Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Showing page 1 of 77   Next >
Show: All  

USN-3340-1: Apache HTTP Server vulnerabilities - 26th June 2017

Emmanuel Dreyfus discovered that third-party modules using the ap_get_basic_auth_pw() function outside of the authentication phase may lead to authentication requirements being bypassed. This update adds a new ap_get_basic_auth_components() function for use by third-party modules. (CVE-2017-3167) Vasileios Panopoulos discovered that the Apache mod_ssl module may crash when third-party modules call ap_hook_process_connection() ...

CVE-2017-3167 CVE-2017-3169 CVE-2017-7668 CVE-2017-7679

USN-3339-1: OpenVPN vulnerabilities - 22nd June 2017

Karthikeyan Bhargavan and Gaëtan Leurent discovered that 64-bit block ciphers are vulnerable to a birthday attack. A remote attacker could possibly use this issue to recover cleartext data. Fixing this issue requires a configuration change to switch to a different cipher. This update adds a warning to the log file ...

CVE-2016-6329 CVE-2017-7479 CVE-2017-7508 CVE-2017-7512 CVE-2017-7520 CVE-2017-7521

USN-3335-1: Linux kernel vulnerability - 22nd June 2017

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges

CVE-2017-1000364

USN-3334-1: Linux kernel (Xenial HWE) vulnerability - 22nd June 2017

USN-3328-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large ...

CVE-2017-1000364

USN-3333-1: Linux kernel (HWE) vulnerability - 22nd June 2017

USN-3326-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to ...

CVE-2017-1000364

USN-3332-1: Linux kernel (Raspberry Pi 2) vulnerability - 21st June 2017

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges

CVE-2017-1000364

USN-3331-1: Linux kernel (AWS) vulnerability - 21st June 2017

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges

CVE-2017-1000364

USN-3329-1: Linux kernel (GKE) vulnerability - 21st June 2017

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges

CVE-2017-1000364

USN-3328-1: Linux kernel vulnerability - 21st June 2017

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges

CVE-2017-1000364

USN-3327-1: Linux kernel (Raspberry Pi 2) vulnerability - 21st June 2017

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges

CVE-2017-1000364

USN-3326-1: Linux kernel vulnerability - 21st June 2017

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges

CVE-2017-1000364

USN-3325-1: Linux kernel (Raspberry Pi 2) vulnerability - 21st June 2017

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges

CVE-2017-1000364

USN-3324-1: Linux kernel vulnerability - 21st June 2017

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges

CVE-2017-1000364

USN-3335-2: Linux kernel (Trusty HWE) vulnerability - 21st June 2017

USN-3335-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large ...

CVE-2017-1000364

USN-3338-1: Linux kernel vulnerabilities - 21st June 2017

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges (CVE-2017-1000364) Jesse Hertz and Tim Newsham discovered that the ...

CVE-2016-4997 CVE-2017-1000364

USN-3337-1: Valgrind vulnerabilities - 21st June 2017

It was discovered that Valgrind incorectly handled certain string operations. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-2226) It was discovered that ...

CVE-2016-2226 CVE-2016-4487 CVE-2016-4488 CVE-2016-4489 CVE-2016-4490 CVE-2016-4491 CVE-2016-4492 CVE-2016-4493 CVE-2016-6131

USN-3336-1: NSS vulnerability - 21st June 2017

It was discovered that NSS incorrectly handled certain empty SSLv2 messages. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service.

CVE-2017-7502

USN-3330-1: Linux kernel (Qualcomm Snapdragon) vulnerabilities - 19th June 2017

It was discovered that the stack guard page for processes in the Linux kernel was not sufficiently large enough to prevent overlapping with the heap. An attacker could leverage this with another vulnerability to execute arbitrary code and gain administrative privileges (CVE-2017-1000364) Roee Hay discovered that the parallel port printer ...

CVE-2017-1000363 CVE-2017-1000364 CVE-2017-7487 CVE-2017-8890 CVE-2017-9074 CVE-2017-9075 CVE-2017-9076 CVE-2017-9077 CVE-2017-9242

USN-3311-2: libnl vulnerability - 19th June 2017

USN-3311-1 fixed a vulnerability in libnl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libnl incorrectly handled memory when performing certain operations. A local attacker could possibly use this issue to cause libnl to crash, resulting in a denial of service, ...

CVE-2017-0553

USN-3323-1: GNU C Library vulnerability - 19th June 2017

It was discovered that the GNU C library did not properly handle memory when processing environment variables for setuid programs. A local attacker could use this in combination with another vulnerability to gain administrative privileges.

CVE-2017-1000366

USN-3322-1: Exim vulnerability - 19th June 2017

It was discovered that Exim did not properly deallocate memory when processing certain command line arguments. A local attacker could use this in conjunction with a vulnerability in the underlying kernel to possibly execute arbitrary code and gain administrative privileges.

