Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

< Previous   Showing page 4 of 74   Next >
Show: All  

USN-3104-1: Linux kernel vulnerability - 19th October 2016

It was discovered that a race condition existed in the memory manager of the Linux kernel when handling copy-on-write breakage of private read-only memory mappings. A local attacker could use this to gain administrative privileges.

CVE-2016-5195

USN-3097-2: Linux kernel (OMAP4) vulnerabilities - 13th October 2016

Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828) Pengfei Wang discovered a race condition in the audit subsystem in ...

CVE-2016-6136 CVE-2016-6480 CVE-2016-6828

USN-3103-1: DBD::mysql vulnerabilities - 13th October 2016

It was discovered that DBD::mysql incorrectly handled certain memory operations. A remote attacker could use this issue to cause DBD::mysql to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2014-9906) Hanno Böck discovered that DBD::mysql incorrectly handled certain memory operations. A remote attacker could use this ...

CVE-2014-9906 CVE-2015-8949 CVE-2016-1246

USN-3102-1: Quagga vulnerabilities - 13th October 2016

It was discovered that Quagga incorrectly handled dumping data. A remote attacker could possibly use a large BGP packet to cause Quagga to crash, resulting in a denial of service. (CVE-2016-4049) It was discovered that the Quagga package incorrectly set permissions on the configuration directory. A local user could use ...

CVE-2016-4036 CVE-2016-4049

USN-3101-1: Tracker vulnerability - 12th October 2016

It was discovered that Tracker incorrectly handled certain malformed GIF images. If a user or automated system were tricked into downloading a specially-crafted GIF image, Tracker could crash, resulting in a denial of service.

LP: 1178402

USN-3100-1: KDE-PIM Libraries vulnerability - 12th October 2016

Roland Tapken discovered that the KDE-PIM Libraries incorrectly filtered URLs. A remote attacker could use this issue to perform an HTML injection attack in the KMail plain text viewer.

CVE-2016-7966

USN-3099-4: Linux kernel (Qualcomm Snapdragon) vulnerabilities - 11th October 2016

Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039) Marco Grassi discovered a use-after-free condition could occur in ...

CVE-2016-6480 CVE-2016-6828 CVE-2016-7039

USN-3099-3: Linux kernel (Raspberry Pi 2) vulnerabilities - 11th October 2016

Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039) Marco Grassi discovered a use-after-free condition could occur in ...

CVE-2016-6480 CVE-2016-6828 CVE-2016-7039

USN-3099-2: Linux kernel (Xenial HWE) vulnerabilities - 11th October 2016

USN-3099-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in ...

CVE-2016-6480 CVE-2016-6828 CVE-2016-7039

USN-3099-1: Linux kernel vulnerabilities - 11th October 2016

Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039) Marco Grassi discovered a use-after-free condition could occur in ...

CVE-2016-6130 CVE-2016-6480 CVE-2016-6828 CVE-2016-7039

USN-3098-2: Linux kernel (Trusty HWE) vulnerabilities - 11th October 2016

USN-3098-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux ...

CVE-2016-6136 CVE-2016-6480 CVE-2016-6828 CVE-2016-7039

USN-3098-1: Linux kernel vulnerabilities - 11th October 2016

Vladimír Beneš discovered an unbounded recursion in the VLAN and TEB Generic Receive Offload (GRO) processing implementations in the Linux kernel, A remote attacker could use this to cause a stack corruption, leading to a denial of service (system crash). (CVE-2016-7039) Marco Grassi discovered a use-after-free condition could occur in ...

CVE-2016-6136 CVE-2016-6480 CVE-2016-6828 CVE-2016-7039

USN-3097-1: Linux kernel vulnerabilities - 10th October 2016

Marco Grassi discovered a use-after-free condition could occur in the TCP retransmit queue handling code in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-6828) Pengfei Wang discovered a race condition in the audit subsystem in ...

