Twenty Year Anniversary
Showing 76 - 100 of 4,316 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2018-10-18
Ubuntu Security Notice USN-3746-1
Posted Aug 21, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3746-1 - It was discovered that APT incorrectly handled the mirror method. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages in environments configured to use mirror:// entries.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2018-0501
MD5 | f0578c44582af159b984480257c46869
Ubuntu Security Notice USN-3745-1
Posted Aug 20, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3745-1 - It was discovered that wpa_supplicant and hostapd incorrectly handled certain messages. An attacker could possibly use this to access sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-14526
MD5 | d3b416b4dc1249a96d0bc5af6a871107
Ubuntu Security Notice USN-3741-3
Posted Aug 18, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3741-3 - USN-3741-1 introduced mitigations in the Linux kernel for Ubuntu 14.04 LTS to address L1 Terminal Fault vulnerabilities. Unfortunately, the update introduced regressions that caused kernel panics when booting in some environments as well as preventing Java applications from starting. This update fixes the problems. Various other issues were also addressed.

tags | advisory, java, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-3646
MD5 | 78bd7446a67ac87a2da4cf6fe7c112df
Ubuntu Security Notice USN-3658-3
Posted Aug 17, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3658-3 - USN-3658-1 fixed a vulnerability in procps-ng. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that the procps-ng top utility incorrectly read its configuration file from the current working directory. A local attacker could possibly use this issue to escalate privileges. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-1122, CVE-2018-1123, CVE-2018-1125
MD5 | 6b6c8d103894f735743fdd753f031223
Ubuntu Security Notice USN-3743-1
Posted Aug 17, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3743-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2018-12911, CVE-2018-4263, CVE-2018-4267, CVE-2018-4278
MD5 | 40cbebca101b1768a0afa00205ce7873
Ubuntu Security Notice USN-3744-1
Posted Aug 17, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3744-1 - Andrew Krasichkov discovered that the PostgreSQL client library incorrectly reset its internal state between connections. A remote attacker could possibly use this issue to bypass certain client-side connection security features. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that PostgreSQL incorrectly checked authorization on certain statements. A remote attacker could possibly use this issue to read arbitrary server memory or alter certain data. Various other issues were also addressed.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-10915, CVE-2018-10925
MD5 | af16db35ec128995a527666b5424b03e
Ubuntu Security Notice USN-3733-2
Posted Aug 16, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3733-2 - USN-3733-1 fixed a vulnerability in GnuPG. This update provides the corresponding update for Ubuntu 12.04 ESM. Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered that GnuPG is vulnerable to a cache side- channel attack. A local attacker could use this attack to recover RSA private keys. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2017-7526
MD5 | fe19ad438a707deec7536790c1f1f042
Ubuntu Security Notice USN-3742-2
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3742-2 - USN-3742-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 for Ubuntu 12.04 ESM. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-18344, CVE-2018-3620, CVE-2018-3646, CVE-2018-5390, CVE-2018-5391
MD5 | 8765eb216afec68e03e4729f603e2423
Ubuntu Security Notice USN-3741-2
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3741-2 - USN-3741-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-3620, CVE-2018-3646, CVE-2018-5390, CVE-2018-5391
MD5 | a0d39dbb79e2f19019b21e3f47cfbcee
Ubuntu Security Notice USN-3742-1
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3742-1 - It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2017-18344, CVE-2018-3620, CVE-2018-3646, CVE-2018-5390, CVE-2018-5391
MD5 | 0bb27e1ab89c610a43b666ee9c098afd
Ubuntu Security Notice USN-3741-1
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3741-1 - It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-3620, CVE-2018-3646, CVE-2018-5390, CVE-2018-5391
MD5 | adb44b3c97e09a1c8c3883fb1c76b23f
Ubuntu Security Notice USN-3740-2
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3740-2 - USN-3740-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-3620, CVE-2018-3646, CVE-2018-5391
MD5 | af22cc41875cbf38e938fba21964205a
Ubuntu Security Notice USN-3740-1
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3740-1 - It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker in a guest virtual machine could use this to expose sensitive information. It was discovered that memory present in the L1 data cache of an Intel CPU core may be exposed to a malicious process that is executing on the CPU core. This vulnerability is also known as L1 Terminal Fault. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-3620, CVE-2018-3646, CVE-2018-5391
MD5 | 1996e4f32e8fd7c1ba60b8a9ec50cc26
Ubuntu Security Notice USN-3739-2
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3739-2 - USN-3739-1 fixed a vulnerability in libxml2. This update provides the corresponding update for Ubuntu 12.04. Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2016-9318, CVE-2018-14404
MD5 | 47e2fd1203e0482b19affd576e089e8c
Ubuntu Security Notice USN-3739-1
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3739-1 - Matias Brutti discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information. It was discovered that libxml2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that libxml2 incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2016-9318, CVE-2017-16932, CVE-2018-14567
MD5 | b8f129dfcf7f934cf00be53fa8d36e4d
Ubuntu Security Notice USN-3738-1
Posted Aug 15, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3738-1 - Svyatoslav Phirsov discovered that the Samba libsmbclient library incorrectly handled extra long filenames. A malicious server could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. Volker Mauel discovered that Samba incorrectly handled database output. When used as an Active Directory Domain Controller, a remote authenticated attacker could use this issue to cause Samba to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-10858, CVE-2018-10918, CVE-2018-10919, CVE-2018-1139
MD5 | f91f296f4171ef9db9a3a6c30a32bca1
Ubuntu Security Notice USN-3736-1
Posted Aug 13, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3736-1 - It was discovered that libarchive incorrectly handled certain archive files. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Agostino Sarubbo discovered that libarchive incorrectly handled certain XAR files. A remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2016-10209, CVE-2017-14166, CVE-2017-14501
MD5 | b5bcdd4f81a12b86db333678e61807f5
Ubuntu Security Notice USN-3737-1
Posted Aug 13, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3737-1 - A use-after-free was discovered in GDM. A local user could exploit this to cause a denial of service, or potentially execute arbitrary code as the administrator.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2018-14424
MD5 | 38080a9134a5f410aa307c4b5cf0dad7
Ubuntu Security Notice USN-3735-1
Posted Aug 10, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3735-1 - It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to potentially construct a class that caused a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-2952
MD5 | caaa953a4feb355b91cfa732ba8eb26a
Ubuntu Security Notice USN-3734-1
Posted Aug 10, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3734-1 - It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. An attacker could use this to possibly construct a class that caused a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-2952
MD5 | 307d553456b77175e08a27757fcda912
Ubuntu Security Notice USN-3732-2
Posted Aug 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3732-2 - USN-3732-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packets. A remote attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, kernel, tcp, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-5390
MD5 | 802eb3abdd14bdadb5da2e1595870840
Ubuntu Security Notice USN-3733-1
Posted Aug 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3733-1 - Daniel J. Bernstein, Joachim Breitner, Daniel Genkin, Leon Groot Bruinderink, Nadia Heninger, Tanja Lange, Christine van Vredendaal, and Yuval Yarom discovered that GnuPG is vulnerable to a cache side-channel attack. A local attacker could use this attack to recover RSA private keys.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2017-7526
MD5 | 1e04040a0f99386a8b56262eec323ea2
Ubuntu Security Notice USN-3732-1
Posted Aug 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3732-1 - Juha-Matti Tilli discovered that the TCP implementation in the Linux kernel performed algorithmically expensive operations in some situations when handling incoming packets. A remote attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, tcp
systems | linux, ubuntu
advisories | CVE-2018-5390
MD5 | 43c84ca28d83281850c44600f89423ee
Ubuntu Security Notice USN-3731-2
Posted Aug 7, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3731-2 - USN-3731-1 fixed a vulnerability in LFTP. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that LFTP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-10916
MD5 | 6381138d09500c7d91c40b39caea7b5b
Ubuntu Security Notice USN-3731-1
Posted Aug 6, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3731-1 - It was discovered that LFTP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2018-10196
MD5 | a8de898a21fc0c7256fa96e9770dcf1b
Page 4 of 173
Back23456Next

