Stemcell (Linux) Release Notes
This topic includes release notes for Linux stemcells used with Ops Manager.
Xenial Stemcells
The following sections describe each Xenial stemcell release.
621.x
This section includes release notes for the 621.x line of Linux stemcells used with Ops Manager.
621.244
Available in VMware Tanzu Network
Release Date: May 25, 2022
Metadata:
BOSH Agent Version: 2.268.77
USNs:
Title: USN-5428-1: libXrandr vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5428-1
Priorities: low
Description:
Tobias Stoeckmann discovered that libXrandr incorrectly handled certain
responses. An attacker could possibly use this issue to cause a denial
of service, or possibly execute arbitrary code.
(CVE-2016-7947, CVE-2016-7948)
CVEs:
- https://ubuntu.com/security/CVE-2016-7947
- https://ubuntu.com/security/CVE-2016-7948
- https://ubuntu.com/security/CVE-2016-7947
- https://ubuntu.com/security/CVE-2016-7948
Title: USN-5436-1: libXrender vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5436-1
Priorities: low
Description:
Tobias Stoeckmann discovered that libXrender incorrectly handled certain
responses. An attacker could possibly use this issue to cause a denial
of service, or possibly execute arbitrary code.
(CVE-2016-7949, CVE-2016-7950)
CVEs:
- https://ubuntu.com/security/CVE-2016-7949
- https://ubuntu.com/security/CVE-2016-7950
- https://ubuntu.com/security/CVE-2016-7950
- https://ubuntu.com/security/CVE-2016-7949
Title: USN-5432-1: libpng vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5432-1
Priorities: low
Description:
It was discovered that libpng incorrectly handled memory when parsing
certain PNG files. If a user or automated system were tricked into opening
a specially crafted PNG file, an attacker could use this issue to cause
libpng to crash, resulting in a denial of service, or possible execute
arbitrary code. (CVE-2017-12652)
Zhengxiong Luo discovered that libpng incorrectly handled memory when parsing
certain PNG files. If a user or automated system were tricked into opening
a specially crafted PNG file, an attacker could use this issue to cause
libpng to crash, resulting in a denial of service, or possible execute
arbitrary code. (CVE-2018-14048)
CVEs:
- https://ubuntu.com/security/CVE-2017-12652
- https://ubuntu.com/security/CVE-2018-14048
- https://ubuntu.com/security/CVE-2017-12652
- https://ubuntu.com/security/CVE-2018-14048
Title: USN-5425-1: PCRE vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5425-1
Priorities: low,negligible
Description:
Yunho Kim discovered that PCRE incorrectly handled memory when
handling certain regular expressions. An attacker could possibly use
this issue to cause applications using PCRE to expose sensitive
information. This issue only affects Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS, Ubuntu 21.10 and Ubuntu 22.04 LTS. (CVE-2019-20838)
It was discovered that PCRE incorrectly handled memory when
handling certain regular expressions. An attacker could possibly use
this issue to cause applications using PCRE to have unexpected
behavior. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM,
Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14155)
CVEs:
- https://ubuntu.com/security/CVE-2019-20838
- https://ubuntu.com/security/CVE-2020-14155
- https://ubuntu.com/security/CVE-2020-14155
- https://ubuntu.com/security/CVE-2019-20838
Title: USN-5421-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5421-1
Priorities: negligible,low,medium
Description:
It was discovered that LibTIFF incorrectly handled certain images.
An attacker could possibly use this issue to cause a crash,
resulting in a denial of service. This issue only affects
Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-35522)
Chintan Shah discovered that LibTIFF incorrectly handled memory when
handling certain images. An attacker could possibly use this issue to
cause a crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2022-0561, CVE-2022-0562, CVE-2022-0891)
It was discovered that LibTIFF incorrectly handled certain images.