CVE-2016-6136 CVE-2016-6480 CVE-2016-6828

USN-3091-1: Oxide vulnerabilities - 7th October 2016

A use-after-free was discovered in the V8 bindings in Blink. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code. (CVE-2016-5170) A use-after-free was discovered in the V8 bindings ...

CVE-2016-5170 CVE-2016-5171 CVE-2016-5172 CVE-2016-5175 CVE-2016-5177 CVE-2016-5178 CVE-2016-7549

USN-3096-1: NTP vulnerabilities - 5th October 2016

Aanchal Malhotra discovered that NTP incorrectly handled authenticated broadcast mode. A remote attacker could use this issue to perform a replay attack. (CVE-2015-7973) Matt Street discovered that NTP incorrectly verified peer associations of symmetric keys. A remote attacker could use this issue to perform an impersonation attack. (CVE-2015-7974) Jonathan Gardner ...

CVE-2015-7973 CVE-2015-7974 CVE-2015-7975 CVE-2015-7976 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979 CVE-2015-8138 CVE-2015-8158 CVE-2016-0727 CVE-2016-1547 CVE-2016-1548 CVE-2016-1550 CVE-2016-2516 CVE-2016-2518 CVE-2016-4954 CVE-2016-4955 CVE-2016-4956

USN-3095-1: PHP vulnerabilities - 4th October 2016

Taoguang Chen discovered that PHP incorrectly handled certain invalid objects when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-7124) Taoguang Chen discovered that PHP incorrectly handled invalid session names. A remote attacker ...

CVE-2016-7124 CVE-2016-7125 CVE-2016-7127 CVE-2016-7128 CVE-2016-7129 CVE-2016-7130 CVE-2016-7131 CVE-2016-7132 CVE-2016-7133 CVE-2016-7134 CVE-2016-7411 CVE-2016-7412 CVE-2016-7413 CVE-2016-7414 CVE-2016-7416 CVE-2016-7417 CVE-2016-7418

USN-3090-2: Pillow regresssion - 30th September 2016

USN-3090-1 fixed vulnerabilities in Pillow. The patch to fix CVE-2014-9601 caused a regression which resulted in failures when processing certain png images. This update temporarily reverts the security fix for CVE-2014-9601 pending further investigation. We apologize for the inconvenience. Original advisory details: It was discovered that a flaw in processing ...

CVE-2014-9601 LP: 1628351

USN-3094-1: Systemd vulnerability - 29th September 2016

Andrew Ayer discovered that Systemd improperly handled zero-length notification messages. A local unprivileged attacker could use this to cause a denial of service (init crash leading to system unavailability).

LP: 1628687

USN-3093-1: ClamAV vulnerabilities - 28th September 2016

It was discovered that ClamAV incorrectly handled certain malformed files. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. In the default installation, attackers would be isolated by the ClamAV AppArmor profile.

CVE-2016-1371 CVE-2016-1372 CVE-2016-1405

USN-3092-1: Samba vulnerability - 28th September 2016

Stefan Metzmacher discovered that Samba incorrectly handled certain flags in SMB2/3 client connections. A remote attacker could use this issue to disable client signing and impersonate servers by performing a man in the middle attack. Samba has been updated to 4.3.11 in Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. In ...

CVE-2016-2119

USN-3090-1: Pillow vulnerabilities - 27th September 2016

It was discovered that a flaw in processing a compressed text chunk in a PNG image could cause the image to have a large size when decompressed, potentially leading to a denial of service. (CVE-2014-9601) Andrew Drake discovered that Pillow incorrectly validated input. A remote attacker could use this to ...

CVE-2014-3589 CVE-2014-9601 CVE-2016-0740 CVE-2016-0775 CVE-2016-2533

USN-3088-1: Bind vulnerability - 27th September 2016

It was discovered that Bind incorrectly handled building responses to certain specially crafted requests. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.

