Twenty Year Anniversary
Showing 26 - 50 of 5,715 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-3699-1
Posted Jul 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3699-1 - It was discovered that zziplib incorrectly handled certain malformed ZIP files. If a user or automated system were tricked into opening a specially crafted ZIP file, a remote attacker could cause zziplib to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-6381, CVE-2018-6484, CVE-2018-6540, CVE-2018-6541, CVE-2018-6869, CVE-2018-7725, CVE-2018-7726
MD5 | e1a866e78af6bf136d61080d383115a1
Ubuntu Security Notice USN-3698-2
Posted Jul 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3698-2 - USN-3698-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-12154, CVE-2017-12193, CVE-2017-15265, CVE-2018-1130, CVE-2018-3665, CVE-2018-5750, CVE-2018-5803, CVE-2018-6927, CVE-2018-7755, CVE-2018-7757
MD5 | d99c9b1c8afb3fd3cbaf8db904a91c13
Ubuntu Security Notice USN-3697-2
Posted Jul 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3697-2 - It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Jann Horn discovered that the 32 bit adjtimex syscall implementation for 64 bit Linux kernels did not properly initialize memory returned to user space in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2018-1130, CVE-2018-11508, CVE-2018-5750, CVE-2018-5803, CVE-2018-6927, CVE-2018-7755, CVE-2018-7757
MD5 | 909cda7a29febac98e75c2d0765c11bb
Ubuntu Security Notice USN-3696-2
Posted Jul 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3696-2 - USN-3696-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2017-13695, CVE-2017-18255, CVE-2017-18257, CVE-2018-1000204, CVE-2018-10021, CVE-2018-10087, CVE-2018-10124, CVE-2018-3665, CVE-2018-5814, CVE-2018-7755
MD5 | 7232f498840627d5ecbea781d6ae2d03
Ubuntu Security Notice USN-3697-1
Posted Jul 3, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3697-1 - It was discovered that a null pointer dereference vulnerability existed in the DCCP protocol implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Jann Horn discovered that the 32 bit adjtimex syscall implementation for 64 bit Linux kernels did not properly initialize memory returned to user space in some situations. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2018-1130, CVE-2018-11508, CVE-2018-5750, CVE-2018-5803, CVE-2018-6927, CVE-2018-7755, CVE-2018-7757
MD5 | 54b7a600656fb446c5ec64068acbde8c
Ubuntu Security Notice USN-3698-1
Posted Jul 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3698-1 - It was discovered that the nested KVM implementation in the Linux kernel in some situations did not properly prevent second level guests from reading and writing the hardware CR8 register. A local attacker in a guest could use this to cause a denial of service. Fan Wu, Haoran Qiu, and Shixiong Zhao discovered that the associative array implementation in the Linux kernel sometimes did not properly handle adding a new entry. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-12154, CVE-2017-12193, CVE-2017-15265, CVE-2018-1130, CVE-2018-3665, CVE-2018-5750, CVE-2018-5803, CVE-2018-6927, CVE-2018-7755, CVE-2018-7757
MD5 | 79e62f3c9db29224ec902903f92f2bff
Ubuntu Security Notice USN-3696-1
Posted Jul 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3696-1 - It was discovered that an integer overflow existed in the perf subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Wei Fang discovered an integer overflow in the F2FS filesystem implementation in the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that an information leak existed in the generic SCSI driver in the Linux kernel. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-13695, CVE-2017-18255, CVE-2017-18257, CVE-2018-1000204, CVE-2018-10021, CVE-2018-10087, CVE-2018-10124, CVE-2018-3665, CVE-2018-5814, CVE-2018-7755
MD5 | 85ebc7f68fdfd1ec62e89e89a7199622
Ubuntu Security Notice USN-3695-1
Posted Jul 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3695-1 - Wen Xu discovered that the ext4 file system implementation in the Linux kernel did not properly initialize the crc32c checksum driver. A local attacker could use this to cause a denial of service. It was discovered that the cdrom driver in the Linux kernel contained an incorrect bounds check. A local attacker could use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2018-1094, CVE-2018-10940, CVE-2018-1095, CVE-2018-11508, CVE-2018-7755
MD5 | 1ab8575ad708cdc9ce2f92f0db75ae9f
Ubuntu Security Notice USN-3695-2
Posted Jul 2, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3695-2 - USN-3695-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. Wen Xu discovered that the ext4 file system implementation in the Linux kernel did not properly initialize the crc32c checksum driver. A local attacker could use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2018-1094, CVE-2018-10940, CVE-2018-1095, CVE-2018-11508, CVE-2018-7755
