Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

< Previous   Showing page 2 of 84   Next >
Show: All  

USN-3546-1: gcab vulnerability - 24th January 2018

Richard Hughes discovered that gcab incorrectly handled certain malformed cabinet files. If a user or automated system were tricked into opening a specially crafted cabinet file, a remote attacker could use this issue to cause gcab to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2018-5345

USN-3543-2: rsync vulnerabilities - 23rd January 2018

USN-3543-1 fixed vulnerabilities in rsync. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that rsync incorrectly handled certain data input. An attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2017-16548) It was discovered that rsync ...

CVE-2017-16548 CVE-2018-5764

USN-3543-1: rsync vulnerabilities - 23rd January 2018

It was discovered that rsync incorrectly handled certain data input. An attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2017-16548) It was discovered that rsync incorrectly parsed certain arguments. An attacker could possibly use this to bypass arguments and execute arbitrary code. (CVE-2018-5764)

CVE-2017-16548 CVE-2018-5764

USN-3542-2: Linux kernel (Trusty HWE) vulnerabilities - 22nd January 2018

USN-3542-1 addressed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel ...

CVE-2017-5715 CVE-2017-5753 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

USN-3541-2: Linux kernel (HWE) vulnerabilities - 22nd January 2018

USN-3541-1 addressed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This ...

CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

USN-3542-1: Linux kernel vulnerabilities - 22nd January 2018

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 (CVE-2017-5753 only) and amd64 architectures.

CVE-2017-5715 CVE-2017-5753 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

USN-3540-2: Linux kernel (Xenial HWE) vulnerabilities - 22nd January 2018

USN-3540-1 addressed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel ...

CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

USN-3541-1: Linux kernel vulnerabilities - 22nd January 2018

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 (CVE-2017-5753 only), amd64, ppc64el, and ...

CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

USN-3540-1: Linux kernel vulnerabilities - 22nd January 2018

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 (CVE-2017-5753 only), amd64, ppc64el, and ...

CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

USN-3539-1: GIMP vulnerabilities - 22nd January 2018

It was discovered that GIMP incorrectly handled certain images. If a user were tricked into opening a specially crafted image, an attacker could possibly use this to execute arbitrary code. (CVE-2017-17784, CVE-2017-17785, CVE-2017-17786, CVE-2017-17787, CVE-2017-17788, CVE-2017-17789)

CVE-2017-17784 CVE-2017-17785 CVE-2017-17786 CVE-2017-17787 CVE-2017-17788 CVE-2017-17789

USN-3538-1: OpenSSH vulnerabilities - 22nd January 2018

Jann Horn discovered that OpenSSH incorrectly loaded PKCS#11 modules from untrusted directories. A remote attacker could possibly use this issue to execute arbitrary PKCS#11 modules. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-10009) Jann Horn discovered that OpenSSH incorrectly handled permissions on Unix-domain sockets when privilege ...

CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2017-15906

USN-3537-1: MySQL vulnerabilities - 22nd January 2018

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.59 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, and Ubuntu 17.10 have been updated to MySQL 5.7.21. In addition to security fixes, the updated packages contain ...

CVE-2018-2562 CVE-2018-2565 CVE-2018-2573 CVE-2018-2576 CVE-2018-2583 CVE-2018-2586 CVE-2018-2590 CVE-2018-2600 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2645 CVE-2018-2646 CVE-2018-2647 CVE-2018-2665 CVE-2018-2667 CVE-2018-2668 CVE-2018-2696 CVE-2018-2703

USN-3531-2: Intel Microcode regression - 22nd January 2018

USN-3531-1 updated Intel microcode to the 20180108 release. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release. Original advisory details: It was discovered that microprocessors utilizing ...

LP: 1742933

USN-3535-2: Bind vulnerability - 17th January 2018

USN-3535-1 fixed a vulnerability in Bind. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: Jayachandran Palanisamy discovered that the Bind resolver incorrectly handled fetch cleanup sequencing. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.

CVE-2017-3145

USN-3536-1: GNU C Library vulnerability - 17th January 2018

It was discovered that the GNU C library did not properly handle all of the possible return values from the kernel getcwd(2) syscall. A local attacker could potentially exploit this to execute arbitrary code in setuid programs and gain administrative privileges. (CVE-2018-1000001)

CVE-2018-1000001

USN-3534-1: GNU C Library vulnerabilities - 17th January 2018

It was discovered that the GNU C library did not properly handle all of the possible return values from the kernel getcwd(2) syscall. A local attacker could potentially exploit this to execute arbitrary code in setuid programs and gain administrative privileges. (CVE-2018-1000001) A memory leak was discovered in the _dl_init_paths() ...

