what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 8,256 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2024-09-20
Ubuntu Security Notice USN-7027-1
Posted Sep 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7027-1 - It was discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Xi Lu discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-45939, CVE-2022-48337, CVE-2022-48338, CVE-2022-48339, CVE-2023-28617, CVE-2024-30204, CVE-2024-30205, CVE-2024-39331
SHA-256 | be4bfb0a23a1362f7b8d1ad2b2b25bc06f3d7aee14e9df0b79b673b6a445fdbe
Ubuntu Security Notice USN-6968-2
Posted Sep 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6968-2 - USN-6968-1 fixed CVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16 This update provides the corresponding updates for PostgreSQL-9.5 in Ubuntu 16.04 LTS. Noah Misch discovered that PostgreSQL incorrectly handled certain SQL objects. An attacker could possibly use this issue to execute arbitrary SQL functions as the superuser.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-7348
SHA-256 | 9fe9a35f3f5cca74b761d2b0bebe46ac1ef90beaf1b0c70bef6c2a9b7316c239
Ubuntu Security Notice USN-7015-2
Posted Sep 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7015-2 - USN-7015-1 fixed several vulnerabilities in Python. This update provides one of the corresponding updates for python2.7 for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS, and a second for python3.5 for Ubuntu 16.04 LTS. It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. This issue only affected python3.5 for Ubuntu 16.04 LTS

tags | advisory, remote, denial of service, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2024-6232, CVE-2024-7592
SHA-256 | 550d08e8b345790a9bdb83fddf576842c6d60bb9e802b14bfb08aae08445627e
Ubuntu Security Notice USN-7024-1
Posted Sep 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7024-1 - It was discovered that tgt attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1, and thus the sequence of challenges is always identical.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2024-45751
SHA-256 | 847738322aff48f373bf526c477cc22c5d05ffa5297c52d799cc7f40dd4faffc
Ubuntu Security Notice USN-7025-1
Posted Sep 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7025-1 - It was discovered that LibreOffice would incorrectly handle digital signature verification after repairing a corrupted document. A remote attacker could possibly use this issue to forge valid signatures.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2024-7788
SHA-256 | 3b939e317efa70e2ba14bb27e805a3e89cb745fc64763bbede861ff90a6fee63
Ubuntu Security Notice USN-7023-1
Posted Sep 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7023-1 - Maxime Escourbiac and Yassine Bengana discovered that Git incorrectly handled some gettext machinery. An attacker could possibly use this issue to allows the malicious placement of crafted messages. This issue was fixed in Ubuntu 16.04 LTS. It was discovered that Git incorrectly handled certain submodules. An attacker could possibly use this issue to execute arbitrary code. This issue was fixed in Ubuntu 18.04 LTS.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-25815, CVE-2024-32002, CVE-2024-32020, CVE-2024-32021
SHA-256 | 7895cf7a141aedfd41b2a61a583811474abc6f476e1153b53a34852f4c85fdef
Ubuntu Security Notice USN-7022-1
Posted Sep 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7022-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2021-47188, CVE-2022-48863, CVE-2024-26677, CVE-2024-26787, CVE-2024-38570, CVE-2024-39494, CVE-2024-42160
SHA-256 | 10f0034b7cdebb69d837eb5ae2e64937be5df9d0a9b9327db52166eda673ab8b
Ubuntu Security Notice USN-6885-3
Posted Sep 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6885-3 - USN-6885-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Orange Tsai discovered that the Apache HTTP Server mod_rewrite module incorrectly handled certain substitutions. A remote attacker could possibly use this issue to execute scripts in directories not directly reachable by any URL, or cause a denial of service. Some environments may require using the new UnsafeAllow3F flag to handle unsafe substitutions.

