Ubuntu security notices

These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please contact the Ubuntu Security Team. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.

You can also view the latest notices by subscribing to the RSS or the Atom feeds.

Showing page 1 of 11   Next >
Show: All  

USN-3582-1: Linux kernel vulnerabilities - 22nd February 2018

Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized pointer usage. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2017-17712) Laurent Guerby discovered that the mbcache feature in the ext2 ...

CVE-2015-8952 CVE-2017-12190 CVE-2017-15115 CVE-2017-17712 CVE-2017-5715 CVE-2017-8824

USN-3581-2: Linux kernel (HWE) vulnerabilities - 22nd February 2018

USN-3581-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Mohamed Ghannam discovered that the IPv4 raw socket implementation in the Linux kernel contained a race condition leading to uninitialized ...

CVE-2017-15115 CVE-2017-17712 CVE-2017-5715 CVE-2017-8824

USN-3579-1: LibreOffice vulnerability - 21st February 2018

It was discovered that =WEBSERVICE calls in a document could be used to read arbitrary files. If a user were tricked in to opening a specially crafted document, a remote attacker could exploit this to obtain sensitive information. (CVE-2018-6871)

CVE-2018-6871

USN-3577-1: CUPS vulnerability - 20th February 2018

Jann Horn discovered that CUPS permitted HTTP requests with the Host header set to "localhost.localdomain" from the loopback interface. If a user were tricked in to opening a specially crafted website in their web browser, an attacker could potentially exploit this to obtain sensitive information or control printers, via a ...

CVE-2017-18190

USN-3576-1: libvirt vulnerabilities - 20th February 2018

Vivian Zhang and Christoph Anton Mitterer discovered that libvirt incorrectly disabled password authentication when the VNC password was set to an empty string. A remote attacker could possibly use this issue to bypass authentication, contrary to expectations. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-5008) Daniel ...

CVE-2016-5008 CVE-2017-1000256 CVE-2018-5748 CVE-2018-6764

USN-3575-1: QEMU vulnerabilities - 20th February 2018

It was discovered that QEMU incorrectly handled guest ram. A privileged attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-11334) David Buchanan discovered that QEMU incorrectly handled the ...

CVE-2017-11334 CVE-2017-13672 CVE-2017-14167 CVE-2017-15038 CVE-2017-15118 CVE-2017-15119 CVE-2017-15124 CVE-2017-15268 CVE-2017-15289 CVE-2017-16845 CVE-2017-17381 CVE-2017-18043 CVE-2018-5683

USN-3573-1: Quagga vulnerabilities - 15th February 2018

It was discovered that a double-free vulnerability existed in the Quagga BGP daemon when processing certain forms of UPDATE message. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. (CVE-2018-5379) It was discovered that the Quagga BGP daemon did not properly bounds ...

CVE-2018-5378 CVE-2018-5379 CVE-2018-5380 CVE-2018-5381

USN-3571-1: Erlang vulnerabilities - 14th February 2018

It was discovered that the Erlang FTP module incorrectly handled certain CRLF sequences. A remote attacker could possibly use this issue to inject arbitrary FTP commands. This issue only affected Ubuntu 14.04 LTS. (CVE-2014-1693) It was discovered that Erlang incorrectly checked CBC padding bytes. A remote attacker could possibly use ...

CVE-2014-1693 CVE-2015-2774 CVE-2016-10253 CVE-2017-1000385

USN-3570-1: AdvanceCOMP vulnerability - 14th February 2018

Joonun Jang discovered that AdvanceCOMP incorrectly handled certain malformed zip files. If a user or automated system were tricked into processing a specially crafted zip file, a remote attacker could cause AdvanceCOMP to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2018-1056

USN-3569-1: libvorbis vulnerabilities - 13th February 2018

It was discovered that libvorbis incorrectly handled certain sound files. An attacker could possibly use this to execute arbitrary code. (CVE-2017-14632) It was discovered that libvorbis incorrectly handled certain sound files. An attacker could use this to cause a denial of service. (CVE-2017-14633)

CVE-2017-14632 CVE-2017-14633

USN-3544-2: Firefox regressions - 12th February 2018

USN-3544-1 fixed vulnerabilities in Firefox. The update caused a web compatibility regression and a tab crash during printing in some circumstances. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked in to opening a ...

LP: 1749025

USN-3568-1: WavPack vulnerabilities - 12th February 2018

Hanno Böck discovered that WavPack incorrectly handled certain WV files. An attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-10169) Joonun Jang discovered that WavPack incorrectly handled certain RF64 files. An attacker could possibly use this ...

