-2511-1: Linux kernel vulnerabilities - 26th February 2015

A race condition was discovered in the Linux kernel's key ring. A local user could cause a denial of service (memory corruption or panic) or possibly have unspecified impact via the keyctl commands. (CVE-2014-9529) A memory leak was discovered in the ISO 9660 CDROM file system when parsing rock ridge ...

CVE-2014-9529 CVE-2014-9584

USN-2510-1: FreeType vulnerabilities - 24th February 2015

Mateusz Jurczyk discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.

CVE-2014-9656 CVE-2014-9657 CVE-2014-9658 CVE-2014-9659 CVE-2014-9660 CVE-2014-9661 CVE-2014-9662 CVE-2014-9663 CVE-2014-9664 CVE-2014-9665 CVE-2014-9666 CVE-2014-9667 CVE-2014-9668 CVE-2014-9669 CVE-2014-9670 CVE-2014-9671 CVE-2014-9672 CVE-2014-9673 CVE-2014-9674 CVE-2014-9675

USN-2509-1: ca-certificates update - 23rd February 2015

The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20141019 package.

LP: 1423904

USN-2507-1: e2fsprogs vulnerabilities - 23rd February 2015

Jose Duart discovered that e2fsprogs incorrectly handled invalid block group descriptor data. A local attacker could use this issue with a crafted filesystem image to possibly execute arbitrary code. (CVE-2015-0247, CVE-2015-1572)

CVE-2015-0247 CVE-2015-1572

USN-2504-1: NSS update - 19th February 2015

The NSS package contained outdated CA certificates. This update refreshes the NSS package to version 3.17.4 which includes the latest CA certificate bundle.

LP: 1423031

USN-2488-2: ClamAV vulnerability - 12th February 2015

USN-2488-1 fixed a vulnerability in ClamAV for Ubuntu 14.10, Ubuntu 14.04 LTS, and Ubuntu 12.04 LTS. This update provides the corresponding update for Ubuntu 10.04 LTS. Original advisory details: Sebastian Andrzej Siewior discovered that ClamAV incorrectly handled certain upack packer files. An attacker could possibly use this issue to cause ...

CVE-2013-6497 CVE-2014-9328

USN-2499-1: PostgreSQL vulnerabilities - 11th February 2015

Stephen Frost discovered that PostgreSQL incorrectly displayed certain values in error messages. An authenticated user could gain access to seeing certain values, contrary to expected permissions. (CVE-2014-8161) Andres Freund, Peter Geoghegan and Noah Misch discovered that PostgreSQL incorrectly handled buffers in to_char functions. An authenticated attacker could possibly use this ...

CVE-2014-8161 CVE-2015-0241 CVE-2015-0243 CVE-2015-0244

USN-2498-1: Kerberos vulnerabilities - 10th February 2015

It was discovered that Kerberos incorrectly sent old keys in response to a -randkey -keepold request. An authenticated remote attacker could use this issue to forge tickets by leveraging administrative access. This issue only affected Ubuntu 10.04 LTS, Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2014-5351) It was discovered that ...

CVE-2014-5351 CVE-2014-5352 CVE-2014-5353 CVE-2014-5354 CVE-2014-9421 CVE-2014-9422 CVE-2014-9423

USN-2496-1: GNU binutils vulnerabilities - 9th February 2015

Michal Zalewski discovered that the setup_group function in libbfd in GNU binutils did not properly check group headers in ELF files. An attacker could use this to craft input that could cause a denial of service (application crash) or possibly execute arbitrary code. (CVE-2014-8485) Hanno Böck discovered that the _bfd_XXi_swap_aouthdr_in ...

CVE-2012-3509 CVE-2014-8484 CVE-2014-8485 CVE-2014-8501 CVE-2014-8502 CVE-2014-8503 CVE-2014-8504 CVE-2014-8737 CVE-2014-8738

USN-2497-1: NTP vulnerabilities - 9th February 2015

Stephen Roettger, Sebastian Krahmer, and Harlan Stenn discovered that NTP incorrectly handled the length value in extension fields. A remote attacker could use this issue to possibly obtain leaked information, or cause the NTP daemon to crash, resulting in a denial of service. (CVE-2014-9297) Stephen Roettger discovered that NTP incorrectly ...

CVE-2014-9297 CVE-2014-9298

USN-2469-2: Django regression - 4th February 2015

USN-2469-1 fixed vulnerabilities in Django. The security fix for CVE-2015-0221 introduced a regression on Ubuntu 10.04 LTS and Ubuntu 12.04 LTS when serving static content through GZipMiddleware. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jedediah Smith discovered that Django incorrectly handled underscores in WSGI ...