An attacker could possibly use this issue to cause a crash,
resulting in a denial of service. This issue only affects
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2022-0865)
CVEs:
- https://ubuntu.com/security/CVE-2020-35522
- https://ubuntu.com/security/CVE-2022-0561
- https://ubuntu.com/security/CVE-2022-0562
- https://ubuntu.com/security/CVE-2022-0891
- https://ubuntu.com/security/CVE-2022-0865
- https://ubuntu.com/security/CVE-2022-0891
- https://ubuntu.com/security/CVE-2022-0562
- https://ubuntu.com/security/CVE-2022-0561
- https://ubuntu.com/security/CVE-2020-35522
- https://ubuntu.com/security/CVE-2022-0865
Title: USN-5423-2: ClamAV vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5423-2
Priorities: low,medium
Description:
USN-5423-1 fixed several vulnerabilities in ClamAV. This update provides
the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files.
A remote attacker could possibly use this issue to cause ClamAV to stop
responding, resulting in a denial of service. (CVE-2022-20770)
Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF
files. A remote attacker could possibly use this issue to cause ClamAV to
stop responding, resulting in a denial of service. (CVE-2022-20771)
Michał Dardas discovered that ClamAV incorrectly handled parsing HTML
files. A remote attacker could possibly use this issue to cause ClamAV to
consume resources, resulting in a denial of service. (CVE-2022-20785)
Michał Dardas discovered that ClamAV incorrectly handled loading the
signature database. A remote attacker could possibly use this issue to
cause ClamAV to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2022-20792)
Alexander Patrakov and Antoine Gatineau discovered that ClamAV incorrectly
handled the scan verdict cache check. A remote attacker could possibly use
this issue to cause ClamAV to crash, resulting in a denial of service, or
possibly execute arbitrary code.(CVE-2022-20796)
CVEs:
- https://ubuntu.com/security/CVE-2022-20770
- https://ubuntu.com/security/CVE-2022-20771
- https://ubuntu.com/security/CVE-2022-20785
- https://ubuntu.com/security/CVE-2022-20792
- https://ubuntu.com/security/CVE-2022-20796
- https://ubuntu.com/security/CVE-2022-20771
- https://ubuntu.com/security/CVE-2022-20796
- https://ubuntu.com/security/CVE-2022-20785
- https://ubuntu.com/security/CVE-2022-20792
- https://ubuntu.com/security/CVE-2022-20770
Title: USN-5424-2: OpenLDAP vulnerability
URL: https://ubuntu.com/security/notices/USN-5424-2
Priorities: medium
Description:
USN-5424-1 fixed a vulnerability in OpenLDAP. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that OpenLDAP incorrectly handled certain SQL statements
within LDAP queries in the experimental back-sql backend. A remote attacker
could possibly use this issue to perform an SQL injection attack and alter
the database.
CVEs:
- https://ubuntu.com/security/CVE-2022-29155
Title: USN-5443-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5443-1
Priorities: high,medium
Description:
Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of
the Linux kernel did not properly perform reference counting in some
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2022-29581)
Jann Horn discovered that the Linux kernel did not properly enforce seccomp
restrictions in some situations. A local attacker could use this to bypass
intended seccomp sandbox restrictions. (CVE-2022-30594)
CVEs:
- https://ubuntu.com/security/CVE-2022-29581
- https://ubuntu.com/security/CVE-2022-30594
- https://ubuntu.com/security/CVE-2022-29581
- https://ubuntu.com/security/CVE-2022-30594
621.241
Available in VMware Tanzu Network
Release Date: May 17, 2022
Metadata:
BOSH Agent Version: 2.268.76
USNs:
Title: USN-5407-1: Cairo vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5407-1
Priorities: low
Description:
Gustavo Grieco, Alberto Garcia, Francisco Oca, Suleman Ali, and others
discovered that Cairo incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2016-9082, CVE-2017-9814, CVE-2019-6462)
Stephan Bergmann discovered that Cairo incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service,
or possibly execute arbitrary code.