CVE-2016-10169 CVE-2018-6767

USN-3565-1: Exim vulnerability - 12th February 2018

Meh Chang discovered that Exim incorrectly handled memory in certain decoding operations. A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2018-6789

USN-3564-1: PostgreSQL vulnerability - 9th February 2018

It was discovered that PostgreSQL incorrectly handled certain temp files. An attacker could possibly use this to access sensitive information.

CVE-2018-1053

USN-3563-1: Mailman vulnerability - 8th February 2018

It was discovered that Mailman incorrectly handled certain web scripts. An attacker could possibly use this to inject arbitrary code.

CVE-2018-5950

USN-3562-1: MiniUPnP vulnerabilities - 7th February 2018

It was discovered that MiniUPnP incorrectly handled memory. A remote attacker could use this issue to cause a denial of service or possibly execute arbitrary code with privileges of the user running an application that uses the MiniUPnP library.

CVE-2017-1000494

USN-3561-1: libvirt update - 7th February 2018

It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update allows libvirt to expose new CPU features ...

CVE-2017-5715

USN-3560-1: QEMU update - 7th February 2018

It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. An attacker in the guest could use this to expose sensitive guest information, including kernel memory. This update allows QEMU to expose new CPU features ...

CVE-2017-5715

USN-3558-1: systemd vulnerabilities - 5th February 2018

Karim Hossen & Thomas Imbert and Nelson William Gamazo Sanchez independently discovered that systemd-resolved incorrectly handled certain DNS responses. A remote attacker could possibly use this issue to cause systemd to temporarily stop responding, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-15908) It was ...

CVE-2017-15908 CVE-2018-1049

USN-3557-1: Squid vulnerabilities - 5th February 2018

Mathias Fischer discovered that Squid incorrectly handled certain long strings in headers. A malicious remote server could possibly cause Squid to crash, resulting in a denial of service. This issue was only addressed in Ubuntu 16.04 LTS. (CVE-2016-2569) William Lima discovered that Squid incorrectly handled XML parsing when processing Edge ...

CVE-2016-2569 CVE-2016-2570 CVE-2016-2571 CVE-2016-3948 CVE-2018-1000024 CVE-2018-1000027

USN-3556-1: Dovecot vulnerability - 1st February 2018

It was discovered that Dovecot incorrectly handled certain authentications. An attacker could possibly use this to cause a denial of service.

CVE-2017-15132

USN-3555-1: w3m vulnerabilities - 1st February 2018

It was discovered that w3m incorrectly handled certain inputs. An attacker could possibly use this to cause a denial of service. (CVE-2018-6196, CVE-2018-6197) It was discovered that w3m incorrectly handled temporary files. An attacker could possibly use this to overwrite arbitrary files. (CVE-2018-6198)

CVE-2018-6196 CVE-2018-6197 CVE-2018-6198

USN-3554-1: curl vulnerabilities - 31st January 2018

It was discovered that curl incorrectly handled certain data. An attacker could possibly use this to cause a denial of service or even to get access to sensitive data. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. It was discovered that curl could accidentally leak authentication data. An ...

CVE-2018-1000005 CVE-2018-1000007

USN-3552-1: Firefox vulnerability - 31st January 2018

Johann Hofmann discovered that HTML fragments created for chrome-privileged documents were not properly sanitized. An attacker could exploit this to execute arbitrary code. (CVE-2018-5124)

CVE-2018-5124

USN-3553-1: Ruby vulnerabilities - 31st January 2018

It was discovered that Ruby failed to validate specification names. An attacker could possibly use a maliciously crafted gem to potentially overwrite any file on the filesystem. (CVE-2017-0901) It was discovered that Ruby was vulnerable to a DNS hijacking vulnerability. An attacker could use this to possibly force the RubyGems ...

CVE-2017-0901 CVE-2017-0902 CVE-2017-0903

USN-3551-1: WebKitGTK+ vulnerabilities - 30th January 2018

Multiple security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the user interface, or execute arbitrary code. (CVE-2018-4088, CVE-2018-4096, CVE-2017-7153, CVE-2017-7160, CVE-2017-7161, CVE-2017-7165, ...

CVE-2017-13884 CVE-2017-13885 CVE-2017-7153 CVE-2017-7160 CVE-2017-7161 CVE-2017-7165 CVE-2018-4088 CVE-2018-4096

USN-3550-1: ClamAV vulnerabilities - 30th January 2018

It was discovered that ClamAV incorrectly handled parsing certain mail messages. A remote attacker could use this issue to cause ClamAV to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2017-12374, CVE-2017-12375, CVE-2017-12379, CVE-2017-12380) It was discovered that ClamAV incorrectly handled parsing certain PDF files. A ...