LP: 1417274

USN-2494-1: file vulnerabilities - 4th February 2015

Francisco Alonso discovered that file incorrectly handled certain ELF files. An attacker could use this issue to cause file to crash, resulting in a denial of service. (CVE-2014-3710) Thomas Jarosch discovered that file incorrectly handled certain ELF files. An attacker could use this issue to cause file to hang or ...

CVE-2014-3710 CVE-2014-8116 CVE-2014-8117

USN-2491-1: Linux kernel (EC2) vulnerabilities - 3rd February 2015

Andy Lutomirski discovered that the Linux kernel does not properly handle faults associated with the Stack Segment (SS) register in the x86 architecture. A local attacker could exploit this flaw to gain administrative privileges. (CVE-2014-9322) Lars Bull reported a race condition in the PIT (programmable interrupt timer) emulation in the ...

CVE-2014-3610 CVE-2014-3611 CVE-2014-8133 CVE-2014-9322 CVE-2014-9420

USN-2490-1: Linux kernel vulnerabilities - 3rd February 2015

Andy Lutomirski discovered an information leak in the Linux kernel's Thread Local Storage (TLS) implementation allowing users to bypass the espfix to obtain information that could be used to bypass the Address Space Layout Randomization (ASLR) protection mechanism. A local user could exploit this flaw to obtain potentially sensitive information ...

CVE-2014-8133 CVE-2014-9420

USN-2489-1: unzip vulnerability - 3rd February 2015

Michal Zalewski discovered that unzip incorrectly handled certain malformed zip archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code.

CVE-2014-9636

USN-2486-1: OpenJDK 6 vulnerabilities - 27th January 2015

Several vulnerabilities were discovered in the OpenJDK JRE related to information disclosure, data integrity and availability. An attacker could exploit these to cause a denial of service or expose sensitive data over the network. (CVE-2014-3566, CVE-2014-6587, CVE-2014-6601, CVE-2015-0395, CVE-2015-0408, CVE-2015-0412) Several vulnerabilities were discovered in the OpenJDK JRE related to ...

CVE-2014-3566 CVE-2014-6585 CVE-2014-6587 CVE-2014-6591 CVE-2014-6593 CVE-2014-6601 CVE-2015-0383 CVE-2015-0395 CVE-2015-0400 CVE-2015-0407 CVE-2015-0408 CVE-2015-0410 CVE-2015-0412

USN-2485-1: GNU C Library vulnerability - 27th January 2015

It was discovered that a buffer overflow existed in the gethostbyname and gethostbyname2 functions in the GNU C Library. An attacker could use this issue to execute arbitrary code or cause an application crash, resulting in a denial of service.

CVE-2015-0235 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/GHOST

USN-2483-2: Ghostscript vulnerabilities - 26th January 2015

USN-2483-1 fixed vulnerabilities in JasPer. This update provides the corresponding fix for the JasPer library embedded in the Ghostscript package. Original advisory details: Jose Duart discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, ...

CVE-2014-8137 CVE-2014-8138 CVE-2014-8157 CVE-2014-8158

USN-2482-1: elfutils vulnerability - 22nd January 2015

Alexander Cherepanov discovered that libelf1 incorrectly handled certain filesystem paths while extracting ar archives. An attacker could use this flaw to perform a directory traversal attack on the root directory if the process extracting the ar archive has write access to the root directory.

CVE-2014-9447

USN-2477-1: libevent vulnerability - 19th January 2015

Andrew Bartlett discovered that libevent incorrectly handled large inputs to the evbuffer API. A remote attacker could possibly use this issue with an application that uses libevent to cause a denial of service, or possibly execute arbitrary code.

CVE-2014-6272

USN-2474-1: curl vulnerability - 15th January 2015

Andrey Labunets discovered that curl incorrectly handled certain URLs when using a proxy server. If a user or automated system were tricked into using a specially crafted URL, an attacker could possibly use this issue to inject arbitrary HTTP requests.

CVE-2014-8150

USN-2473-1: coreutils vulnerabilities - 14th January 2015

It was discovered that the distcheck rule in dist-check.mk in GNU coreutils allows local users to gain privileges via a symlink attack on a directory tree under /tmp. This issue only affected Ubuntu 10.04 LTS. (CVE-2009-4135) Bertrand Jacquin and Fiedler Roman discovered date and touch incorrectly handled user-supplied input. An ...