tags | advisory, remote, web, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-38474, CVE-2024-38476, CVE-2024-38477
SHA-256 | 31166839dd976fb13f0b4dbd232274dc5adcbdb22f6e4157c52f92b68f799311
Ubuntu Security Notice USN-7021-1
Posted Sep 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7021-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2024-26677, CVE-2024-27012, CVE-2024-39496, CVE-2024-42228
SHA-256 | e949f3273efd091048f5d71881f2c7b452f9ff4168a1a80c84222cd196ba45c1
Ubuntu Security Notice USN-7020-1
Posted Sep 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7020-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2024-41009, CVE-2024-42224, CVE-2024-42228
SHA-256 | 8bd17f2619f175659c888a248448a6b11ad2dd4cd57793413f87d6ff0ebf03d3
Ubuntu Security Notice USN-7019-1
Posted Sep 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7019-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-38096, CVE-2023-52585, CVE-2023-52699, CVE-2023-52752, CVE-2023-52760, CVE-2023-52884, CVE-2023-52887, CVE-2024-23307, CVE-2024-23848, CVE-2024-24858, CVE-2024-24861, CVE-2024-25739, CVE-2024-25741, CVE-2024-25742
SHA-256 | 896effafd923d1de3290843acdecad88190e552d3dbe3db65ed560f5e511dd7a
Ubuntu Security Notice USN-7018-1
Posted Sep 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7018-1 - Robert Merget, Marcus Brinkmann, Nimrod Aviram, and Juraj Somorovsky discovered that certain Diffie-Hellman ciphersuites in the TLS specification and implemented by OpenSSL contained a flaw. A remote attacker could possibly use this issue to eavesdrop on encrypted communications. This was fixed in this update by removing the insecure ciphersuites from OpenSSL. Paul Kehrer discovered that OpenSSL incorrectly handled certain input lengths in EVP functions. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-1968, CVE-2021-23840, CVE-2022-1292, CVE-2022-2068, CVE-2023-3446, CVE-2024-0727
SHA-256 | 587acc1f444243f9ef3c25e4d1de8aecbfcae8208b00502e26bf42e93ab7624c
Ubuntu Security Notice USN-7000-2
Posted Sep 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7000-2 - USN-7000-1 fixed vulnerabilities in Expat. This update provides the corresponding updates for Ubuntu 22.04 LTS. Shang-Hung Wan discovered that Expat did not properly handle certain function calls when a negative input length was provided. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-45490
SHA-256 | 59bf3b6ef3d66bb680edf070eb8e73bfa69b84933ee4e951d7c495cad067f15c
Ubuntu Security Notice USN-7017-1
Posted Sep 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7017-1 - Iggy Frankovic discovered that Quagga incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause Quagga to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2024-44070
SHA-256 | 5de28707d33411664b92640aa20a05b15c3f1883532c98f677b861e05322fb02
Ubuntu Security Notice USN-7016-1
Posted Sep 18, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7016-1 - Iggy Frankovic discovered that FRR incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2024-44070
SHA-256 | c16b067412f887ca443d01cd624f103aea4a4b7ba0c3c6ee59cf33092e6de7a9
Ubuntu Security Notice USN-7001-2
Posted Sep 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7001-2 - USN-7001-1 fixed vulnerabilities in xmltol library. This update provides the corresponding updates for Ubuntu 24.04 LTS. Shang-Hung Wan discovered that Expat, contained within the xmltok library, did not properly handle certain function calls when a negative input length was provided. An attacker could use this issue to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-45490, CVE-2024-45491
SHA-256 | e8e28f2f9097ce08c9631f1af9eb47b3fb56c0e9466585153477ebbeb1f2ce61
Ubuntu Security Notice USN-7011-2
Posted Sep 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7011-2 - USN-7011-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that ClamAV incorrectly handled certain PDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-20505, CVE-2024-20506
SHA-256 | 8eab588cda40b015f2993c6befd64881bea3df23eba9fc2f37d8135f1ca86eb5
Ubuntu Security Notice USN-7015-1
Posted Sep 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7015-1 - It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service, python
systems | linux, ubuntu
advisories | CVE-2023-27043, CVE-2024-6232, CVE-2024-6923, CVE-2024-7592, CVE-2024-8088
SHA-256 | 0224b04ebdd855ff165cab147873523db9bc82d1b5c8fdecef438adbabb325b4
Ubuntu Security Notice USN-7010-1
Posted Sep 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7010-1 - Jinsheng Ba discovered that DCMTK incorrectly handled certain requests. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. Sharon Brizinov and Noam Moshe discovered that DCMTK incorrectly handled pointers. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-41687, CVE-2022-2121, CVE-2022-43272, CVE-2024-28130, CVE-2024-34509
SHA-256 | c9f04b5ecfe6737ab3cb550780a5ecb52fe8dfc68f3c8b7ca996331ca6ac4f3f
Ubuntu Security Notice USN-7014-1
Posted Sep 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7014-1 - It was discovered that the nginx ngx_http_mp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directive is in use, a remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2024-7347
SHA-256 | 2f237005e66dadbd3985d4555debd7fe8c68d75512c3ce00b77197fbb2587c9b
Ubuntu Security Notice USN-7013-1
Posted Sep 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7013-1 - It was discovered that Dovecot incorrectly handled a large number of address headers. A remote attacker could possibly use this issue to cause Dovecot to consume resources, leading to a denial of service. It was discovered that Dovecot incorrectly handled very large headers. A remote attacker could possibly use this issue to cause Dovecot to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2024-23184, CVE-2024-23185
SHA-256 | 2c5dbfdb121eec75f9a8d4f7afe0db92c8dc651e67a5bb259e0fdf8085cf72ef
Ubuntu Security Notice USN-7012-1
Posted Sep 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7012-1 - Hiroki Kurosawa discovered that curl incorrectly handled certain OCSP responses. This could result in bad certificates not being checked properly, contrary to expectations.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2024-8096
SHA-256 | caccb99fa28b437e7eeed86cd386ccb1b0c66d23afea4750cef282dc8be8104b
Ubuntu Security Notice USN-7011-1
Posted Sep 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7011-1 - It was discovered that ClamAV incorrectly handled certain PDF files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. It was discovered that ClamAV incorrectly handled logfile privileges. A local attacker could use this issue to cause ClamAV to overwrite arbitrary files, possibly leading to privilege escalation.