CVE-2017-1000369

USN-3320-1: zziplib vulnerabilities - 15th June 2017

Agostino Sarubbo discovered that zziplib incorrectly handled certain malformed ZIP files. If a user or automated system were tricked into opening a specially crafted ZIP file, a remote attacker could cause zziplib to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2017-5974 CVE-2017-5975 CVE-2017-5976 CVE-2017-5978 CVE-2017-5979 CVE-2017-5980 CVE-2017-5981

USN-3319-1: libmwaw vulnerability - 15th June 2017

It was discovered that libmwaw incorrectly handled certain malformed document files. If a user or automated system were tricked into opening a specially crafted file, a remote attacker could cause libmwaw to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2017-9433

USN-3315-1: Firefox vulnerabilities - 15th June 2017

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, read uninitialized memory, obtain sensitive information, spoof the addressbar contents, or execute arbitrary code. (CVE-2017-5470, CVE-2017-5471, CVE-2017-5472, CVE-2017-7749, CVE-2017-7750, ...

CVE-2017-5470 CVE-2017-5471 CVE-2017-5472 CVE-2017-7749 CVE-2017-7750 CVE-2017-7751 CVE-2017-7752 CVE-2017-7754 CVE-2017-7756 CVE-2017-7757 CVE-2017-7758 CVE-2017-7762 CVE-2017-7764 CVE-2017-7771 CVE-2017-7772 CVE-2017-7773 CVE-2017-7774 CVE-2017-7775 CVE-2017-7776 CVE-2017-7777 CVE-2017-7778

USN-3318-1: GnuTLS vulnerabilities - 13th June 2017

Hubert Kario discovered that GnuTLS incorrectly handled decoding a status response TLS extension. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04. (CVE-2017-7507) It was discovered that ...

CVE-2017-7507 CVE-2017-7869

USN-3317-1: Irssi vulnerabilities - 12th June 2017

It was discovered that Irssi incorrectly handled certain DCC messages. A malicious IRC server could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2017-9468) Joseph Bisch discovered that Irssi incorrectly handled receiving incorrectly quoted DCC files. A remote attacker could possibly use this issue ...

CVE-2017-9468 CVE-2017-9469

USN-3253-2: Nagios regression - 7th June 2017

USN-3253-1 fixed vulnerabilities in Nagios. The update prevented log files from being displayed in the web interface. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Nagios incorrectly handled certain long strings. A remote authenticated attacker could use this issue to cause ...

LP: 1690380

USN-3316-1: FreeRADIUS vulnerability - 7th June 2017

Stefan Winter and Luboš Pavlíček discovered that FreeRADIUS incorrectly handled the TLS session cache. A remote attacker could possibly use this issue to bypass authentication by resuming an unauthenticated session.

CVE-2017-9148

USN-3314-1: Linux kernel vulnerabilities - 7th June 2017

It was discovered that the keyring implementation in the Linux kernel in some situations did not prevent special internal keyrings from being joined by userspace keyrings. A privileged local attacker could use this to bypass module verification. (CVE-2016-9604) It was discovered that a buffer overflow existed in the trace subsystem ...

CVE-2016-9604 CVE-2017-0605 CVE-2017-2671 CVE-2017-7277 CVE-2017-7472 CVE-2017-7618 CVE-2017-7645 CVE-2017-7889 CVE-2017-7895 CVE-2017-7979 CVE-2017-8063 CVE-2017-8064 CVE-2017-8067

USN-3313-2: Linux kernel (HWE) vulnerability - 7th June 2017

USN-3313-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.10 for Ubuntu 16.04 LTS. It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker ...

CVE-2017-0605

USN-3312-2: Linux kernel (Xenial HWE) vulnerabilities - 6th June 2017

USN-3312-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. ...

CVE-2016-7913 CVE-2016-7917 CVE-2016-8632 CVE-2016-9083 CVE-2016-9084 CVE-2016-9604 CVE-2017-0605 CVE-2017-2596 CVE-2017-2671 CVE-2017-6001 CVE-2017-7472 CVE-2017-7618 CVE-2017-7645 CVE-2017-7889 CVE-2017-7895

USN-3312-1: Linux kernel vulnerabilities - 6th June 2017

It was discovered that the netfilter netlink implementation in the Linux kernel did not properly validate batch messages. A local attacker with the CAP_NET_ADMIN capability could use this to expose sensitive information or cause a denial of service. (CVE-2016-7917) Qian Zhang discovered a heap-based buffer overflow in the tipc_msg_build() function ...

CVE-2016-7913 CVE-2016-7917 CVE-2016-8632 CVE-2016-9083 CVE-2016-9084 CVE-2016-9604 CVE-2017-0605 CVE-2017-2596 CVE-2017-2671 CVE-2017-6001 CVE-2017-7472 CVE-2017-7618 CVE-2017-7645 CVE-2017-7889 CVE-2017-7895

USN-3313-1: Linux kernel vulnerability - 6th June 2017

It was discovered that a buffer overflow existed in the trace subsystem in the Linux kernel. A privileged local attacker could use this to execute arbitrary code.

CVE-2017-0605

USN-3311-1: libnl vulnerability - 6th June 2017

It was discovered that libnl incorrectly handled memory when performing certain operations. A local attacker could possibly use this issue to cause libnl to crash, resulting in a denial of service, or execute arbitrary code.