MD5 | 6208e9e136bfff7fc82ca98b30f85bda
Ubuntu Security Notice USN-3686-2
Posted Jun 29, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3686-2 - USN-3686-1 fixed a vulnerability in file. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that file incorrectly handled certain magic files. An attacker could use this issue with a specially crafted magic file to cause a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2015-8865, CVE-2018-10360
MD5 | a5925e66541ee673aef6a9f48d20e4cc
Ubuntu Security Notice USN-3694-1
Posted Jun 29, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3694-1 - It was discovered that NASM incorrectly handled certain source files. If a user or automated system were tricked into processing a specially crafted source file, a remote attacker could use these issues to cause NASM to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-10686, CVE-2017-11111, CVE-2017-14228, CVE-2017-17810, CVE-2017-17811, CVE-2017-17812, CVE-2017-17813, CVE-2017-17814, CVE-2017-17815, CVE-2017-17816, CVE-2017-17817, CVE-2017-17818, CVE-2017-17819, CVE-2017-17820, CVE-2018-8881
MD5 | edefccd58f621f41c0bc69a20547819f
Ubuntu Security Notice USN-3693-1
Posted Jun 27, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3693-1 - It was discovered that JasPer incorrectly handled certain malformed JPEG-2000 image files. If a user or automated system using JasPer were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2015-5203, CVE-2015-5221, CVE-2016-10248, CVE-2016-10250, CVE-2016-8883, CVE-2016-8887, CVE-2016-9262, CVE-2016-9387, CVE-2016-9388, CVE-2016-9389, CVE-2016-9390, CVE-2016-9391, CVE-2016-9392, CVE-2016-9393, CVE-2016-9394, CVE-2016-9396, CVE-2016-9600, CVE-2017-1000050, CVE-2017-6850
MD5 | 95763496266b7205d9f7f78d10ac0617
Ubuntu Security Notice USN-3692-1
Posted Jun 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3692-1 - Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. Guido Vranken discovered that OpenSSL incorrectly handled very large prime values during a key agreement. A remote attacker could possibly use this issue to consume resources, leading to a denial of service. Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia and Luis Manuel Alvarez Tapia discovered that OpenSSL incorrectly handled RSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private RSA keys. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2018-0495, CVE-2018-0732, CVE-2018-0737
MD5 | 56cd52a341cc1f84b0df7977939c8ef3
Ubuntu Security Notice USN-3692-2
Posted Jun 26, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3692-2 - USN-3692-1 fixed a vulnerability in OpenSSL. This update provides the corresponding update for Ubuntu 12.04 ESM. Keegan Ryan discovered that OpenSSL incorrectly handled ECDSA key generation. An attacker could possibly use this issue to perform a cache-timing attack and recover private ECDSA keys. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2017-0737, CVE-2018-0495, CVE-2018-0732, CVE-2018-0737
MD5 | 9be3e658c83ed593e3a872b40b7f8a54
Ubuntu Security Notice USN-3691-1
Posted Jun 22, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3691-1 - It was discovered that the Security component of OpenJDK did not correctly perform merging of multiple sections for the same file listed in JAR archive file manifests. An attacker could possibly use this to modify attributes in a manifest without invalidating the signature. Francesco Palmarini, Marco Squarcina, Mauro Tempesta, and Riccardo Focardi discovered that the Security component of OpenJDK did not restrict which classes could be used when deserializing keys from the JCEKS key stores. An attacker could use this to specially craft a JCEKS key store to execute arbitrary code. Various other issues were also addressed.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-2790, CVE-2018-2794, CVE-2018-2795, CVE-2018-2796, CVE-2018-2797, CVE-2018-2798, CVE-2018-2799, CVE-2018-2800, CVE-2018-2814, CVE-2018-2815
MD5 | ae063cd3b9c6e04321f83b5de454d2e7
Ubuntu Security Notice USN-3690-1
Posted Jun 20, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3690-1 - Jann Horn discovered that microprocessors utilizing speculative execution and branch prediction may allow unauthorized memory reads via sidechannel attacks. This flaw is known as Spectre. A local attacker could use this to expose sensitive information, including kernel memory. This update provides the microcode updates for AMD 17H family processors required for the corresponding Linux kernel updates.