CVE-2016-2776

USN-3089-1: Django vulnerability - 27th September 2016

Sergey Bobrov discovered that Django incorrectly parsed cookies when being used with Google Analytics. A remote attacker could possibly use this issue to set arbitrary cookies leading to a CSRF protection bypass.

CVE-2016-7401

USN-3087-2: OpenSSL regression - 23rd September 2016

USN-3087-1 fixed vulnerabilities in OpenSSL. The fix for CVE-2016-2182 was incomplete and caused a regression when parsing certificates. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Shi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request extension. A remote attacker could possibly use this ...

LP: 1626883

USN-3087-1: OpenSSL vulnerabilities - 22nd September 2016

Shi Lei discovered that OpenSSL incorrectly handled the OCSP Status Request extension. A remote attacker could possibly use this issue to cause memory consumption, resulting in a denial of service. (CVE-2016-6304) Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this ...

CVE-2016-2177 CVE-2016-2178 CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-2183 CVE-2016-6302 CVE-2016-6303 CVE-2016-6304 CVE-2016-6306

USN-3073-1: Thunderbird vulnerabilities - 22nd September 2016

Christian Holler, Carsten Book, Gary Kwong, Jesse Ruderman, Andrew McCreight, and Phil Ringnalda discovered multiple memory safety issues in Thunderbird. If a user were tricked in to opening a specially crafted message, an attacker could potentially exploit these to cause a denial of service via application crash, or execute arbitrary ...

CVE-2016-2836

USN-3076-1: Firefox vulnerabilities - 22nd September 2016

Atte Kettunen discovered an out-of-bounds read when handling certain Content Security Policy (CSP) directives in some circumstances. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash. (CVE-2016-2827) Christoph Diehl, Christian Holler, Gary ...

CVE-2016-2827 CVE-2016-5256 CVE-2016-5257 CVE-2016-5270 CVE-2016-5271 CVE-2016-5272 CVE-2016-5273 CVE-2016-5274 CVE-2016-5275 CVE-2016-5276 CVE-2016-5277 CVE-2016-5278 CVE-2016-5279 CVE-2016-5280 CVE-2016-5281 CVE-2016-5282 CVE-2016-5283 CVE-2016-5284

USN-3085-1: GDK-PixBuf vulnerabilities - 21st September 2016

It was discovered that the GDK-PixBuf library did not properly handle specially crafted bmp images, leading to a heap-based buffer overflow. If a user or automated system were tricked into opening a specially crafted bmp file, a remote attacker could use this flaw to cause GDK-PixBuf to crash, resulting in ...

CVE-2015-7552 CVE-2015-8875 CVE-2016-6352

USN-3086-1: Irssi vulnerabilities - 21st September 2016

Gabriel Campana and Adrien Guinet discovered that the format parsing code in Irssi did not properly verify 24bit color codes. A remote attacker could use this to cause a denial of service (application crash). (CVE-2016-7044) Gabriel Campana and Adrien Guinet discovered that a buffer overflow existed in the format parsing ...

CVE-2016-7044 CVE-2016-7045

USN-3084-4: Linux kernel (Qualcomm Snapdragon) vulnerabilities - 19th September 2016

Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. (CVE-2016-6136) It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state ...

CVE-2016-5412 CVE-2016-6136 CVE-2016-6156

USN-3084-3: Linux kernel (Raspberry Pi 2) vulnerabilities - 19th September 2016

Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. (CVE-2016-6136) It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state ...

CVE-2016-5412 CVE-2016-6136 CVE-2016-6156

USN-3084-2: Linux kernel (Xenial HWE) vulnerabilities - 19th September 2016

USN-3084-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could ...

CVE-2016-5412 CVE-2016-6136 CVE-2016-6156

USN-3084-1: Linux kernel vulnerabilities - 19th September 2016

Pengfei Wang discovered a race condition in the audit subsystem in the Linux kernel. A local attacker could use this to corrupt audit logs or disrupt system-call auditing. (CVE-2016-6136) It was discovered that the powerpc and powerpc64 hypervisor-mode KVM implementation in the Linux kernel for did not properly maintain state ...