CVE-2017-12374 CVE-2017-12375 CVE-2017-12376 CVE-2017-12377 CVE-2017-12378 CVE-2017-12379 CVE-2017-12380

USN-3529-1: Thunderbird vulnerabilities - 29th January 2018

It was discovered that a From address encoded with a null character is cut off in the message header display. An attacker could potentially exploit this to spoof the sender address. (CVE-2017-7829) It was discovered that it is possible to execute JavaScript in RSS feeds in some circumstances. If a ...

CVE-2017-7829 CVE-2017-7846 CVE-2017-7847 CVE-2017-7848 CVE-2018-5089 CVE-2018-5095 CVE-2018-5096 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 CVE-2018-5117

USN-3549-1: Linux kernel (KVM) vulnerabilities - 29th January 2018

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715, CVE-2017-5753)

CVE-2017-5715 CVE-2017-5753 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

USN-3548-2: Linux kernel (HWE) vulnerability - 26th January 2018

USN-3548-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jay Vosburgh discovered a logic error in the x86-64 syscall entry implementation in the Linux kernel, introduced as part of ...

LP: 1745564

USN-3547-1: Libtasn1 vulnerabilities - 25th January 2018

It was discovered that Libtasn1 incorrectly handled certain files. If a user were tricked into opening a crafted file, an attacker could possibly use this to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-10790) It was discovered that Libtasn1 incorrectly handled ...

CVE-2017-10790 CVE-2018-6003

USN-3544-1: Firefox vulnerabilities - 24th January 2018

Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service via application crash, spoof the origin in audio capture prompts, trick the user in to providing HTTP credentials for ...

CVE-2018-5089 CVE-2018-5090 CVE-2018-5091 CVE-2018-5092 CVE-2018-5093 CVE-2018-5094 CVE-2018-5095 CVE-2018-5097 CVE-2018-5098 CVE-2018-5099 CVE-2018-5100 CVE-2018-5101 CVE-2018-5102 CVE-2018-5103 CVE-2018-5104 CVE-2018-5105 CVE-2018-5106 CVE-2018-5107 CVE-2018-5108 CVE-2018-5109 CVE-2018-5111 CVE-2018-5112 CVE-2018-5113 CVE-2018-5114 CVE-2018-5115 CVE-2018-5116 CVE-2018-5117 CVE-2018-5118 CVE-2018-5119 CVE-2018-5122

USN-3546-1: gcab vulnerability - 24th January 2018

Richard Hughes discovered that gcab incorrectly handled certain malformed cabinet files. If a user or automated system were tricked into opening a specially crafted cabinet file, a remote attacker could use this issue to cause gcab to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2018-5345

USN-3543-1: rsync vulnerabilities - 23rd January 2018

It was discovered that rsync incorrectly handled certain data input. An attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2017-16548) It was discovered that rsync incorrectly parsed certain arguments. An attacker could possibly use this to bypass arguments and execute arbitrary code. (CVE-2018-5764)

CVE-2017-16548 CVE-2018-5764

USN-3541-2: Linux kernel (HWE) vulnerabilities - 22nd January 2018

USN-3541-1 addressed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This ...

CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

USN-3540-1: Linux kernel vulnerabilities - 22nd January 2018

Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides mitigations for the i386 (CVE-2017-5753 only), amd64, ppc64el, and ...

CVE-2017-5715 CVE-2017-5753 CVE-2017-5754 https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/SpectreAndMeltdown

USN-3538-1: OpenSSH vulnerabilities - 22nd January 2018

Jann Horn discovered that OpenSSH incorrectly loaded PKCS#11 modules from untrusted directories. A remote attacker could possibly use this issue to execute arbitrary PKCS#11 modules. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-10009) Jann Horn discovered that OpenSSH incorrectly handled permissions on Unix-domain sockets when privilege ...

CVE-2016-10009 CVE-2016-10010 CVE-2016-10011 CVE-2016-10012 CVE-2017-15906

USN-3537-1: MySQL vulnerabilities - 22nd January 2018

Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.59 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, and Ubuntu 17.10 have been updated to MySQL 5.7.21. In addition to security fixes, the updated packages contain ...