(CVE-2020-35492)
CVEs:
- https://ubuntu.com/security/CVE-2016-9082
- https://ubuntu.com/security/CVE-2017-9814
- https://ubuntu.com/security/CVE-2019-6462
- https://ubuntu.com/security/CVE-2020-35492
- https://ubuntu.com/security/CVE-2017-9814
- https://ubuntu.com/security/CVE-2020-35492
- https://ubuntu.com/security/CVE-2019-6462
- https://ubuntu.com/security/CVE-2016-9082
Title: USN-5389-1: Libcroco vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5389-1
Priorities: low
Description:
It was discovered that Libcroco was incorrectly accessing data structures when
reading bytes from memory, which could cause a heap buffer overflow. An attacker
could possibly use this issue to cause a denial of service. (CVE-2017-7960)
It was discovered that Libcroco was incorrectly handling invalid UTF-8 values
when processing CSS files. An attacker could possibly use this issue to cause
a denial of service. (CVE-2017-8834, CVE-2017-8871)
It was discovered that Libcroco was incorrectly implementing recursion in one
of its parsing functions, which could cause an infinite recursion loop and a
stack overflow due to stack consumption. An attacker could possibly use this
issue to cause a denial of service. (CVE-2020-12825)
CVEs:
- https://ubuntu.com/security/CVE-2017-7960
- https://ubuntu.com/security/CVE-2017-8834
- https://ubuntu.com/security/CVE-2017-8871
- https://ubuntu.com/security/CVE-2020-12825
- https://ubuntu.com/security/CVE-2020-12825
- https://ubuntu.com/security/CVE-2017-8834
- https://ubuntu.com/security/CVE-2017-8871
- https://ubuntu.com/security/CVE-2017-7960
Title: USN-5405-1: jbig2dec vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5405-1
Priorities: low
Description:
It was discovered that jbig2dec incorrectly handled memory when parsing
invalid files. An attacker could use this issue to cause jbig2dec to crash,
leading to a denial of service. (CVE-2017-9216)
It was discovered that jbig2dec incorrectly handled memory when processing
untrusted input. An attacker could use this issue to cause a denial of service,
or possibly execute arbitrary code. (CVE-2020-12268)
CVEs:
- https://ubuntu.com/security/CVE-2017-9216
- https://ubuntu.com/security/CVE-2020-12268
- https://ubuntu.com/security/CVE-2017-9216
- https://ubuntu.com/security/CVE-2020-12268
Title: USN-5259-3: Cron regression
URL: https://ubuntu.com/security/notices/USN-5259-3
Priorities: low
Description:
USN-5259-1 and USN-5259-2 fixed vulnerabilities in Cron. Unfortunately
that update was incomplete and could introduce a regression. This update
fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that the postinst maintainer script in Cron unsafely
handled file permissions during package install or update operations.
An attacker could possibly use this issue to perform a privilege
escalation attack. (CVE-2017-9525)
Florian Weimer discovered that Cron incorrectly handled certain memory
operations during crontab file creation. An attacker could possibly use
this issue to cause a denial of service. (CVE-2019-9704)
It was discovered that Cron incorrectly handled user input during crontab
file creation. An attacker could possibly use this issue to cause a denial
of service. (CVE-2019-9705)
It was discovered that Cron contained a use-after-free vulnerability in
its force_rescan_user function. An attacker could possibly use this issue
to cause a denial of service. (CVE-2019-9706)
CVEs:
- https://ubuntu.com/security/CVE-2017-9525
- https://ubuntu.com/security/CVE-2019-9704
- https://ubuntu.com/security/CVE-2019-9705
- https://ubuntu.com/security/CVE-2019-9706
- https://ubuntu.com/security/CVE-2017-9525
Title: USN-5419-1: Rsyslog vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5419-1
Priorities: low
Description:
It was discovered that Rsyslog improperly handled certain invalid input. An
attacker could use this issue to cause Rsyslog to crash.
