Ubuntu Security Notice 3741-1 - It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
adb44b3c97e09a1c8c3883fb1c76b23fUbuntu Security Notice 3740-2 - USN-3740-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. Various other issues were also addressed.
af22cc41875cbf38e938fba21964205aUbuntu Security Notice 3740-1 - It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker could use this to expose sensitive information. Various other issues were also addressed.
1996e4f32e8fd7c1ba60b8a9ec50cc26Ubuntu Security Notice 3739-2 - USN-3739-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04. Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. Various other issues were also addressed.
47e2fd1203e0482b19affd576e089e8cUbuntu Security Notice 3739-1 - Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. It was discovered that libxml2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that libxml2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
b8f129dfcf7f934cf00be53fa8d36e4dUbuntu Security Notice 3738-1 - Svyatoslav Phirsov discovered that the Samba libsmbclient library incorrectly handled extra long filenames. A malicious server could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. Volker Mauel discovered that Samba incorrectly handled database output. When used as an Active Directory Domain Controller, a remote authenticated attacker could use this issue to cause Samba to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.
f91f296f4171ef9db9a3a6c30a32bca1Ubuntu Security Notice 3736-1 - It was discovered that libarchive incorrectly handled certain archive files. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Agostino Sarubbo discovered that libarchive incorrectly handled certain XAR files. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.
b5bcdd4f81a12b86db333678e61807f5Ubuntu Security Notice 3737-1 - A use-after-free was discovered in GDM. A local user could exploit this to cause a denial of service, or potentially execute arbitrary code as the administrator.
38080a9134a5f410aa307c4b5cf0dad7Ubuntu Security Notice 3735-1 - It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to potentially construct a class that caused a denial of service.
caaa953a4feb355b91cfa732ba8eb26aUbuntu Security Notice 3734-1 - It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to possibly construct a class that caused a denial of service.
307d553456b77175e08a27757fcda912Ubuntu Security Notice 3732-2 - USN-3732-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packets. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.
802eb3abdd14bdadb5da2e1595870840Ubuntu Security Notice 3733-1 - Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered that GnuPG is vulnerable to a cache side-channel attack. A local attacker could use this attack to recover RSA private keys.
1e04040a0f99386a8b56262eec323ea2Ubuntu Security Notice 3732-1 - Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packets. A remote attacker could use this to cause a denial of service.
43c84ca28d83281850c44600f89423eeUbuntu Security Notice 3731-2 - USN-3731-1 fixed a vulnerability in LFTP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that LFTP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
6381138d09500c7d91c40b39caea7b5bUbuntu Security Notice 3731-1 - It was discovered that LFTP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.
a8de898a21fc0c7256fa96e9770dcf1bUbuntu Security Notice 3730-1 - Matthias Gerstner discovered that LXC incorrectly handled the lxc-user-nic utility. A local attacker could possibly use this issue to open arbitrary files.
2d49f90b6beba33820201e89a4784c25Ubuntu Security Notice 3729-1 - It was discovered that libxcursor incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.
fc34494033b154bb7345e72a057068beUbuntu Security Notice 3728-3 - USN-3728-2 fixed several vulnerabilities in ClamAV. This update provides the corresponding update for Ubuntu 12.04 ESM. Hanno Boeck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
342c999b06779c9933a6f72b37765ff3Ubuntu Security Notice 3728-2 - USN-3728-1 fixed several vulnerabilities in libmspack. In Ubuntu 14.04 libmspack is included into ClamAV. This update provides the corresponding update for Ubuntu 14.04 LTS. Hanno Boeck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
8410ac792923025c01d404223fbb1a5bUbuntu Security Notice 3728-1 - Hanno Boeck discovered that libmspack incorrectly handled certain CHM files. An attacker could possibly use this issue to cause a denial of service. Jakub Wilk discovered that libmspack incorrectly handled certain KWAJ files. An attacker could possibly use this issue to execute arbitrary code. Dmitry Glavatskikh discovered that libmspack incorrectly certain CHM files. An attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
5ec726335cc48f2ac03e2723b19bd374Ubuntu Security Notice 3726-1 - Andreas Hug discovered that Django contained an open redirect in CommonMiddleware. A remote attacker could possibly use this issue to perform phishing attacks.
06c8c2fdc8ee7e6ef3db72bd4a4eded2Ubuntu Security Notice 3727-1 - It was discovered that Bouncy Castle incorrectly handled certain crypto algorithms. A remote attacker could possibly use these issues to obtain sensitive information, including private keys.
6c82547bd80b4fdc261181f54ff1ebb8Ubuntu Security Notice 3725-2 - USN-3725-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 12.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.61 in Ubuntu 12.04 ESM. Various other issues were also addressed.
6ddecd1b2fc9707ddd532c901cf90170Ubuntu Security Notice 3725-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.61 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.23. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
62a993774568d1bf05266b42f9da9fb9Ubuntu Security Notice 3722-3 - USN-3722-1 fixed vulnerabilities in ClamAV. The updated ClamAV version removed some configuration options which caused the daemon to fail to start in environments where the ClamAV configuration file was manually edited. This update fixes the problem. Various other issues were also addressed.
7272d25ace6b15017b495dcdc09f7b09
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed