what you don't know can hurt you
Showing 1 - 25 of 5,505 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2021-01-18
Ubuntu Security Notice USN-4695-1
Posted Jan 18, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4695-1 - Choongwoo Han discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Jerzy Kramarz discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-5208, CVE-2017-6009, CVE-2017-6011
MD5 | cc7f5a77193361f6afb87d4fc323cbb7
Ubuntu Security Notice USN-4693-1
Posted Jan 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4693-1 - It was discovered that an SQL injection vulnerability exists in the Ampache search engine. Any user able to perform searches could dump any data contained in the database. An attacker could use this to disclose sensitive information. It was discovered that an XSS vulnerability in Ampache. An attacker could use this vulnerability to force an admin to create a new privileged user. Various other issues were also addressed.

tags | advisory, sql injection
systems | linux, ubuntu
advisories | CVE-2019-12385, CVE-2019-12386
MD5 | 19e32413eae87248300241c7423c86b4
Ubuntu Security Notice USN-4694-1
Posted Jan 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4694-1 - It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-28374
MD5 | 39bd5d296c952869b692a804fbc44d89
Ubuntu Security Notice USN-4692-1
Posted Jan 13, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4692-1 - Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the --sparse flag. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Daniel Axtens discovered that tar incorrectly handled certain malformed tar files. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to cause tar to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-20482, CVE-2019-9923
MD5 | 344cbf5822690466c47037ca26772ba8
Ubuntu Security Notice USN-4691-1
Posted Jan 13, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4691-1 - Jonas Rudloff discovered that Open vSwitch incorrectly handled certain malformed LLDP packets. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-8011
MD5 | 622199ebe49995537dcf295a4a531f9d
Ubuntu Security Notice USN-4690-1
Posted Jan 13, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4690-1 - It was discovered that coTURN allowed peers to connect and relay packets to loopback addresses in the range of 127.x.x.x. A malicious user could use this vulnerability to insert packages into the loopback interface.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2020-26262
MD5 | a250c57907fc4d20314b01267251dffc
Ubuntu Security Notice USN-4689-2
Posted Jan 12, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4689-2 - USN-4689-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-1052, CVE-2021-1053, CVE-2021-1056
MD5 | 5400659ba37710eaa6b249f1d24c9de7
Ubuntu Security Notice USN-4649-2
Posted Jan 12, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4649-2 - USN-4649-1 fixed vulnerabilities in xdg-utils. That update caused a regression by removing the --attach functionality in thunderbird and others applications. This update fix the problem by reverting these changes. Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information. Various other issues were also addressed.