CVE-2017-1000408 CVE-2017-1000409 CVE-2017-15670 CVE-2017-15804 CVE-2017-16997 CVE-2017-17426 CVE-2018-1000001

USN-3535-1: Bind vulnerability - 17th January 2018

Jayachandran Palanisamy discovered that the Bind resolver incorrectly handled fetch cleanup sequencing. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.

CVE-2017-3145

USN-3533-1: Transmission vulnerability - 16th January 2018

It was discovered that Transmission incorrectly handled certain POST requests to the RPC server and allowed DNS rebinding attack. An attacker could possibly use this issue to execute arbitrary code.

CVE-2018-5702

USN-3532-1: GDK-PixBuf vulnerabilities - 15th January 2018

It was discoreved that GDK-PixBuf incorrectly handled certain gif images. An attacker could use this to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-1000422) Ariel Zelivansky discovered that GDK-PixBuf incorrectly handled certain images. An attacker could use this to cause a denial of ...

CVE-2017-1000422 CVE-2017-6312 CVE-2017-6313 CVE-2017-6314

USN-3531-1: Intel Microcode update - 11th January 2018

It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715) This update provides the microcode updates required for the corresponding Linux ...

CVE-2017-5715

USN-3530-1: WebKitGTK+ vulnerabilities - 11th January 2018

It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive ...

CVE-2017-5715 CVE-2017-5753

USN-3522-4: Linux kernel (Xenial HWE) regression - 10th January 2018

USN-3522-2 fixed a vulnerability in the Linux Hardware Enablement kernel for Ubuntu 14.04 LTS to address Meltdown (CVE-2017-5754). Unfortunately, that update introduced a regression where a few systems failed to boot successfully. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jann Horn discovered that microprocessors ...

LP: 1741934 https://usn.ubuntu.com/usn/usn-3522-2

USN-3522-3: Linux kernel regression - 10th January 2018

USN-3522-1 fixed a vulnerability in the Linux kernel to address Meltdown (CVE-2017-5754). Unfortunately, that update introduced a regression where a few systems failed to boot successfully. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch ...

LP: 1741934

USN-3528-1: Ruby vulnerabilities - 10th January 2018

It was discovered that Ruby incorrectly handled certain terminal emulator escape sequences. An attacker could use this to execute arbitrary code via a crafted user name. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2017-10784) It was discovered that Ruby incorrectly handled certain strings. An attacker could use ...

CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17790

USN-3527-1: Irssi vulnerabilities - 10th January 2018

Joseph Bisch discovered that Irssi incorrectly handled incomplete escape codes. If a user were tricked into using malformed commands or opening malformed files, an attacker could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2018-5205) Joseph Bisch discovered that Irssi incorrectly handled settings the ...

CVE-2018-5205 CVE-2018-5206 CVE-2018-5207 CVE-2018-5208

USN-3523-3: Linux kernel (Raspberry Pi 2) vulnerabilities - 10th January 2018

Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation in the Linux kernel did not properly check the relationship between pointer values and the BPF stack. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2017-17863) Jann Horn discovered ...

CVE-2017-16995 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864

USN-3523-2: Linux kernel (HWE) vulnerabilities - 10th January 2018

USN-3523-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. ...

CVE-2017-16995 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864 CVE-2017-5754

USN-3526-1: SSSD vulnerability - 10th January 2018

It was discovered that SSSD incorrectly handled certain inputs when querying its local cache. An attacker could use this to inject arbitrary code and expose sensitive information.

CVE-2017-12173

USN-3525-1: Linux kernel vulnerability - 10th January 2018

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory.

CVE-2017-5754

USN-3524-2: Linux kernel (Trusty HWE) vulnerability - 9th January 2018

USN-3524-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via ...

CVE-2017-5754

USN-3524-1: Linux kernel vulnerability - 9th January 2018

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory.

CVE-2017-5754

USN-3522-1: Linux kernel vulnerability - 9th January 2018

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory.

CVE-2017-5754

USN-3523-1: Linux kernel vulnerabilities - 9th January 2018

Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Meltdown. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5754) Jann Horn discovered that the Berkeley Packet Filter (BPF) implementation ...

CVE-2017-16995 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864 CVE-2017-5754

USN-3522-2: Linux (Xenial HWE) vulnerability - 9th January 2018

USN-3522-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via ...

CVE-2017-5754

USN-3521-1: NVIDIA graphics drivers vulnerability - 9th January 2018

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations to address the issue, along with compatibility fixes ...

