These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.
You can also view the latest notices by subscribing to the RSS 
or the Atom feeds.
Latest notices
USN-4186-3: Linux kernel vulnerability
USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. This update addresses the issue. We apologize for the inconvenience. Original advisory details: Stephan van Schaik, Alyssa Milburn, Sebastian…
13 November 2019 | ubuntu-16.04-lts
USN-4185-3: Linux kernel vulnerability and regression
USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. This update…
13 November 2019 | ubuntu-18.04-lts, ubuntu-16.04-lts
USN-4183-2: Linux kernel vulnerability
USN-4183-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. This update addresses the issue. We apologize for the inconvenience. Original advisory details: Stephan van Schaik, Alyssa Milburn, Sebastian…
13 November 2019 | ubuntu-19.10
USN-4184-2: Linux kernel vulnerability and regression
USN-4184-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. This update…
13 November 2019 | ubuntu-19.04, ubuntu-18.04-lts
USN-4190-1: libjpeg-turbo vulnerabilities
It was discovered that libjpeg-turbo incorrectly handled certain BMP images. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-14498) It was discovered that libjpeg-turbo incorrectly handled certain JPEG images. An attacker could possibly use this…
13 November 2019 | ubuntu-19.04, ubuntu-18.04-lts, ubuntu-16.04-lts
USN-4189-1: DPDK vulnerability
Jason Wang discovered that DPDK incorrectly handled certain messages. An attacker in a malicious container could possibly use this issue to cause DPDK to leak resources, resulting in a denial of service.
13 November 2019 | ubuntu-19.10, ubuntu-19.04, ubuntu-18.04-lts
USN-4188-1: Linux kernel vulnerability
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in…
13 November 2019 | ubuntu-12.04-esm
USN-4185-2: Linux kernel (Azure) vulnerabilities
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in…
13 November 2019 | ubuntu-14.04-esm
USN-4187-1: Linux kernel vulnerability
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in…
13 November 2019 | ubuntu-14.04-esm
USN-4186-2: Linux kernel (Xenial HWE) vulnerabilities
USN-4186-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 ESM. Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi…
13 November 2019 | ubuntu-14.04-esm
Releases
- ubuntu 8.04 LTS
- ubuntu 6.06 LTS
- ubuntu 19.10
- ubuntu 19.04
- ubuntu 18.10
- ubuntu 18.04 LTS
- ubuntu 17.10
- ubuntu 17.04
- ubuntu 16.10
- ubuntu 16.04 LTS
- ubuntu 15.10
- ubuntu 15.04
- ubuntu 14.10
- ubuntu 14.04 LTS
- ubuntu 14.04 ESM
- ubuntu 13.10
- ubuntu 13.04
- ubuntu 12.10
- ubuntu 12.04 LTS
- ubuntu 12.04 ESM
- ubuntu 11.10
- ubuntu 11.04
- ubuntu 10.10
- ubuntu 10.04 LTS
- ubuntu 9.10
- ubuntu 9.04
- ubuntu 8.10
- ubuntu 7.10
- ubuntu 7.04
- ubuntu 6.10
- ubuntu 5.10
- ubuntu 5.04
- ubuntu 4.10