CVE-2009-4135 CVE-2014-9471

USN-2472-1: unzip vulnerabilities - 14th January 2015

Wolfgang Ettlinger discovered that unzip incorrectly handled certain malformed zip archives. If a user or automated system were tricked into processing a specially crafted zip archive, an attacker could possibly execute arbitrary code.

CVE-2014-8139 CVE-2014-8140 CVE-2014-8141

USN-2469-1: Django vulnerabilities - 13th January 2015

Jedediah Smith discovered that Django incorrectly handled underscores in WSGI headers. A remote attacker could possibly use this issue to spoof headers in certain environments. (CVE-2015-0219) Mikko Ohtamaa discovered that Django incorrectly handled user-supplied redirect URLs. A remote attacker could possibly use this issue to perform a cross-site scripting attack. ...

CVE-2015-0219 CVE-2015-0220 CVE-2015-0221 CVE-2015-0222

USN-2462-1: Linux kernel vulnerabilities - 13th January 2015

Lars Bull reported a race condition in the PIT (programmable interrupt timer) emulation in the KVM (Kernel Virtual Machine) subsystem of the Linux kernel. A local guest user with access to PIT i/o ports could exploit this flaw to cause a denial of service (crash) on the host. (CVE-2014-3611) Lars ...

CVE-2014-3610 CVE-2014-3611

USN-2459-1: OpenSSL vulnerabilities - 12th January 2015

Pieter Wuille discovered that OpenSSL incorrectly handled Bignum squaring. (CVE-2014-3570) Markus Stenberg discovered that OpenSSL incorrectly handled certain crafted DTLS messages. A remote attacker could use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2014-3571) Karthikeyan Bhargavan discovered that OpenSSL incorrectly handled certain handshakes. A ...

CVE-2014-3570 CVE-2014-3571 CVE-2014-3572 CVE-2014-8275 CVE-2015-0204 CVE-2015-0205 CVE-2015-0206

USN-2456-1: GNU cpio vulnerabilities - 8th January 2015

Michal Zalewski discovered an out of bounds write issue in the process_copy_in function of GNU cpio. An attacker could specially craft a cpio archive that could create a denial of service or possibly execute arbitrary code. (CVE-2014-9112) Jakob Lell discovered a heap-based buffer overflow in the rmt_read__ function of GNU ...

CVE-2010-0624 CVE-2014-9112

USN-2455-1: bsd-mailx vulnerability - 7th January 2015

It was discovered that bsd-mailx contained a feature that allowed syntactically valid email addresses to be treated as shell commands. A remote attacker could possibly use this issue with a valid email address to execute arbitrary commands. This functionality has now been disabled by default, and can be re-enabled with ...

CVE-2014-7844

USN-2453-1: mime-support vulnerability - 7th January 2015

Timothy D. Morgan discovered that the run-mailcap tool incorrectly filtered certain shell metacharacters in filenames. If a user or automated system were tricked into opening a file with a specially-crafted filename, a remote attacker could possibly execute arbitrary code.

CVE-2014-7209

USN-2452-1: NSS vulnerability - 7th January 2015

It was discovered that NSS incorrectly handled certain ASN.1 lengths. A remote attacker could possibly use this issue to perform a data-smuggling attack.

CVE-2014-1569

USN-2449-1: NTP vulnerabilities - 22nd December 2014

Neel Mehta discovered that NTP generated weak authentication keys. A remote attacker could possibly use this issue to brute force the authentication key and send requests if permitted by IP restrictions. (CVE-2014-9293) Stephen Roettger discovered that NTP generated weak MD5 keys. A remote attacker could possibly use this issue to ...

CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296

USN-2442-1: Linux kernel (EC2) vulnerabilities - 12th December 2014

An information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in ...

CVE-2014-3673 CVE-2014-3687 CVE-2014-3688 CVE-2014-7841 CVE-2014-8134 CVE-2014-8709 CVE-2014-8884 CVE-2014-9090

USN-2441-1: Linux kernel vulnerabilities - 12th December 2014

An information leak in the Linux kernel was discovered that could leak the high 16 bits of the kernel stack address on 32-bit Kernel Virtual Machine (KVM) paravirt guests. A user in the guest OS could exploit this leak to obtain information that could potentially be used to aid in ...

CVE-2014-3673 CVE-2014-3687 CVE-2014-3688 CVE-2014-7841 CVE-2014-8134 CVE-2014-8709 CVE-2014-8884 CVE-2014-9090

USN-2440-1: Mutt vulnerability - 11th December 2014

Jakub Wilk discovered that the write_one_header function in mutt did not properly handle newline characters at the beginning of a header. An attacker could specially craft an email to cause mutt to crash, resulting in a denial of service.

