what you don't know can hurt you
Showing 1 - 25 of 7,350 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-5031-1
Posted Aug 5, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5031-1 - It was discovered that openCryptoki incorrectly handled certain EC keys. An attacker could possibly use this issue to cause a invalid curve attack.

tags | advisory
systems | linux, ubuntu
MD5 | c766bab5cd38323a6cdd903df7ef387d
Ubuntu Security Notice USN-5027-2
Posted Aug 5, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5027-2 - USN-5027-1 fixed a vulnerability in PEAR. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-32610
MD5 | 3b66931b56a4757788a5abe5a1d2f294
Ubuntu Security Notice USN-5030-1
Posted Aug 4, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5030-1 - It was discovered that the Perl DBI module incorrectly opened files outside of the folder specified in the data source name. A remote attacker could possibly use this issue to obtain sensitive information. It was discovered that the Perl DBI module incorrectly handled certain long strings. A local attacker could possibly use this issue to cause the DBI module to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, remote, denial of service, local, perl
systems | linux, ubuntu
advisories | CVE-2014-10402, CVE-2020-14393
MD5 | 7f74d57c3fa809b85251ccf934c074e1
Ubuntu Security Notice USN-5029-1
Posted Aug 3, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5029-1 - It was discovered that GnuTLS incorrectly handled sending certain extensions when being used as a client. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-20231
MD5 | 165cdacd43ff62c2c2dc51e6fabb08f6
Ubuntu Security Notice USN-5028-1
Posted Aug 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5028-1 - It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-31291
MD5 | e3ee78b5a9d797ff973626ea214ecee5
Ubuntu Security Notice USN-5026-2
Posted Aug 2, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5026-2 - USN-5026-1 fixed several vulnerabilities in QPDF. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to consume resources, resulting in a denial of service. It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-18020, CVE-2021-36978
MD5 | d0cc1262c88603c1d133bc10e66c697b
Ubuntu Security Notice USN-5026-1
Posted Jul 30, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5026-1 - It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to consume resources, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that QPDF incorrectly handled certain malformed PDF files. A remote attacker could use this issue to cause QPDF to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-18020, CVE-2021-36978
MD5 | 1df5275a8531c053a169685e8b2d82e6
Ubuntu Security Notice USN-5027-1
Posted Jul 30, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5027-1 - It was discovered that PEAR incorrectly handled symbolic links in archives. A remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-32610
MD5 | e229b5ed152b516f5a258a11fdafd755
Ubuntu Security Notice USN-5025-2
Posted Jul 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5025-2 - USN-5025-1 fixed a vulnerability in libsndfile. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. It was discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3246
MD5 | 36961b1b148131d5ac49f6d33229fe09
Ubuntu Security Notice USN-5025-1
Posted Jul 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5025-1 - It was discovered that libsndfile incorrectly handled certain malformed files. A remote attacker could use this issue to cause libsndfile to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3246
MD5 | 317f74ce8072ee0dc28309859d8ab843
Ubuntu Security Notice USN-4944-2
Posted Jul 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4944-2 - USN-4944-1 fixed vulnerabilities in MariaDB. It caused a regression. This update fixes the problem. Ubuntu 20.04 has been updated to MariaDB 10.3.30.

tags | advisory, vulnerability
systems | linux, ubuntu
MD5 | 805c04f52ac0499cb1925b8798585651
Ubuntu Security Notice USN-5024-1
Posted Jul 29, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5024-1 - A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2021-21775, CVE-2021-30689, CVE-2021-30749, CVE-2021-30799
MD5 | 50a9963ba1903faeab04b47189a80b51
Ubuntu Security Notice USN-5023-1
Posted Jul 27, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5023-1 - It was discovered that Aspell incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code or cause a crash.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-25051
MD5 | 3dbda93d05f3a1889e17abf72c12aa2d
Ubuntu Security Notice USN-5022-1
Posted Jul 27, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5022-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.26 in Ubuntu 20.04 LTS and Ubuntu 21.04. Ubuntu 18.04 LTS has been updated to MySQL 5.7.35. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-2339, CVE-2021-2354, CVE-2021-2370, CVE-2021-2384, CVE-2021-2390, CVE-2021-2417, CVE-2021-2425, CVE-2021-2437
MD5 | dd37bcf6f26ea1961db0a990da7b0f1c
Ubuntu Security Notice USN-5021-1
Posted Jul 22, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5021-1 - Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled TELNET connections when the -t option was used on the command line. Uninitialized data possibly containing sensitive information could be sent to the remote server, contrary to expectations. Harry Sintonen discovered that curl incorrectly reused connections in the connection pool. This could result in curl reusing the wrong connections. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-22898, CVE-2021-22924, CVE-2021-22925
MD5 | c53bea031dddd5ede7e38a101eca93e4
Ubuntu Security Notice USN-5020-1
Posted Jul 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5020-1 - It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. It was discovered that Ruby incorrectly handled certain inputs. An attacker could possibly use this issue to conduct port scans and service banner extractions. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. Various other issues were also addressed.

