what you don't know can hurt you
Showing 1 - 25 of 6,217 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2022-05-20
Ubuntu Security Notice USN-5424-2
Posted May 20, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5424-2 - USN-5424-1 fixed a vulnerability in OpenLDAP. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database.

tags | advisory, remote, sql injection
systems | linux, ubuntu
advisories | CVE-2022-29155
SHA-256 | 0e0e7d427185a4265212e9573a0d260655e14290d1cec821dc663cfb8913d341
Ubuntu Security Notice USN-5429-1
Posted May 19, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5429-1 - Thomas Amgarten discovered that Bind incorrectly handled certain TLS connections being destroyed. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-1183
SHA-256 | 55ce2e3ed595a0e54481d0b59f468b92eb5b3652c3537ba65ac53e265a0140ee
Ubuntu Security Notice USN-5430-1
Posted May 19, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5430-1 - It was discovered that GNOME Settings incorrectly handled the remote desktop sharing configuration. When turning off desktop sharing, it may be turned on again after rebooting, contrary to expectations.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2022-1736
SHA-256 | 0caae1f837e57963485b670c7a2e0b364633d4e5ddcf44795a2923c570f64b8a
Ubuntu Security Notice USN-5428-1
Posted May 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5428-1 - Tobias Stoeckmann discovered that libXrandr incorrectly handled certain responses. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-7947
SHA-256 | deb631a860436031a460c67a9adb4c2f5174b4829345d20a02d76adfe82f1cf5
Ubuntu Security Notice USN-5423-2
Posted May 18, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5423-2 - USN-5423-1 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM. Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792, CVE-2022-20796
SHA-256 | 8e4b8948d5e1b928c53f47538c39a5720eb5d9b54a8e9ed63566bd719e26428b
Ubuntu Security Notice USN-5427-1
Posted May 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5427-1 - Muqing Liu and neoni discovered that Apport incorrectly handled detecting if an executable was replaced after a crash. A local attacker could possibly use this issue to execute arbitrary code as the root user. Gerrit Venema discovered that Apport incorrectly handled connections to Apport sockets inside containers. A local attacker could possibly use this issue to connect to arbitrary sockets as the root user.

tags | advisory, arbitrary, local, root
systems | linux, ubuntu
advisories | CVE-2021-3899, CVE-2022-1242, CVE-2022-28652, CVE-2022-28654, CVE-2022-28655, CVE-2022-28656, CVE-2022-28657, CVE-2022-28658
SHA-256 | 4a7a1a4b4a53f12a5e131a2b8e72000ea9e3e0b7606d2ddd406b23a06bd16806
Ubuntu Security Notice USN-5426-1
Posted May 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5426-1 - Jakub Wilk discovered that needrestart incorrectly used some regular expressions. A local attacker could possibly use this issue to execute arbitrary code.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2022-30688
SHA-256 | af676d991a6b34124aadcbf2af266afeb34a8c6ad65703f679cfe6e1368bd93e
Ubuntu Security Notice USN-5425-1
Posted May 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5425-1 - Yunho Kim discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expose sensitive information. This issue only affects Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 21.10 and Ubuntu 22.04 LTS. It was discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to have unexpected behavior. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2019-20838, CVE-2020-14155
SHA-256 | ea665c758fe5de20b97d3df163ec0752b6694b10d447a57081c46cc5ea9bc553
Ubuntu Security Notice USN-5424-1
Posted May 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5424-1 - It was discovered that OpenLDAP incorrectly handled certain SQL statements within LDAP queries in the experimental back-sql backend. A remote attacker could possibly use this issue to perform an SQL injection attack and alter the database.