tags | advisory, vulnerability
systems | linux, ubuntu
MD5 | e3181c84ebf88124fc8440988b2185ac
Ubuntu Security Notice USN-4689-1
Posted Jan 12, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4689-1 - It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-1052, CVE-2021-1053, CVE-2021-1056
MD5 | 981d1a54d362e0eb1a220d6c10591e46
Ubuntu Security Notice USN-4668-4
Posted Jan 12, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4668-4 - USN-4668-1 fixed a vulnerability in python-apt. This update provides the corresponding update for Ubuntu 14.04 ESM. Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local, python
systems | linux, ubuntu
advisories | CVE-2020-27351
MD5 | 547dc78aa1e891e8e1a6f4156108a0f0
Ubuntu Security Notice USN-4667-2
Posted Jan 12, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4667-2 - USN-4667-1 fixed a vulnerability in APT. This update provides the corresponding update for Ubuntu 14.04 ESM. Kevin Backhouse discovered that APT incorrectly handled certain packages. A local attacker could possibly use this issue to cause APT to crash or stop responding, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2020-27350
MD5 | b02790b890a4077db710c9e9f926d953
Ubuntu Security Notice USN-4688-1
Posted Jan 11, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4688-1 - It was discovered that Jasper incorrectly certain files. An attacker could possibly use this issue to cause a crash. It was discovered that Jasper incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. It was discovered that Jasper incorrectly handled certain JPC encoders. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-9782, CVE-2018-18873, CVE-2018-19542, CVE-2020-27828
MD5 | a965c42895b4f69c78c1d6469bf754db
Ubuntu Security Notice USN-4687-1
Posted Jan 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4687-1 - A use-after-free was discovered in Firefox when handling SCTP packets. An attacker could potentially exploit this to cause a denial of service, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-16044
MD5 | 8b8168d3ee3d2c80f6d055fe05c6c894
Ubuntu Security Notice USN-4684-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4684-1 - Laszlo Ersek discovered that EDK II incorrectly validated certain signed images. An attacker could possibly use this issue with a specially crafted image to cause EDK II to hang, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that EDK II incorrectly parsed signed PKCS #7 data. An attacker could use this issue to cause EDK II to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-14562, CVE-2019-14584
MD5 | 1751a770e1cc64cf0203b6e4506c808e
Ubuntu Security Notice USN-4685-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4685-1 - It was discovered that OpenJPEG incorrectly handled certain image data. An attacker could use this issue to cause OpenJPEG to crash, leading to a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-15389, CVE-2020-27841
MD5 | 441106d86f85ccadec1d3c14e6567734
Ubuntu Security Notice USN-4686-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4686-1 - It was discovered that Ghostscript incorrectly handled certain image files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-5727, CVE-2020-27842, CVE-2020-8112
MD5 | 4cd68750ef2abd5f6b9640ef33177e4f
Ubuntu Security Notice USN-4683-1
Posted Jan 7, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4683-1 - Minh Yuan discovered that the framebuffer console driver in the Linux kernel did not properly handle fonts in some conditions. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-28974
MD5 | 7fbd2df16ee169fac1041dc6ef729402
Ubuntu Security Notice USN-4677-2
Posted Jan 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4677-2 - USN-4677-1 fixed a vulnerability in p11-kit. This update provides the corresponding update for Ubuntu 14.04 ESM. David Cook discovered that p11-kit incorrectly handled certain memory operations. An attacker could use this issue to cause p11-kit to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-29361
MD5 | f0cd253812e585b78a6df0d24f050a4c
Ubuntu Security Notice USN-4682-1
Posted Jan 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4682-1 - It was discovered that WavPack incorrectly handled certain WAV files. An attacker could possibly use this issue to execute arbitrary code or cause a crash.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-35738
MD5 | 071a6f4ed83c58b35aaeadaa4f78066a
Ubuntu Security Notice USN-4681-1
Posted Jan 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4681-1 - Ryan Hall discovered that the Intel 700 Series Ethernet Controllers driver in the Linux kernel did not properly deallocate memory in some conditions. A local attacker could use this to cause a denial of service. It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-0148, CVE-2020-25656, CVE-2020-25668, CVE-2020-27675, CVE-2020-28974, CVE-2020-4788
MD5 | 91670808904d9a205af1af1baa6a1ec2
Ubuntu Security Notice USN-4680-1
Posted Jan 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4680-1 - It was discovered that debugfs in the Linux kernel as used by blktrace contained a use-after-free in some situations. A privileged local attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the binder IPC implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2019-19770, CVE-2020-0423, CVE-2020-10135, CVE-2020-25656, CVE-2020-25668, CVE-2020-25705, CVE-2020-27675, CVE-2020-27777, CVE-2020-28974
MD5 | d9396f87744b985c8e687f3925ea532c
Ubuntu Security Notice USN-4679-1
Posted Jan 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4679-1 - It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information. Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information. Kiyin discovered that the perf subsystem in the Linux kernel did not properly deallocate memory in some situations. A privileged attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-25656, CVE-2020-25668, CVE-2020-25704, CVE-2020-27675, CVE-2020-27777, CVE-2020-28974
MD5 | 1ace1ae8d4759419772bc1a1bdf880c4
Ubuntu Security Notice USN-4678-1
Posted Jan 6, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4678-1 - It was discovered that the AMD Running Average Power Limit driver in the Linux kernel did not properly restrict access to power data. A local attacker could possibly use this to expose sensitive information. Jann Horn discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations. A local attacker could use this to expose sensitive information or possibly escalate privileges. Various other issues were also addressed.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-12912, CVE-2020-29534
MD5 | b3036de92a3edb42e7057a8095180d7c
Ubuntu Security Notice USN-4677-1
Posted Jan 5, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4677-1 - David Cook discovered that p11-kit incorrectly handled certain memory operations. An attacker could use this issue to cause p11-kit to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-29361
MD5 | 21b501626a34f8159219ffcf33d54c15
Ubuntu Security Notice USN-4676-1
Posted Jan 5, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4676-1 - It was discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-16587
MD5 | 590de48f77cba77bf4361c2d44509710
Page 1 of 221
Back12345Next

File Archive:

January 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jan 1st
    4 Files
  • 2
    Jan 2nd
    3 Files
  • 3
    Jan 3rd
    3 Files
  • 4
    Jan 4th
    33 Files
  • 5
    Jan 5th
    31 Files
  • 6
    Jan 6th
    21 Files
  • 7
    Jan 7th
    15 Files
  • 8
    Jan 8th
    19 Files
  • 9
    Jan 9th
    1 Files
  • 10
    Jan 10th
    1 Files
  • 11
    Jan 11th
    33 Files
  • 12
    Jan 12th
    19 Files
  • 13
    Jan 13th
    27 Files
  • 14
    Jan 14th
    8 Files
  • 15
    Jan 15th
    16 Files
  • 16
    Jan 16th
    1 Files
  • 17
    Jan 17th
    2 Files
  • 18
    Jan 18th
    20 Files
  • 19
    Jan 19th
    0 Files
  • 20
    Jan 20th
    0 Files
  • 21
    Jan 21st
    0 Files
  • 22
    Jan 22nd
    0 Files
  • 23
    Jan 23rd
    0 Files
  • 24
    Jan 24th
    0 Files
  • 25
    Jan 25th
    0 Files
  • 26
    Jan 26th
    0 Files
  • 27
    Jan 27th
    0 Files
  • 28
    Jan 28th
    0 Files
  • 29
    Jan 29th
    0 Files
  • 30
    Jan 30th
    0 Files
  • 31
    Jan 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close