CVE-2017-0553

USN-3310-1: lintian vulnerability - 6th June 2017

Jakub Wilk discovered that lintian incorrectly handled deserializing certain YAML files. If a user or automated system were tricked into running lintian on a specially crafted package, a remote attacker could possibly use this issue to execute arbitrary code.

CVE-2017-8829

USN-3309-1: Libtasn1 vulnerability - 5th June 2017

Jakub Jirasek discovered that GnuTLS incorrectly handled certain assignments files. If a user were tricked into processing a specially crafted assignments file, a remote attacker could possibly execute arbirary code.

CVE-2017-6891

USN-3308-1: Puppet vulnerabilities - 5th June 2017

Dennis Rowe discovered that Puppet incorrectly handled the search path. A local attacker could use this issue to possibly execute arbitrary code. (CVE-2014-3248) It was discovered that Puppet incorrectly handled YAML deserialization. A remote attacker could possibly use this issue to execute arbitrary code on the master. This update is ...

CVE-2014-3248 CVE-2017-2295

USN-3307-1: OpenLDAP vulnerability - 1st June 2017

Karsten Heymann discovered that OpenLDAP incorrectly handled certain search requests. A remote attacker could use this issue to cause slapd to crash, resulting in a denial of service.

CVE-2017-9287

USN-3306-1: libsndfile vulnerabilities - 1st June 2017

Agostino Sarubbo and Jakub Jirasek discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2017-7585 CVE-2017-7586 CVE-2017-7741 CVE-2017-7742 CVE-2017-8361 CVE-2017-8362 CVE-2017-8363 CVE-2017-8365

USN-3305-1: NVIDIA graphics drivers vulnerabilities - 31st May 2017

It was discovered that the NVIDIA graphics drivers contained flaws in the kernel mode layer. A local attacker could use these issues to cause a denial of service or potentially escalate their privileges on the system.

CVE-2017-0350 CVE-2017-0351 CVE-2017-0352

USN-3304-1: Sudo vulnerability - 30th May 2017

It was discovered that Sudo did not properly parse the contents of /proc/[pid]/stat when attempting to determine its controlling tty. A local attacker in some configurations could possibly use this to overwrite any file on the filesystem, bypassing intended permissions.

CVE-2017-1000367

USN-3212-2: LibTIFF regression - 30th May 2017

USN-3212-1 fixed vulnerabilities in LibTIFF. Unfortunately, some of the security patches were misapplied, which caused a regression when processing certain images. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system ...

LP: 1670036

USN-3303-1: WebKitGTK+ vulnerabilities - 30th May 2017

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code ...

CVE-2017-2496 CVE-2017-2510 CVE-2017-2539

USN-3302-1: ImageMagick vulnerabilities - 30th May 2017

It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the ...

CVE-2017-7606 CVE-2017-7619 CVE-2017-7941 CVE-2017-7942 CVE-2017-7943 CVE-2017-8343 CVE-2017-8344 CVE-2017-8345 CVE-2017-8346 CVE-2017-8347 CVE-2017-8348 CVE-2017-8349 CVE-2017-8350 CVE-2017-8351 CVE-2017-8352 CVE-2017-8353 CVE-2017-8354 CVE-2017-8355 CVE-2017-8356 CVE-2017-8357 CVE-2017-8765 CVE-2017-8830 CVE-2017-9098 CVE-2017-9141 CVE-2017-9142 CVE-2017-9143 CVE-2017-9144

USN-3301-1: strongSwan vulnerabilities - 30th May 2017

It was discovered that the strongSwan gmp plugin incorrectly validated RSA public keys. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service. (CVE-2017-9022) It was discovered that strongSwan incorrectly parsed ASN.1 CHOICE types. A remote attacker could use this issue to ...

CVE-2017-9022 CVE-2017-9023

USN-3300-1: juju-core vulnerability - 26th May 2017

Ryan Beisner discovered juju did not set permissions on a Unix domain socket. A local attacker could use this flaw to gain administrative privileges.

CVE-2017-9232

USN-3299-1: Firefox update - 25th May 2017

Some security information preloaded in Firefox was due to expire before the next scheduled release. This update bumps the expiration times.

LP: 1693502

USN-3296-2: Samba vulnerability - 24th May 2017

USN-3296-1 fixed a vulnerability in Samba. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that Samba incorrectly handled shared libraries. A remote attacker could use this flaw to upload a shared library to a writable share and execute arbitrary code.

CVE-2017-7494

USN-3298-2: MiniUPnP vulnerability - 24th May 2017

USN-3298-1 fixed a vulnerability in MiniUPnP. This update provides the corresponding update for Ubuntu 17.04. Original advisory details: It was discovered that MiniUPnP incorrectly handled memory. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with privileges of the user running ...

CVE-2017-8798

USN-3298-1: MiniUPnP vulnerability - 24th May 2017

It was discovered that MiniUPnP incorrectly handled memory. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library.

CVE-2017-8798

Showing page 1 of 77   Next >
Show: All