tags | advisory, remote, sql injection
systems | linux, ubuntu
advisories | CVE-2022-29155
SHA-256 | 622b2eaedb770c0fbeedd05eb4c12c43e234131acf0a55523407bb64c0dc2e6d
Ubuntu Security Notice USN-5423-1
Posted May 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5423-1 - Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF files. A remote attacker could possibly use this issue to cause ClamAV to stop responding, resulting in a denial of service. Michał Dardas discovered that ClamAV incorrectly handled parsing HTML files. A remote attacker could possibly use this issue to cause ClamAV to consume resources, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-20770, CVE-2022-20771, CVE-2022-20785, CVE-2022-20792, CVE-2022-20796
SHA-256 | 8a7e6d56f5558ae8bd78cd46e08c6dd48ba55d4079f3389737d0e448d3eb3555
Ubuntu Security Notice USN-5311-2
Posted May 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5311-2 - USN-5311-1 released updates for contained. Unfortunately, a subsequent update reverted the fix for thisCVE by mistake. This update corrects the problem. It was discovered that containerd allows attackers to gain access to read- only copies of arbitrary files and directories on the host via a specially- crafted image configuration. An attacker could possibly use this issue to obtain sensitive information.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-23648
SHA-256 | bf0c845e991aeba0eca65f4b23d29f729ad0f1896214182e1ae0fa304a019039
Ubuntu Security Notice USN-5422-1
Posted May 17, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5422-1 - Shinji Sato discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04 ESM. It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-23308, CVE-2022-29824
SHA-256 | 8c3c6b611abb6723add14e9eb03ff8250dbd63ea52e2453efb3197d19614ea63
Ubuntu Security Notice USN-5421-1
Posted May 16, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5421-1 - It was discovered that LibTIFF incorrectly handled certain images. An attacker could possibly use this issue to cause a crash, resulting in a denial of service. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Chintan Shah discovered that LibTIFF incorrectly handled memory when handling certain images. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-35522, CVE-2022-0865, CVE-2022-0891
SHA-256 | fd53c220dff57e76bdac23217ea634b1fb5272778561ded300fb599bd6d0ff03
Ubuntu Security Notice USN-5419-1
Posted May 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5419-1 - It was discovered that Rsyslog improperly handled certain invalid input. An attacker could use this issue to cause Rsyslog to crash.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-16881
SHA-256 | 9b932c5bd024a7f4d15dbe45fcd972c8a1508eba46c88889bb93109549ff87ae
Ubuntu Security Notice USN-5420-1
Posted May 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5420-1 - It was discovered that Vorbis incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-14160
SHA-256 | a33060407453b19aa7187d7422d0a895fbe372f01e612751c0d342a6bec706ca
Ubuntu Security Notice USN-5417-1
Posted May 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5417-1 - Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the MMC/SD subsystem in the Linux kernel did not properly handle read errors from SD cards in certain situations. An attacker could possibly use this to expose sensitive information.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-26401, CVE-2022-20008, CVE-2022-25258, CVE-2022-25375, CVE-2022-26490, CVE-2022-26966, CVE-2022-27223, CVE-2022-29156
SHA-256 | 337688d78bd8984c56f452e4bee794482d878f55146f535c4c249b641b2b5f51
Ubuntu Security Notice USN-5418-1
Posted May 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5418-1 - Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information. Demi Marie Obenour and Simon Gaiser discovered that several Xen para- virtualization device frontends did not properly restrict the access rights of device backends. An attacker could possibly use a malicious Xen backend to gain access to memory pages of a guest VM or cause a denial of service in the guest.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2021-26401, CVE-2022-23039, CVE-2022-23040, CVE-2022-24958, CVE-2022-25258, CVE-2022-25375, CVE-2022-26490, CVE-2022-26966, CVE-2022-27223
SHA-256 | 5d59c806b66497edbb6af2992f2ae5cce0fa7a093060f86f2d7fbcd7da204b10
Ubuntu Security Notice USN-5416-1
Posted May 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5416-1 - Qiuhao Li, Gaoning Pan and Yongkang Jia discovered that the KVM implementation in the Linux kernel did not properly perform guest page table updates in some situations. An attacker in a guest vm could possibly use this to crash the host OS. It was discovered that the implementation of X.25 network protocols in the Linux kernel did not terminate link layer sessions properly. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-1158, CVE-2022-1516, CVE-2022-28388, CVE-2022-28389, CVE-2022-28390