CVE-2018-2562 CVE-2018-2565 CVE-2018-2573 CVE-2018-2576 CVE-2018-2583 CVE-2018-2586 CVE-2018-2590 CVE-2018-2600 CVE-2018-2612 CVE-2018-2622 CVE-2018-2640 CVE-2018-2645 CVE-2018-2646 CVE-2018-2647 CVE-2018-2665 CVE-2018-2667 CVE-2018-2668 CVE-2018-2696 CVE-2018-2703

USN-3531-2: Intel Microcode regression - 22nd January 2018

USN-3531-1 updated Intel microcode to the 20180108 release. Regressions were discovered in the microcode updates which could cause system instability on certain hardware platforms. At the request of Intel, we have reverted to the previous packaged microcode version, the 20170707 release. Original advisory details: It was discovered that microprocessors utilizing ...

LP: 1742933

USN-3534-1: GNU C Library vulnerabilities - 17th January 2018

It was discovered that the GNU C library did not properly handle all of the possible return values from the kernel getcwd(2) syscall. A local attacker could potentially exploit this to execute arbitrary code in setuid programs and gain administrative privileges. (CVE-2018-1000001) A memory leak was discovered in the _dl_init_paths() ...

CVE-2017-1000408 CVE-2017-1000409 CVE-2017-15670 CVE-2017-15804 CVE-2017-16997 CVE-2017-17426 CVE-2018-1000001

USN-3535-1: Bind vulnerability - 17th January 2018

Jayachandran Palanisamy discovered that the Bind resolver incorrectly handled fetch cleanup sequencing. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.

CVE-2017-3145

USN-3533-1: Transmission vulnerability - 16th January 2018

It was discovered that Transmission incorrectly handled certain POST requests to the RPC server and allowed DNS rebinding attack. An attacker could possibly use this issue to execute arbitrary code.

CVE-2018-5702

USN-3532-1: GDK-PixBuf vulnerabilities - 15th January 2018

It was discoreved that GDK-PixBuf incorrectly handled certain gif images. An attacker could use this to execute arbitrary code. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2017-1000422) Ariel Zelivansky discovered that GDK-PixBuf incorrectly handled certain images. An attacker could use this to cause a denial of ...

CVE-2017-1000422 CVE-2017-6312 CVE-2017-6313 CVE-2017-6314

USN-3531-1: Intel Microcode update - 11th January 2018

It was discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. (CVE-2017-5715) This update provides the microcode updates required for the corresponding Linux ...

CVE-2017-5715

USN-3530-1: WebKitGTK+ vulnerabilities - 11th January 2018

It was discovered that speculative execution performed by modern CPUs could leak information through a timing side-channel attack, and that this could be exploited in web browser JavaScript engines. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to obtain sensitive ...

CVE-2017-5715 CVE-2017-5753

USN-3522-3: Linux kernel regression - 10th January 2018

USN-3522-1 fixed a vulnerability in the Linux kernel to address Meltdown (CVE-2017-5754). Unfortunately, that update introduced a regression where a few systems failed to boot successfully. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch ...

LP: 1741934

USN-3528-1: Ruby vulnerabilities - 10th January 2018

It was discovered that Ruby incorrectly handled certain terminal emulator escape sequences. An attacker could use this to execute arbitrary code via a crafted user name. This issue only affected Ubuntu 16.04 LTS and Ubuntu 17.10. (CVE-2017-10784) It was discovered that Ruby incorrectly handled certain strings. An attacker could use ...

CVE-2017-10784 CVE-2017-14033 CVE-2017-14064 CVE-2017-17790

USN-3527-1: Irssi vulnerabilities - 10th January 2018

Joseph Bisch discovered that Irssi incorrectly handled incomplete escape codes. If a user were tricked into using malformed commands or opening malformed files, an attacker could use this issue to cause Irssi to crash, resulting in a denial of service. (CVE-2018-5205) Joseph Bisch discovered that Irssi incorrectly handled settings the ...

CVE-2018-5205 CVE-2018-5206 CVE-2018-5207 CVE-2018-5208

USN-3523-2: Linux kernel (HWE) vulnerabilities - 10th January 2018

USN-3523-1 fixed vulnerabilities in the Linux kernel for Ubuntu 17.10. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 17.10 for Ubuntu 16.04 LTS. Jann Horn discovered that microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized memory reads via sidechannel attacks. ...

CVE-2017-16995 CVE-2017-17862 CVE-2017-17863 CVE-2017-17864 CVE-2017-5754

USN-3526-1: SSSD vulnerability - 10th January 2018

It was discovered that SSSD incorrectly handled certain inputs when querying its local cache. An attacker could use this to inject arbitrary code and expose sensitive information.

CVE-2017-12173

Showing page 1 of 11   Next >
Show: All