Ubuntu security notices
These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.
You can also view the latest notices by subscribing to the RSS 
or the Atom feeds.
USN-3522-4: Linux kernel (Xenial HWE) regression - 10th January 2018
USN-3522-2 fixed a vulnerability in the Linux Hardware Enablement kernel for Ubuntu 14.04 LTS to address Meltdown (CVE-2017-5754). Unfortunately, that update introduced a regression where a few systems failed to boot successfully. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jann Horn discovered that microprocessors ...
USN-3522-3: Linux kernel regression - 10th January 2018
USN-3522-1 fixed a vulnerability in the Linux kernel to address Meltdown (CVE-2017-5754). Unfortunately, that update introduced a regression where a few systems failed to boot successfully. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch ...
USN-3528-1: Ruby vulnerabilities - 10th January 2018
It was discovered that Ruby incorrectly handled certain terminal emulator escape sequences. An attacker could use this to execute arbitrary code via a crafted user name. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2017-10784) It was discovered that Ruby incorrectly handled certain strings. An attacker could use ...
USN-3527-1: Irssi vulnerabilities - 10th January 2018
Joseph Bisch discovered that Irssi incorrectly handled incomplete escape codes. If a user were tricked into using malformed commands or opening malformed files, an attacker could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2018-5205) Joseph Bisch discovered that Irssi incorrectly handled settings the ...
USN-3523-3: Linux kernel (Raspberry Pi 2) vulnerabilities - 10th January 2018
Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel did not properly check the relationship between pointer values and the BPF stack. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-17863) Jann Horn discovered ...
USN-3523-2: Linux kernel (HWE) vulnerabilities - 10th January 2018
USN-3523-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. ...
CVE-2017-16995 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864 CVE-2017-5754
USN-3526-1: SSSD vulnerability - 10th January 2018
It was discovered that SSSD incorrectly handled certain inputs when querying its local cache. An attacker could use this to inject arbitrary code and expose sensitive information.
USN-3525-1: Linux kernel vulnerability - 10th January 2018
Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory.
USN-3524-2: Linux kernel (Trusty HWE) vulnerability - 9th January 2018
USN-3524-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via ...
USN-3524-1: Linux kernel vulnerability - 9th January 2018
Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory.
USN-3522-1: Linux kernel vulnerability - 9th January 2018
Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory.
USN-3523-1: Linux kernel vulnerabilities - 9th January 2018
Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5754) Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation ...
CVE-2017-16995 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864 CVE-2017-5754
USN-3522-2: Linux (Xenial HWE) vulnerability - 9th January 2018
USN-3522-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via ...
USN-3521-1: NVIDIA graphics drivers vulnerability - 9th January 2018
Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations to address the issue, along with compatibility fixes ...
USN-3520-1: PySAML2 vulnerability - 8th January 2018
It was discovered that PySAML2 incorrectly accepted any password when run with python optimizations enabled. An attacker could use this issue to authenticate as any user without a valid password.
USN-3519-1: Tomcat vulnerabilities - 8th January 2018
It was discovered that Tomcat incorrectly handled certain pipelined requests when sendfile was used. A remote attacker could use this issue to obtain wrong responses possibly containing sensitive information. (CVE-2017-5647) It was discovered that Tomcat incorrectly used the appropriate facade object. A malicious application could possibly use this to bypass ...
USN-3518-1: AWStats vulnerability - 8th January 2018
It was discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to execute arbitrary code.
USN-3517-1: poppler vulnerabilities - 8th January 2018
It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could execute arbitrary. (CVE-2017-1000456) It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted ...
USN-3516-1: Firefox vulnerabilities - 5th January 2018
It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive ...
USN-3515-1: Ruby vulnerability - 4th January 2018
It was discovered that Ruby allows FTP command injection. An attacker could use this to cause arbitrary command execution.
USN-3430-3: Dnsmasq regression - 4th January 2018
USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem. We apologize for the inconvenience. Original advisory details: Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this ...
USN-3480-3: Apport regression - 3rd January 2018
USN-3480-2 fixed regressions in Apport. The update introduced a new regression in the container support. This update addresses the problem. We apologize for the inconvenience. Original advisory details: Sander Bos discovered that Apport incorrectly handled core dumps for setuid binaries. A local attacker could use this issue to perform a ...
USN-3514-1: WebKitGTK+ vulnerabilities - 3rd January 2018
A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code ...
USN-3477-4: Firefox regression - 3rd January 2018
USN-3477-1 fixed vulnerabilities in Firefox. The update introduced a crash reporting issue where background tab crash reports were sent to Mozilla without user opt-in. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in ...
USN-3382-2: PHP vulnerabilities - 18th December 2017
USN-3382-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that the PHP URL parser incorrectly handled certain URI components. A remote attacker could possibly use this issue to bypass hostname-specific URL checks. (CVE-2016-10397) It was discovered that ...
CVE-2016-10397 CVE-2017-11143 CVE-2017-11144 CVE-2017-11145 CVE-2017-11147 CVE-2017-11628 CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229
USN-3509-4: Linux kernel (Xenial HWE) regression - 15th December 2017
USN-3509-2 fixed vulnerabilities in the Linux Hardware Enablement kernel for Ubuntu 14.04 LTS. Unfortunately, it also introduced a regression that prevented the Ceph network filesystem from being used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Mohamed Ghannam discovered that a use-after-free vulnerability existed in ...