SHA-256 | 7fdbee8afc9e35d51c815cc5cf37dff16b83556969d0fb1ee6bfdc2a05f5d92c
Ubuntu Security Notice USN-5415-1
Posted May 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5415-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-27820, CVE-2021-26401, CVE-2022-1016, CVE-2022-20008, CVE-2022-25258, CVE-2022-25375, CVE-2022-26490, CVE-2022-27223
SHA-256 | 691a35428f308c736b0b1c54fe6cb68b24805afc0173f36b49281af792f6943a
Ubuntu Security Notice USN-5413-1
Posted May 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5413-1 - Jeremy Cline discovered a use-after-free in the nouveau graphics driver of the Linux kernel during device removal. A privileged or physically proximate attacker could use this to cause a denial of service. It was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-27820, CVE-2021-39713, CVE-2021-4157, CVE-2022-26490, CVE-2022-27223, CVE-2022-28390
SHA-256 | 91244b1f084946d306199917a00cb07c4faa804148fb749c2918a68baf634f4c
Ubuntu Security Notice USN-5411-1
Posted May 11, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5411-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass permission prompts, obtain sensitive information, bypass security restrictions, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2022-29909, CVE-2022-29915
SHA-256 | 000f629967ca92f7e1c38fe716cc7f512431d6be87f751d10c253c7ae9867eb9
Ubuntu Security Notice USN-5412-1
Posted May 11, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5412-1 - Axel Chong discovered that curl incorrectly handled percent-encoded URL separators. A remote attacker could possibly use this issue to trick curl into using the wrong URL and bypass certain checks or filters. This issue only affected Ubuntu 22.04 LTS. Florian Kohnhuser discovered that curl incorrectly handled returning a TLS server's certificate chain details. A remote attacker could possibly use this issue to cause curl to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-27780, CVE-2022-27781, CVE-2022-27782
SHA-256 | 477ec6bff1dfd28bf6df200de8f8540192a02b1e6306fa486d364e719ff4bca8
Ubuntu Security Notice USN-5410-1
Posted May 11, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5410-1 - Lenny Wang discovered that NSS incorrectly handled certain messages. A remote attacker could possibly use this issue to cause servers compiled with NSS to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-25648
SHA-256 | 024993daf9b959e9075f012157b05fdba5d56fc13c1c2804f9ed1a134b8f5c7a
Ubuntu Security Notice USN-5259-3
Posted May 11, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5259-3 - USN-5259-1 and USN-5259-2 fixed vulnerabilities in Cron. Unfortunately that update was incomplete and could introduce a regression. This update fixes the problem. It was discovered that the postinst maintainer script in Cron unsafely handled file permissions during package install or update operations. An attacker could possibly use this issue to perform a privilege escalation attack. Florian Weimer discovered that Cron incorrectly handled certain memory operations during crontab file creation. An attacker could possibly use this issue to cause a denial of service. It was discovered that Cron incorrectly handled user input during crontab file creation. An attacker could possibly use this issue to cause a denial of service. It was discovered that Cron contained a use-after-free vulnerability in its force_rescan_user function. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-9525, CVE-2019-9704, CVE-2019-9705, CVE-2019-9706
SHA-256 | 2c9318e69fe86c3b063c4d4569574e3f0fdc2dd430d0ba5c56dd3604970268db
Ubuntu Security Notice USN-5409-1
Posted May 11, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5409-1 - It was discovered that libsndfile was incorrectly performing memory management operations and incorrectly using buffers when executing its FLAC codec. If a user or automated system were tricked into processing a specially crafted sound file, an attacker could possibly use this issue to cause a denial of service or obtain sensitive information.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-4156
SHA-256 | db49ce893a7be6cad7941c2b0f489619a410cae85847f76f25e81325e7aa9ef0
Page 1 of 249
Back12345Next

File Archive:

May 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    0 Files
  • 2
    May 2nd
    15 Files
  • 3
    May 3rd
    19 Files
  • 4
    May 4th
    24 Files
  • 5
    May 5th
    15 Files
  • 6
    May 6th
    14 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    13 Files
  • 10
    May 10th
    7 Files
  • 11
    May 11th
    99 Files
  • 12
    May 12th
    45 Files
  • 13
    May 13th
    7 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    16 Files
  • 17
    May 17th
    26 Files
  • 18
    May 18th
    4 Files
  • 19
    May 19th
    17 Files
  • 20
    May 20th
    2 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close