tags | advisory, arbitrary, ruby
systems | linux, ubuntu
advisories | CVE-2021-31799, CVE-2021-31810, CVE-2021-32066
MD5 | b2e949441f11b0559bbbb899cab3d9d3
Sequoia: A Deep Root In Linux's Filesystem Layer
Posted Jul 21, 2021
Authored by Qualys Security Advisory

Qualys discovered a size_t-to-int conversion vulnerability in the Linux kernel's filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local attacker can write the 10-byte string "//deleted" to an offset of exactly -2GB-10B below the beginning of a vmalloc()ated kernel buffer. They successfully exploited this uncontrolled out-of-bounds write, and obtained full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation; other Linux distributions are certainly vulnerable, and probably exploitable. A basic proof of concept (a crasher) is attached to this advisory.

tags | exploit, kernel, local, root, proof of concept
systems | linux, debian, fedora, ubuntu
advisories | CVE-2021-33909, CVE-2021-33910
MD5 | 2739ab8c7448e7ea41f28d5e97efa32a
Ubuntu Security Notice USN-4336-2
Posted Jul 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 4336-2 - USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that GNU binutils contained a large number of security issues. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could cause GNU binutils to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2016-2226, CVE-2016-4490, CVE-2016-6131, CVE-2017-12451, CVE-2017-12455, CVE-2017-12459, CVE-2017-14128, CVE-2017-14529, CVE-2017-14939, CVE-2017-15022, CVE-2017-15938, CVE-2017-16827, CVE-2017-17080, CVE-2017-17125, CVE-2017-7209, CVE-2017-7225, CVE-2017-7300, CVE-2017-8393, CVE-2017-8397, CVE-2017-9039, CVE-2017-9044, CVE-2017-9746, CVE-2017-9750, CVE-2017-9754, CVE-2018-1000876, CVE-2018-10535, CVE-2018-12699
MD5 | 299412ebfe15130fcd2ba6fb07826c11
Ubuntu Security Notice USN-5019-1
Posted Jul 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5019-1 - It was discovered that an assert could be triggered in the NVIDIA graphics drivers. A local attacker could use this to cause a denial of service. It was discovered that the NVIDIA graphics drivers permitted an out-of-bounds array access. A local attacker could use this to cause a denial of service or possibly expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2021-1093, CVE-2021-1094, CVE-2021-1095
MD5 | 9b14b7386bfe0d3b7c97a0be131a2b1c
Ubuntu Security Notice USN-5018-1
Posted Jul 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5018-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code. Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-24586, CVE-2020-24587, CVE-2020-26139, CVE-2020-26147, CVE-2020-26558, CVE-2021-23134, CVE-2021-31829, CVE-2021-32399, CVE-2021-33034, CVE-2021-33200, CVE-2021-33909
MD5 | 5689144ce247f58cfe35aa8184a61e3f
Ubuntu Security Notice USN-5017-1
Posted Jul 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5017-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2020-26558, CVE-2021-33909
MD5 | 0873c6cc3ecce256f668e9fe41464f0e
Ubuntu Security Notice USN-5016-1
Posted Jul 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5016-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code. Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-23134, CVE-2021-32399, CVE-2021-33034, CVE-2021-33909, CVE-2021-3506
MD5 | 31d29e3a9e3c3cdcef9c9a76db4909d8
Ubuntu Security Notice USN-5015-1
Posted Jul 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5015-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code. Michael Brown discovered that the Xen netback driver in the Linux kernel did not properly handle malformed packets from a network PV frontend, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-28691, CVE-2021-33909, CVE-2021-3564, CVE-2021-3573, CVE-2021-3587
MD5 | e0afe945c2de058eec0a91d5407a9356
Ubuntu Security Notice USN-5014-1
Posted Jul 21, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5014-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-33909
MD5 | 40868080c6dd49f2545379648cd8a90e
Ubuntu Security Notice USN-5013-2
Posted Jul 20, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5013-2 - USN-5013-1 fixed several vulnerabilities in systemd. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that systemd incorrectly handled certain mount paths. A local attacker could possibly use this issue to cause systemd to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-13529, CVE-2021-33910
MD5 | 2292db61aa7aa7a29cce8f3e68387db3
Page 1 of 294
Back12345Next

File Archive:

August 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    1 Files
  • 2
    Aug 2nd
    7 Files
  • 3
    Aug 3rd
    5 Files
  • 4
    Aug 4th
    7 Files
  • 5
    Aug 5th
    7 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close