These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Latest notices

USN-39-1: Linux amd64 kernel vulnerability

USN-30-1 fixed several flaws in the Linux ELF binary loader’s handling of setuid binaries. Unfortunately it was found that these patches were not sufficient to prevent all possible attacks on 64-bit platforms, so previous amd64 kernel images were still vulnerable to root privilege escalation if setuid binaries were run under certain…

17 December 2004 | ubuntu-4.10

USN-38-1: Linux kernel vulnerabilities

CAN-2004-0814: Vitaly V. Bursov discovered a Denial of Service vulnerability in the “serio” code; opening the same tty device twice and doing some particular operations on it caused a kernel panic and/or a system lockup. Fixing this vulnerability required a change in the Application Binary Interface (ABI) of the kernel. This means…

15 December 2004 | ubuntu-4.10

USN-37-1: cyrus21-imapd vulnerability

Recently another buffer overflow has been discovered in the SASL authentication module of the Cyrus IMAP server. An off-by-one comparison error in the mysasl_canon_user() function could lead to a missing termination of an user name string. This vulnerability could allow remote, attacker-supplied machine code to be executed in the context of the…

2 December 2004 | ubuntu-4.10

USN-36-1: NFS statd vulnerability

SGI discovered a remote Denial of Service vulnerability in the NFS statd server. statd did not ignore the “SIGPIPE” signal which caused it to shutdown if a misconfigured or malicious peer terminated the TCP connection prematurely.

1 December 2004 | ubuntu-4.10

USN-35-1: imagemagick vulnerabilities

Markus Meissner discovered several potential buffer overflows in some image decoding functions of ImageMagick. Decoding a malicious BMP or DIB image or AVI video might result in execution of arbitrary code with the user’s privileges. Since imagemagick can be used in custom printing systems, this also might lead to privilege escalation (execute…

1 December 2004 | ubuntu-4.10

USN-34-1: OpenSSH information leakage discovered two information leaks in the OpenSSH server. When using password authentication, an attacker could test whether a login name exists by measuring the time between failed login attempts, i. e. the time after which the “password:” prompt appears again. A similar issue affects systems which do not allow root logins…

30 November 2004 | ubuntu-4.10

USN-33-1: libgd vulnerabilities

CAN-2004-0990 described several buffer overflows which had been discovered in libgd’s PNG handling functions. Another update is required because the update from USN-21-1 was not sufficient to prevent every possible attack. If an attacker tricks a user into loading a malicious PNG or XPM image, they could leverage this into executing arbitrary…

30 November 2004 | ubuntu-4.10

USN-32-1: mysql vulnerabilities

Several vulnerabilities have been discovered in the MySQL database server. Lukasz Wojtow discovered a potential buffer overflow in the function mysql_real_connect(). A malicious name server could send specially crafted DNS packages which might result in execution of arbitrary code with the database server’s privileges. However, it is believed…

25 November 2004 | ubuntu-4.10

USN-31-1: cyrus21-imapd vulnerabilities

Stefan Esser discovered several buffer overflows in the Cyrus IMAP server. Due to insufficient checking within the argument parser of the “partial” and “fetch” commands, an argument like “body[p” was detected as “body.peek”. This could cause a buffer overflow which could be exploited to execute arbitrary attacker-supplied code. This update also…

24 November 2004 | ubuntu-4.10

USN-30-1: Linux kernel vulnerabilities

CAN-2004-0883, CAN-2004-0949: During an audit of the smb file system implementation within Linux, several vulnerabilities were discovered ranging from out of bounds read accesses to kernel level buffer overflows. To exploit any of these vulnerabilities, an attacker needs control over the answers of the connected Samba server. This…

19 November 2004 | ubuntu-4.10