CVE-2016-5412 CVE-2016-6136 CVE-2016-6156

USN-3083-2: Linux kernel (Trusty HWE) vulnerabilities - 19th September 2016

USN-3083-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Dmitry Vyukov discovered that the IPv6 implementation in the Linux kernel did not properly handle options data, including ...

CVE-2015-8767 CVE-2016-3841

USN-3083-1: Linux kernel vulnerabilities - 19th September 2016

Dmitry Vyukov discovered that the IPv6 implementation in the Linux kernel did not properly handle options data, including a use-after-free. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2016-3841) It was discovered that a race condition existed when handling ...

CVE-2015-8767 CVE-2016-3841

USN-3082-2: Linux kernel (OMAP4) vulnerability - 19th September 2016

Chiachih Wu, Yuan-Tsung Lo, and Xuxian Jiang discovered that the legacy ABI for ARM (OABI) had incomplete access checks for epoll_wait(2) and semtimedop(2). A local attacker could use this to possibly execute arbitrary code.

CVE-2016-3857

USN-3082-1: Linux kernel vulnerability - 19th September 2016

Chiachih Wu, Yuan-Tsung Lo, and Xuxian Jiang discovered that the legacy ABI for ARM (OABI) had incomplete access checks for epoll_wait(2) and semtimedop(2). A local attacker could use this to possibly execute arbitrary code.

CVE-2016-3857

USN-3081-1: Tomcat vulnerability - 19th September 2016

Dawid Golunski discovered that the Tomcat init script incorrectly handled creating log files. A remote attacker could possibly use this issue to obtain root privileges. (CVE-2016-1240) This update also reverts a change in behaviour introduced in USN-3024-1 by setting mapperContextRootRedirectEnabled to True by default.

CVE-2016-1240 LP: 1609819

USN-3080-1: Python Imaging Library vulnerabilities - 15th September 2016

Eric Soroos discovered that the Python Imaging Library incorrectly handled certain malformed FLI or PhotoCD files. A remote attacker could use this issue to cause Python Imaging Library to crash, resulting in a denial of service. (CVE-2016-0775, CVE-2016-2533) Andrew Drake discovered that the Python Imaging Libray incorrectly validated input. A ...

CVE-2014-3589 CVE-2016-0775 CVE-2016-2533

USN-3058-1: Oxide vulnerabilities - 14th September 2016

An issue was discovered in Blink involving the provisional URL for an initially empty document. An attacker could potentially exploit this to spoof the currently displayed URL. (CVE-2016-5141) A use-after-free was discovered in the WebCrypto implementation in Blink. If a user were tricked in to opening a specially crafted website, ...

CVE-2016-5141 CVE-2016-5142 CVE-2016-5143 CVE-2016-5144 CVE-2016-5145 CVE-2016-5146 CVE-2016-5147 CVE-2016-5148 CVE-2016-5150 CVE-2016-5153 CVE-2016-5155 CVE-2016-5156 CVE-2016-5161 CVE-2016-5164 CVE-2016-5165 CVE-2016-5167

USN-3079-1: WebKitGTK+ vulnerabilities - 14th September 2016

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code ...

CVE-2016-1854 CVE-2016-1856 CVE-2016-1857 CVE-2016-1858 CVE-2016-1859 CVE-2016-4583 CVE-2016-4585 CVE-2016-4586 CVE-2016-4588 CVE-2016-4589 CVE-2016-4590 CVE-2016-4591 CVE-2016-4622 CVE-2016-4623 CVE-2016-4624 CVE-2016-4651

USN-3078-1: MySQL vulnerability - 13th September 2016

Dawid Golunski discovered that MySQL incorrectly handled configuration files. A remote attacker could possibly use this issue to execute arbitrary code with root privileges. MySQL has been updated to 5.5.52 in Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. Ubuntu 16.04 LTS has been updated to MySQL 5.7.15. In addition to ...