CVE-2014-9116

USN-2439-1: QEMU vulnerabilities - 11th December 2014

Michael S. Tsirkin discovered that QEMU incorrectly handled certain parameters during ram load while performing a migration. An attacker able to manipulate savevm data could use this issue to possibly execute arbitrary code on the host. This issue only affected Ubuntu 12.04 LTS, Ubuntu 14.04 LTS, and Ubuntu 14.10. (CVE-2014-7840) ...

CVE-2014-7840 CVE-2014-8106

USN-2437-1: Bind vulnerability - 9th December 2014

Florian Maury discovered that Bind incorrectly handled delegation. A remote attacker could possibly use this issue to cause Bind to consume resources and crash, resulting in a denial of service.

CVE-2014-8500

USN-2435-1: Graphviz vulnerability - 8th December 2014

It was discovered that graphviz incorrectly handled parsing errors. An attacker could use this issue to cause graphviz to crash or possibly execute arbitrary code.

CVE-2014-9157

USN-2434-2: Ghostscript vulnerability - 8th December 2014

USN-2434-1 fixed a vulnerability in JasPer. This update provides the corresponding fix for the JasPer library embedded in the Ghostscript package. Original advisory details: Jose Duart discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a ...

CVE-2014-9029

USN-2433-1: tcpdump vulnerabilities - 4th December 2014

Steffen Bauch discovered that tcpdump incorrectly handled printing OSLR packets. A remote attacker could use this issue to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-8767) Steffen Bauch discovered that tcpdump incorrectly handled printing GeoNet packets. A remote attacker could use this ...

CVE-2014-8767 CVE-2014-8768 CVE-2014-8769 CVE-2014-9140

USN-2432-1: GNU C Library vulnerabilities - 3rd December 2014

Siddhesh Poyarekar discovered that the GNU C Library incorrectly handled certain multibyte characters when using the iconv function. An attacker could possibly use this issue to cause applications to crash, resulting in a denial of service. This issue only affected Ubuntu 10.04 LTS and Ubuntu 12.04 LTS. (CVE-2012-6656) Adhemerval Zanella ...

CVE-2012-6656 CVE-2014-6040 CVE-2014-7817

USN-2429-1: ppp vulnerability - 1st December 2014

It was discovered that ppp incorrectly handled certain options files. A local attacker could possibly use this issue to escalate privileges.

CVE-2014-3158

USN-2426-1: FLAC vulnerabilities - 27th November 2014

Michele Spagnuolo discovered that FLAC incorrectly handled certain malformed audio files. An attacker could use this issue to cause FLAC to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2014-8962 CVE-2014-9028

USN-2416-1: Linux kernel (EC2) vulnerabilities - 24th November 2014

Don Bailey discovered a flaw in the LZO decompress algorithm used by the Linux kernel. An attacker could exploit this flaw to cause a denial of service (memory corruption or OOPS). (CVE-2014-4608) Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A ...

CVE-2014-4608 CVE-2014-7975

USN-2415-1: Linux kernel vulnerability - 24th November 2014

Andy Lutomirski discovered that the Linux kernel was not checking the CAP_SYS_ADMIN when remounting filesystems to read-only. A local user could exploit this flaw to cause a denial of service (loss of writability).

CVE-2014-7975

USN-2409-1: QEMU vulnerabilities - 13th November 2014

Laszlo Ersek discovered that QEMU incorrectly handled memory in the vga device. A malicious guest could possibly use this issue to read arbitrary host memory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 14.10. (CVE-2014-3615) Xavier Mehrenberger and Stephane Duverger discovered that QEMU incorrectly handled certain udp packets when ...

CVE-2014-3615 CVE-2014-3640 CVE-2014-3689 CVE-2014-5263 CVE-2014-5388 CVE-2014-7815

USN-2399-1: curl vulnerability - 10th November 2014

Symeon Paraschoudis discovered that curl incorrectly handled memory when being used with CURLOPT_COPYPOSTFIELDS and curl_easy_duphandle(). This may result in sensitive data being incorrectly sent to the remote server.

CVE-2014-3707

USN-2393-1: Wget vulnerability - 30th October 2014

HD Moore discovered that Wget contained a path traversal vulnerability when downloading symlinks using FTP. A malicious remote FTP server or a man in the middle could use this issue to cause Wget to overwrite arbitrary files, possibly leading to arbitrary code execution.

CVE-2014-4877

Showing page 1 of 18   Next >
Show: All