CVEs:
- https://ubuntu.com/security/CVE-2018-16881
- https://ubuntu.com/security/CVE-2019-17042
- https://ubuntu.com/security/CVE-2019-17041
Title: USN-5413-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5413-1
Priorities: low,medium
Description:
Jeremy Cline discovered a use-after-free in the nouveau graphics driver of
the Linux kernel during device removal. A privileged or physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2020-27820)
It was discovered that a race condition existed in the network scheduling
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-39713)
It was discovered that the Parallel NFS (pNFS) implementation in the Linux
kernel did not properly perform bounds checking in some situations. An
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2021-4157)
It was discovered that the ST21NFCA NFC driver in the Linux kernel did not
properly validate the size of certain data in EVT_TRANSACTION events. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-26490)
It was discovered that the Xilinx USB2 device gadget driver in the Linux
kernel did not properly validate endpoint indices from the host. A
physically proximate attacker could possibly use this to cause a denial of
service (system crash). (CVE-2022-27223)
It was discovered that the EMS CAN/USB interface implementation in the
Linux kernel contained a double-free vulnerability when handling certain
error conditions. A local attacker could use this to cause a denial of
service (memory exhaustion). (CVE-2022-28390)
CVEs:
- https://ubuntu.com/security/CVE-2020-27820
- https://ubuntu.com/security/CVE-2021-39713
- https://ubuntu.com/security/CVE-2021-4157
- https://ubuntu.com/security/CVE-2022-26490
- https://ubuntu.com/security/CVE-2022-27223
- https://ubuntu.com/security/CVE-2022-28390
- https://ubuntu.com/security/CVE-2021-4157
- https://ubuntu.com/security/CVE-2022-26490
- https://ubuntu.com/security/CVE-2022-28390
- https://ubuntu.com/security/CVE-2021-39713
- https://ubuntu.com/security/CVE-2022-27223
- https://ubuntu.com/security/CVE-2020-27820
Title: USN-5418-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5418-1
Priorities: medium,low
Description:
Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk,
Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre
Variant 2 mitigations for AMD processors on Linux were insufficient in some
situations. A local attacker could possibly use this to expose sensitive
information. (CVE-2021-26401)
Demi Marie Obenour and Simon Gaiser discovered that several Xen para-
virtualization device frontends did not properly restrict the access rights
of device backends. An attacker could possibly use a malicious Xen backend
to gain access to memory pages of a guest VM or cause a denial of service
in the guest. (CVE-2022-23036, CVE-2022-23037, CVE-2022-23038,
CVE-2022-23039, CVE-2022-23040, CVE-2022-23042)
It was discovered that the USB Gadget file system interface in the Linux
kernel contained a use-after-free vulnerability. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2022-24958)
It was discovered that the USB gadget subsystem in the Linux kernel did not
properly validate interface descriptor requests. An attacker could possibly
use this to cause a denial of service (system crash). (CVE-2022-25258)
It was discovered that the Remote NDIS (RNDIS) USB gadget implementation in
the Linux kernel did not properly validate the size of the RNDIS_MSG_SET
command. An attacker could possibly use this to expose sensitive
information (kernel memory). (CVE-2022-25375)
It was discovered that the ST21NFCA NFC driver in the Linux kernel did not
properly validate the size of certain data in EVT_TRANSACTION events. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-26490)
It was discovered that the USB SR9700 ethernet device driver for the Linux
kernel did not properly validate the length of requests from the device. A
physically proximate attacker could possibly use this to expose sensitive
information (kernel memory). (CVE-2022-26966)
It was discovered that the Xilinx USB2 device gadget driver in the Linux
kernel did not properly validate endpoint indices from the host. A
physically proximate attacker could possibly use this to cause a denial of
service (system crash). (CVE-2022-27223)
CVEs:
- https://ubuntu.com/security/CVE-2021-26401
- https://ubuntu.com/security/CVE-2022-23036
- https://ubuntu.com/security/CVE-2022-23037
- https://ubuntu.com/security/CVE-2022-23038
- https://ubuntu.com/security/CVE-2022-23039
- https://ubuntu.com/security/CVE-2022-23040
- https://ubuntu.com/security/CVE-2022-23042
- https://ubuntu.com/security/CVE-2022-24958