USN-3509-3: Linux kernel regression - 15th December 2017
USN-3509-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. Unfortunately, it also introduced a regression that prevented the Ceph network filesystem from being used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink ...
USN-3513-2: libxml2 vulnerability - 13th December 2017
USN-3513-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libxml2 incorrecty handled certain files. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of ...
USN-3513-1: libxml2 vulnerability - 13th December 2017
It was discovered that libxml2 incorrecty handled certain files. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.
USN-3512-1: OpenSSL vulnerabilities - 11th December 2017
David Benjamin discovered that OpenSSL did not correctly prevent buggy applications that ignore handshake errors from subsequently calling certain functions. (CVE-2017-3737) It was discovered that OpenSSL incorrectly performed the x86_64 Montgomery multiplication procedure. While unlikely, a remote attacker could possibly use this issue to recover private keys. (CVE-2017-3738)
USN-3507-2: Linux kernel (GCP) vulnerabilities - 7th December 2017
Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16939) It was discovered that the Linux kernel did not properly handle copy-on- write ...
CVE-2017-1000405 CVE-2017-12193 CVE-2017-15299 CVE-2017-15306 CVE-2017-15951 CVE-2017-16939
USN-3511-1: Linux kernel (Azure) vulnerabilities - 7th December 2017
Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16939) It was discovered that the Linux kernel did not properly handle copy-on- write ...
USN-3510-2: Linux kernel (Trusty HWE) vulnerabilities - 7th December 2017
USN-3510-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A ...
USN-3510-1: Linux kernel vulnerabilities - 7th December 2017
Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16939) It was discovered that the Linux kernel did not properly handle copy-on- write ...
USN-3509-2: Linux kernel (Xenial HWE) vulnerabilities - 7th December 2017
USN-3509-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A ...
CVE-2017-1000405 CVE-2017-12193 CVE-2017-16643 CVE-2017-16939
USN-3509-1: Linux kernel vulnerabilities - 7th December 2017
Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16939) It was discovered that the Linux kernel did not properly handle copy-on- write ...
CVE-2017-1000405 CVE-2017-12193 CVE-2017-16643 CVE-2017-16939
USN-3508-2: Linux kernel (HWE) vulnerabilities - 7th December 2017
USN-3508-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.04. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.04 for Ubuntu 16.04 LTS. Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker ...
USN-3508-1: Linux kernel vulnerabilities - 7th December 2017
Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16939) It was discovered that the Linux kernel did not properly handle copy-on- write ...
USN-3507-1: Linux kernel vulnerabilities - 7th December 2017
Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink subsystem (XFRM) in the Linux kernel. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-16939) It was discovered that the Linux kernel did not properly handle copy-on- write ...
CVE-2017-1000405 CVE-2017-12193 CVE-2017-15299 CVE-2017-15306 CVE-2017-15951 CVE-2017-16535 CVE-2017-16643 CVE-2017-16939
USN-3506-2: rsync vulnerabilities - 7th December 2017
USN-3506-1 fixed two vulnerabilities in rsync. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that rsync proceeds with certain file metadata updates before checking for a filename. An attacker could use this to bypass access restrictions. (CVE-2017-17433) It was discovered that rsync ...
USN-3506-1: rsync vulnerabilities - 7th December 2017
It was discovered that rsync proceeds with certain file metadata updates before checking for a filename. An attacker could use this to bypass access restrictions. (CVE-2017-17433) It was discovered that rsync does not check for fnamecmp filenames and also does not apply the sanitize_paths protection mechanism to pathnames. An attacker ...
USN-3505-1: Linux firmware vulnerabilities - 6th December 2017
Mathy Vanhoef discovered that the firmware for several Intel WLAN devices incorrectly handled WPA2 in relation to Wake on WLAN. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information. (CVE-2017-13080, CVE-2017-13081)
USN-3504-2: libxml2 vulnerability - 5th December 2017
USN-3504-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial ...
USN-3504-1: libxml2 vulnerability - 5th December 2017
Wei Lei discovered that libxml2 incorrecty handled certain parameter entities. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.
USN-3498-2: curl vulnerability - 4th December 2017
USN-3498-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that curl incorrectly handled FTP wildcard matching. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain ...
USN-3503-1: Evince vulnerability - 4th December 2017
It was discovered that Evince incorrectly handled printing certain DVI files. If a user were tricked into opening and printing a specially-named DVI file, an attacker could use this issue to execute arbitrary code.
USN-3477-3: Firefox regressions - 1st December 2017
USN-3477-1 fixed vulnerabilities in Firefox. The update introduced various minor regressions. This update fixes the problems. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to ...
USN-3490-1: Thunderbird vulnerabilities - 1st December 2017
Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing-like context, an attacker could potentially exploit these to bypass same-origin restrictions, cause a denial of service via application crash, or execute arbitrary code. (CVE-2017-7826, CVE-2017-7828, CVE-2017-7830)
USN-3501-1: libxcursor vulnerability - 29th November 2017
It was discovered that libxcursor incorrectly handled certain files. An attacker could use these issues to cause libxcursor to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-3500-1: libXfont vulnerability - 29th November 2017
It was discovered that libXfont incorrectly followed symlinks when opening font files. A local unprivileged user could use this issue to cause the X server to access arbitrary files, including special device files.