tags | advisory, kernel, local
systems | linux, ubuntu
advisories | CVE-2017-5715
MD5 | ae1e073f1e15a74b2954bb007e352225
Ubuntu Security Notice USN-3689-2
Posted Jun 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3689-2 - USN-3689-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding update for Ubuntu 12.04 ESM. Keegan Ryan discovered that Libgcrypt was susceptible to a side- channel attack. A local attacker could possibly use this attack to recover ECDSA private keys. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-0495
MD5 | 1bcad9aa93b3aefd025d12f27a5427a7
Ubuntu Security Notice USN-3689-1
Posted Jun 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3689-1 - Keegan Ryan discovered that Libgcrypt was susceptible to a side-channel attack. A local attacker could possibly use this attack to recover ECDSA private keys.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-0495
MD5 | 669d8760bbc286c2aa34f3be000a22d7
Ubuntu Security Notice USN-3688-1
Posted Jun 19, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3688-1 - Multiple memory safety issues were fixed in Spidermonkey. An attacker could potentially exploit these to cause a denial of service, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2017-7810, CVE-2017-7826, CVE-2018-5089, CVE-2018-5125, CVE-2018-5150
MD5 | b4b407d424d805cebd29041d02ce7436
Ubuntu Security Notice USN-3675-3
Posted Jun 18, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3675-3 - USN-3675-1 fixed a vulnerability in GnuPG. This update provides the corresponding update for Ubuntu 12.04 ESM. Marcus Brinkmann discovered that during decryption or verification, GnuPG did not properly filter out terminal sequences when reporting the original filename. An attacker could use this to specially craft a file that would cause an application parsing GnuPG output to incorrectly interpret the status of the cryptographic operation reported by GnuPG. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-12020
MD5 | 563a9a928ab29560f4bcb9624b999abd
Ubuntu Security Notice USN-3687-1
Posted Jun 18, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3687-1 - A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2018-12293, CVE-2018-4190, CVE-2018-4199, CVE-2018-4218, CVE-2018-4222, CVE-2018-4232, CVE-2018-4233
MD5 | 55bf9fa9e7a0502036a4c6a0c0d90f46
Ubuntu Security Notice USN-3678-4
Posted Jun 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3678-4 - Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly handle corrupted meta data in some situations. An attacker could use this to specially craft an ext4 file system that caused a denial of service when mounted. It was discovered that the 802.11 software simulator implementation in the Linux kernel contained a memory leak when handling certain error conditions. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.

tags | advisory, denial of service, kernel, local, memory leak
systems | linux, ubuntu
advisories | CVE-2018-10021, CVE-2018-1092, CVE-2018-8087
MD5 | 1d46e12aafc6190fd589563e09f2bb8a
Ubuntu Security Notice USN-3675-2
Posted Jun 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3675-2 - USN-3675-1 fixed a vulnerability in GnuPG 2 for Ubuntu 18.04 LTS and Ubuntu 17.10. This update provides the corresponding update for GnuPG 2 in Ubuntu 16.04 LTS and Ubuntu 14.04 LTS. Marcus Brinkmann discovered that during decryption or verification, GnuPG did not properly filter out terminal sequences when reporting the original filename. An attacker could use this to specially craft a file that would cause an application parsing GnuPG output to incorrectly interpret the status of the cryptographic operation reported by GnuPG. Various other issues were also addressed.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2018-12020
MD5 | 7bb33630cd3b5d2a623f796ae002ea14
Ubuntu Security Notice USN-3685-1
Posted Jun 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3685-1 - Some of these CVEs were already addressed in previous USN: 3439-1, 3553-1, 3528-1. It was discovered that Ruby incorrectly handled certain inputs. An attacker could use this to cause a buffer overrun. It was discovered that Ruby incorrectly handled certain files. An attacker could use this to overwrite any file on the filesystem. Various other issues were also addressed.

tags | advisory, overflow, ruby
systems | linux, ubuntu
advisories | CVE-2017-0898, CVE-2017-0901, CVE-2017-0902, CVE-2017-0903, CVE-2017-10784, CVE-2017-14064, CVE-2017-17742, CVE-2018-1000074, CVE-2018-8777
MD5 | 8e3eaae5e55f5657e198a4d0014a7723
Ubuntu Security Notice USN-3686-1
Posted Jun 14, 2018
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3686-1 - Alexander Cherepanov discovered that file incorrectly handled a large number of notes. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. Alexander Cherepanov discovered that file incorrectly handled certain long strings. An attacker could use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS. Alexander Cherepanov discovered that file incorrectly handled certain malformed ELF files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2014-9620, CVE-2014-9621, CVE-2014-9653, CVE-2015-8865, CVE-2018-10360
MD5 | d461c5706afdf66b380cf8a86deaf4f6
Page 2 of 229
Back12345Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    0 Files
  • 15
    Jul 15th
    0 Files
  • 16
    Jul 16th
    0 Files
  • 17
    Jul 17th
    0 Files
  • 18
    Jul 18th
    0 Files
  • 19
    Jul 19th
    0 Files
  • 20
    Jul 20th
    0 Files
  • 21
    Jul 21st
    0 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close