File Archive:

October 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Oct 1st
    26 Files
  • 2
    Oct 2nd
    15 Files
  • 3
    Oct 3rd
    15 Files
  • 4
    Oct 4th
    15 Files
  • 5
    Oct 5th
    15 Files
  • 6
    Oct 6th
    2 Files
  • 7
    Oct 7th
    3 Files
  • 8
    Oct 8th
    23 Files
  • 9
    Oct 9th
    16 Files
  • 10
    Oct 10th
    15 Files
  • 11
    Oct 11th
    19 Files
  • 12
    Oct 12th
    16 Files
  • 13
    Oct 13th
    2 Files
  • 14
    Oct 14th
    2 Files
  • 15
    Oct 15th
    15 Files
  • 16
    Oct 16th
    20 Files
  • 17
    Oct 17th
    19 Files
  • 18
    Oct 18th
    21 Files
  • 19
    Oct 19th
    0 Files
  • 20
    Oct 20th
    0 Files
  • 21
    Oct 21st
    0 Files
  • 22
    Oct 22nd
    0 Files
  • 23
    Oct 23rd
    0 Files
  • 24
    Oct 24th
    0 Files
  • 25
    Oct 25th
    0 Files
  • 26
    Oct 26th
    0 Files
  • 27
    Oct 27th
    0 Files
  • 28
    Oct 28th
    0 Files
  • 29
    Oct 29th
    0 Files
  • 30
    Oct 30th
    0 Files
  • 31
    Oct 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close