- https://ubuntu.com/security/CVE-2022-25258
- https://ubuntu.com/security/CVE-2022-25375
- https://ubuntu.com/security/CVE-2022-26490
- https://ubuntu.com/security/CVE-2022-26966
- https://ubuntu.com/security/CVE-2022-27223
- https://ubuntu.com/security/CVE-2022-27223
- https://ubuntu.com/security/CVE-2022-23038
- https://ubuntu.com/security/CVE-2022-24958
- https://ubuntu.com/security/CVE-2021-26401
- https://ubuntu.com/security/CVE-2022-23042
- https://ubuntu.com/security/CVE-2022-25258
- https://ubuntu.com/security/CVE-2022-26490
- https://ubuntu.com/security/CVE-2022-26966
- https://ubuntu.com/security/CVE-2022-23039
- https://ubuntu.com/security/CVE-2022-23040
- https://ubuntu.com/security/CVE-2022-25375
- https://ubuntu.com/security/CVE-2022-23037
- https://ubuntu.com/security/CVE-2022-23036
Title: USN-5179-2: BusyBox vulnerability
URL: https://ubuntu.com/security/notices/USN-5179-2
Priorities: low
Description:
USN-5179-1 fixed vulnerabilities in BusyBox. This update provides the
corresponding updates for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that BusyBox incorrectly handled certain malformed gzip
archives. If a user or automated system were tricked into processing a
specially crafted gzip archive, a remote attacker could use this issue to
cause BusyBox to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2021-28831)
CVEs:
- https://ubuntu.com/security/CVE-2021-28831
- https://ubuntu.com/security/CVE-2021-28831
Title: USN-5392-1: Mutt vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5392-1
Priorities: low,medium
Description:
It was discovered that Mutt incorrectly handled certain requests.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 20.04 LTS. (CVE-2021-32055)
It was discovered that Mutt incorrectly handled certain input.
An attacker could possibly use this issue to cause a crash,
or expose sensitive information. (CVE-2022-1328)
CVEs:
- https://ubuntu.com/security/CVE-2021-32055
- https://ubuntu.com/security/CVE-2022-1328
- https://ubuntu.com/security/CVE-2022-1328
- https://ubuntu.com/security/CVE-2021-32055
Title: USN-5391-1: libsepol vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5391-1
Priorities: low
Description:
Nicolas Iooss discovered that libsepol incorrectly handled memory
when handling policies. An attacker could possibly use this issue
to cause a crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2021-36084)
It was discovered that libsepol incorrectly handled memory when
handling policies. An attacker could possibly use this issue to cause
a crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2021-36085)
It was discovered that libsepol incorrectly handled memory when
handling policies. An attacker could possibly use this issue to cause
a crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue only affects Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2021-36086)
It was discovered that libsepol incorrectly validated certain data,
leading to a heap overflow. An attacker could possibly use this issue
to cause a crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2021-36087)
CVEs:
- https://ubuntu.com/security/CVE-2021-36084
- https://ubuntu.com/security/CVE-2021-36085
- https://ubuntu.com/security/CVE-2021-36086
- https://ubuntu.com/security/CVE-2021-36087
- https://ubuntu.com/security/CVE-2021-36086
- https://ubuntu.com/security/CVE-2021-36085
- https://ubuntu.com/security/CVE-2021-36084
- https://ubuntu.com/security/CVE-2021-36087
Title: USN-5409-1: libsndfile vulnerability
URL: https://ubuntu.com/security/notices/USN-5409-1
Priorities: low
Description:
It was discovered that libsndfile was incorrectly performing memory
management operations and incorrectly using buffers when executing
its FLAC codec. If a user or automated system were tricked into
processing a specially crafted sound file, an attacker could
possibly use this issue to cause a denial of service or obtain
sensitive information.
CVEs:
- https://ubuntu.com/security/CVE-2021-4156
Title: USN-5385-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5385-1
Priorities: medium,low,negligible
Description:
Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device
driver in the Linux kernel did not properly validate meta-data coming from
the device. A local attacker who can control an emulated device can use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-43975)
It was discovered that the UDF file system implementation in the Linux
kernel could attempt to dereference a null pointer in some situations. An
attacker could use this to construct a malicious UDF image that, when
mounted and operated on, could cause a denial of service (system crash).