tags | advisory, remote, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2024-20505, CVE-2024-20506
SHA-256 | 7897a81be15a2ad33e2c6bbed38f25a6b24c62e5b951be1d16ac4ba6ef9f7d76
Ubuntu Security Notice USN-6560-3
Posted Sep 17, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6560-3 - USN-6560-2 fixed a vulnerability in OpenSSH. This update provides the corresponding update for Ubuntu 16.04 LTS. It was discovered that OpenSSH incorrectly handled user names or host names with shell metacharacters. An attacker could possibly use this issue to perform OS command injection.

tags | advisory, shell
systems | linux, ubuntu
advisories | CVE-2023-51385
SHA-256 | d79217f3c4179c2615288ef92644ea2a7503ce8dc66a1ea3994cfdb65236cdfb
Ubuntu Security Notice USN-7009-1
Posted Sep 13, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7009-1 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48772, CVE-2024-23848, CVE-2024-25741, CVE-2024-31076, CVE-2024-33847, CVE-2024-34027, CVE-2024-34777, CVE-2024-35247, CVE-2024-36015, CVE-2024-36032, CVE-2024-36270, CVE-2024-36489, CVE-2024-36894, CVE-2024-36971
SHA-256 | 5b612a46c804c77ac14a7809a47fec0de9fff4a8a6439f91a0d5ad4c32a28058
Page 1 of 331
Back12345Next

File Archive:

September 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    261 Files
  • 2
    Sep 2nd
    17 Files
  • 3
    Sep 3rd
    38 Files
  • 4
    Sep 4th
    52 Files
  • 5
    Sep 5th
    23 Files
  • 6
    Sep 6th
    27 Files
  • 7
    Sep 7th
    0 Files
  • 8
    Sep 8th
    1 Files
  • 9
    Sep 9th
    16 Files
  • 10
    Sep 10th
    38 Files
  • 11
    Sep 11th
    21 Files
  • 12
    Sep 12th
    40 Files
  • 13
    Sep 13th
    18 Files
  • 14
    Sep 14th
    0 Files
  • 15
    Sep 15th
    0 Files
  • 16
    Sep 16th
    21 Files
  • 17
    Sep 17th
    51 Files
  • 18
    Sep 18th
    23 Files
  • 19
    Sep 19th
    48 Files
  • 20
    Sep 20th
    36 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close