CVE-2017-5753

USN-3520-1: PySAML2 vulnerability - 8th January 2018

It was discovered that PySAML2 incorrectly accepted any password when run with python optimizations enabled. An attacker could use this issue to authenticate as any user without a valid password.

CVE-2017-1000433

USN-3519-1: Tomcat vulnerabilities - 8th January 2018

It was discovered that Tomcat incorrectly handled certain pipelined requests when sendfile was used. A remote attacker could use this issue to obtain wrong responses possibly containing sensitive information. (CVE-2017-5647) It was discovered that Tomcat incorrectly used the appropriate facade object. A malicious application could possibly use this to bypass ...

CVE-2017-5647 CVE-2017-5648 CVE-2017-5664 CVE-2017-7674

USN-3518-1: AWStats vulnerability - 8th January 2018

It was discovered that AWStats incorrectly filtered certain parameters. A remote attacker could possibly use this issue to execute arbitrary code.

CVE-2017-1000501

USN-3517-1: poppler vulnerabilities - 8th January 2018

It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted PDF file, an attacker could execute arbitrary. (CVE-2017-1000456) It was discovered that poppler incorrectly handled certain files. If a user or automated system were tricked into opening a crafted ...

CVE-2017-1000456 CVE-2017-14976

USN-3516-1: Firefox vulnerabilities - 5th January 2018

It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive ...

CVE-2017-5715 CVE-2017-5753 CVE-2017-5754

USN-3515-1: Ruby vulnerability - 4th January 2018

It was discovered that Ruby allows FTP command injection. An attacker could use this to cause arbitrary command execution.

CVE-2017-17405

USN-3430-3: Dnsmasq regression - 4th January 2018

USN-3430-2 fixed several vulnerabilities. The update introduced a new regression that breaks DNS resolution. This update addresses the problem. We apologize for the inconvenience. Original advisory details: Felix Wilhelm, Fermin J. Serna, Gabriel Campana and Kevin Hamacher discovered that Dnsmasq incorrectly handled DNS requests. A remote attacker could use this ...

LP: 1741262

USN-3480-3: Apport regression - 3rd January 2018

USN-3480-2 fixed regressions in Apport. The update introduced a new regression in the container support. This update addresses the problem. We apologize for the inconvenience. Original advisory details: Sander Bos discovered that Apport incorrectly handled core dumps for setuid binaries. A local attacker could use this issue to perform a ...

LP: 1733366

USN-3514-1: WebKitGTK+ vulnerabilities - 3rd January 2018

A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code ...

CVE-2017-13856 CVE-2017-13866 CVE-2017-13870 CVE-2017-7156

USN-3477-4: Firefox regression - 3rd January 2018

USN-3477-1 fixed vulnerabilities in Firefox. The update introduced a crash reporting issue where background tab crash reports were sent to Mozilla without user opt-in. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in ...

LP: 1741048

USN-3382-2: PHP vulnerabilities - 18th December 2017

USN-3382-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that the PHP URL parser incorrectly handled certain URI components. A remote attacker could possibly use this issue to bypass hostname-specific URL checks. (CVE-2016-10397) It was discovered that ...

CVE-2016-10397 CVE-2017-11143 CVE-2017-11144 CVE-2017-11145 CVE-2017-11147 CVE-2017-11628 CVE-2017-9224 CVE-2017-9226 CVE-2017-9227 CVE-2017-9228 CVE-2017-9229

USN-3509-4: Linux kernel (Xenial HWE) regression - 15th December 2017

USN-3509-2 fixed vulnerabilities in the Linux Hardware Enablement kernel for Ubuntu 14.04 LTS. Unfortunately, it also introduced a regression that prevented the Ceph network filesystem from being used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Mohamed Ghannam discovered that a use-after-free vulnerability existed in ...

LP: 1737033 https://www.ubuntu.com/usn/usn-3509-2

USN-3509-3: Linux kernel regression - 15th December 2017

USN-3509-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. Unfortunately, it also introduced a regression that prevented the Ceph network filesystem from being used. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Mohamed Ghannam discovered that a use-after-free vulnerability existed in the Netlink ...

LP: 1737033

USN-3513-2: libxml2 vulnerability - 13th December 2017

USN-3513-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04 ESM. Original advisory details: It was discovered that libxml2 incorrecty handled certain files. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of ...

CVE-2017-15412

USN-3513-1: libxml2 vulnerability - 13th December 2017

It was discovered that libxml2 incorrecty handled certain files. An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service.

CVE-2017-15412

< Previous   Showing page 2 of 84   Next >
Show: All