(CVE-2022-0617)
Lyu Tao discovered that the NFS implementation in the Linux kernel did not
properly handle requests to open a directory on a regular file. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2022-24448)
It was discovered that the YAM AX.25 device driver in the Linux kernel did
not properly deallocate memory in some error conditions. A local privileged
attacker could use this to cause a denial of service (kernel memory
exhaustion). (CVE-2022-24959)
CVEs:
- https://ubuntu.com/security/CVE-2021-43975
- https://ubuntu.com/security/CVE-2022-0617
- https://ubuntu.com/security/CVE-2022-24448
- https://ubuntu.com/security/CVE-2022-24959
- https://ubuntu.com/security/CVE-2022-24448
- https://ubuntu.com/security/CVE-2022-24959
- https://ubuntu.com/security/CVE-2021-43975
- https://ubuntu.com/security/CVE-2022-0617
Title: USN-5400-2: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5400-2
Priorities: medium
Description:
USN-5400-1 fixed several vulnerabilities in MySQL. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated in Ubuntu 16.04 ESM to MySQL 5.7.38.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-38.html
https://www.oracle.com/security-alerts/cpuapr2022.html
CVEs:
- https://ubuntu.com/security/CVE-2022-21417
- https://ubuntu.com/security/CVE-2022-21451
- https://ubuntu.com/security/CVE-2022-21460
- https://ubuntu.com/security/CVE-2022-21444
- https://ubuntu.com/security/CVE-2022-21454
- https://ubuntu.com/security/CVE-2022-21427
Title: USN-5354-2: Twisted vulnerability
URL: https://ubuntu.com/security/notices/USN-5354-2
Priorities: medium
Description:
USN-5354-1 fixed vulnerabilities in Twisted. This update provides the
corresponding updates for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and
Ubuntu 22.04 LTS.
Original advisory details:
It was discovered that Twisted incorrectly processed SSH handshake data on
connection establishments. A remote attacker could use this issue to cause
Twisted to crash, resulting in a denial of service. (CVE-2022-21716)
CVEs:
- https://ubuntu.com/security/CVE-2022-21716
- https://ubuntu.com/security/CVE-2022-21716
621.236
Available in VMware Tanzu Network
Release Date: April 21, 2022
Notice:
The kernel patches included in 621.224 are now in the main kernel repository and have been included in this release.
Metadata:
BOSH Agent Version: 2.268.72
USNs:
Title: USN-5371-1: nginx vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5371-1
Priorities: medium,low
Description:
It was discovered that nginx Lua module mishandled certain inputs.
An attacker could possibly use this issue to perform an HTTP Request
Smuggling attack. This issue only affects Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-11724)
It was discovered that nginx Lua module mishandled certain inputs.
An attacker could possibly use this issue to disclose sensitive
information. This issue only affects Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-36309)
It was discovered that nginx mishandled the use of
compatible certificates among multiple encryption protocols.
If a remote attacker were able to intercept the communication,
this issue could be used to redirect traffic between subdomains.
(CVE-2021-3618)
CVEs:
- https://ubuntu.com/security/CVE-2020-11724
- https://ubuntu.com/security/CVE-2020-36309
- https://ubuntu.com/security/CVE-2021-3618
- https://ubuntu.com/security/CVE-2020-36309
- https://ubuntu.com/security/CVE-2021-3618
- https://ubuntu.com/security/CVE-2020-11724
Title: USN-5373-2: Django vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5373-2
Priorities: high,medium
Description:
USN-5373-1 fixed several vulnerabilities in Django. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Django incorrectly handled certain certain column
aliases in the QuerySet.annotate(), aggregate(), and extra() methods. A
remote attacker could possibly use this issue to perform an SQL injection
attack. (CVE-2022-28346)
It was discovered that the Django URLValidator function incorrectly handled
newlines and tabs. A remote attacker could possibly use this issue to
perform a header injection attack. (CVE-2021-32052)
CVEs:
- https://ubuntu.com/security/CVE-2022-28346
- https://ubuntu.com/security/CVE-2021-32052
- https://ubuntu.com/security/CVE-2021-32052
- https://ubuntu.com/security/CVE-2022-28346
621.224
Available in VMware Tanzu Network
Release Date: March 23, 2022
Notice:
This stemcell contains a patched version of the kernel to address the issues found in 621.216. We have tested this patched kernel against the problems seen in 621.216 and no longer see the problem. We will release another stemcell in mid-April when that kernel patch makes it into the main kernel repository.