CVE-2016-6662

USN-3077-1: OpenJDK 6 vulnerabilities - 12th September 2016

A vulnerability was discovered in the OpenJDK JRE related to data integrity. An attacker could exploit this to expose sensitive data over the network or possibly execute arbitrary code. (CVE-2016-3458) Multiple vulnerabilities were discovered in the OpenJDK JRE related to availability. An attacker could exploit these to cause a denial ...

CVE-2016-3458 CVE-2016-3500 CVE-2016-3508 CVE-2016-3550 CVE-2016-3606

USN-3075-1: Imlib2 vulnerabilities - 8th September 2016

Jakub Wilk discovered an out of bounds read in the GIF loader implementation in Imlib2. An attacker could use this to cause a denial of service (application crash) or possibly obtain sensitive information. (CVE-2016-3994) Yuriy M. Kaminskiy discovered an off-by-one error when handling coordinates in Imlib2. An attacker could use ...

CVE-2011-5326 CVE-2014-9762 CVE-2014-9763 CVE-2014-9764 CVE-2014-9771 CVE-2016-3993 CVE-2016-3994 CVE-2016-4024

USN-3074-1: File Roller vulnerability - 8th September 2016

It was discovered that File Roller incorrectly handled symlinks. If a user were tricked into extracting a specially-crafted archive, an attacker could delete files outside of the extraction directory.

CVE-2016-7162 LP: 1171236

USN-3070-4: Linux kernel (Xenial HWE) vulnerabilities - 30th August 2016

USN-3070-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw ...

CVE-2016-1237 CVE-2016-5244 CVE-2016-5400 CVE-2016-5696 CVE-2016-5728 CVE-2016-5828 CVE-2016-5829 CVE-2016-6197

USN-3070-3: Linux kernel (Qualcomm Snapdragon) vulnerabilities - 30th August 2016

A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. (CVE-2016-1237) Kangjie Lu discovered an information leak in the Reliable Datagram Sockets (RDS) implementation in the Linux kernel. A local attacker could ...

CVE-2016-1237 CVE-2016-5244 CVE-2016-5400 CVE-2016-5696 CVE-2016-5728 CVE-2016-5828 CVE-2016-5829 CVE-2016-6197

USN-3070-2: Linux kernel (Raspberry Pi 2) vulnerabilities - 30th August 2016

A missing permission check when settings ACLs was discovered in nfsd. A local user could exploit this flaw to gain access to any file by setting an ACL. (CVE-2016-1237) Kangjie Lu discovered an information leak in the Reliable Datagram Sockets (RDS) implementation in the Linux kernel. A local attacker could ...

CVE-2016-1237 CVE-2016-5244 CVE-2016-5400 CVE-2016-5696 CVE-2016-5728 CVE-2016-5828 CVE-2016-5829 CVE-2016-6197

USN-3072-2: Linux kernel (OMAP4) vulnerabilities - 29th August 2016

Kangjie Lu discovered an information leak in the Reliable Datagram Sockets (RDS) implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-5244) Yue Cao et al discovered a flaw in the TCP implementation's handling of challenge acks in the Linux ...

CVE-2016-5244 CVE-2016-5696 CVE-2016-5829

USN-3072-1: Linux kernel vulnerabilities - 29th August 2016

Kangjie Lu discovered an information leak in the Reliable Datagram Sockets (RDS) implementation in the Linux kernel. A local attacker could use this to obtain potentially sensitive information from kernel memory. (CVE-2016-5244) Yue Cao et al discovered a flaw in the TCP implementation's handling of challenge acks in the Linux ...

CVE-2016-5244 CVE-2016-5696 CVE-2016-5829

< Previous   Showing page 4 of 74   Next >
Show: All