Metadata:
BOSH Agent Version: 2.268.65
USNs:
Title: USN-5322-1: Subversion vulnerability
URL: https://ubuntu.com/security/notices/USN-5322-1
Priorities: medium
Description:
Thomas Akesson discovered that Subversion incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
CVEs:
- https://ubuntu.com/security/CVE-2020-17525
Title: USN-5328-2: OpenSSL vulnerability
URL: https://ubuntu.com/security/notices/USN-5328-2
Priorities: high
Description:
USN-5328-1 fixed a vulnerability in OpenSSL. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Tavis Ormandy discovered that OpenSSL incorrectly parsed certain
certificates. A remote attacker could possibly use this issue to cause
OpenSSH to stop responding, resulting in a denial of service.
CVEs:
- https://ubuntu.com/security/CVE-2022-0778
Title: USN-5320-1: Expat vulnerabilities and regression
URL: https://ubuntu.com/security/notices/USN-5320-1
Priorities: high,medium
Description:
USN-5288-1 fixed several vulnerabilities in Expat. For CVE-2022-25236 it
caused a regression and an additional patch was required. This update address
this regression and several other vulnerabilities.
It was discovered that Expat incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2022-25313)
It was discovered that Expat incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash
or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2022-25314)
It was discovered that Expat incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. (CVE-2022-25315)
Original advisory details:
It was discovered that Expat incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code. (CVE-2022-25236)
CVEs:
- https://ubuntu.com/security/CVE-2022-25236
- https://ubuntu.com/security/CVE-2022-25313
- https://ubuntu.com/security/CVE-2022-25314
- https://ubuntu.com/security/CVE-2022-25315
- https://ubuntu.com/security/CVE-2022-25236
- https://ubuntu.com/security/CVE-2022-25314
- https://ubuntu.com/security/CVE-2022-25315
- https://ubuntu.com/security/CVE-2022-25313
Title: USN-5334-1: man-db vulnerability
URL: https://ubuntu.com/security/notices/USN-5334-1
Priorities: low
Description:
It was discovered that man-db incorrectly handled permission changing
operations in its daily cron job, and was therefore affected by a race
condition. An attacker could possibly use this issue to escalate privileges
and execute arbitrary code.
CVEs:
- https://ubuntu.com/security/CVE-2015-1336
Title: USN-5331-1: tcpdump vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5331-1
Priorities: low
Description:
It was discovered that tcpdump incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service,
or possibly execute arbitrary code. (CVE-2018-16301)
It was discovered that tcpdump incorrectly handled certain captured data.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2020-8037)
CVEs:
- https://ubuntu.com/security/CVE-2018-16301
- https://ubuntu.com/security/CVE-2020-8037
- https://ubuntu.com/security/CVE-2018-16301
- https://ubuntu.com/security/CVE-2020-8037
Title: USN-5325-1: Zsh vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5325-1
Priorities: low
Description:
Sam Foxman discovered that Zsh incorrectly handled certain inputs.
An attacker could possibly use this issue to regain dropped privileges.
(CVE-2019-20044)
It was discovered that Zsh incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2021-45444)
CVEs:
- https://ubuntu.com/security/CVE-2019-20044
- https://ubuntu.com/security/CVE-2021-45444
- https://ubuntu.com/security/CVE-2021-45444
- https://ubuntu.com/security/CVE-2019-20044
Title: USN-5329-1: tar vulnerability
URL: https://ubuntu.com/security/notices/USN-5329-1
Priorities: low
Description:
It was discovered that tar incorrectly handled certain files.
An attacker could possibly use this issue to cause tar to crash,
resulting in a denial of service.
CVEs:
- https://ubuntu.com/security/CVE-2021-20193
Title: USN-5332-2: Bind vulnerability
URL: https://ubuntu.com/security/notices/USN-5332-2
Priorities: medium
Description:
USN-5332-1 fixed a vulnerability in Bind. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Xiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind
incorrectly handled certain bogus NS records when using forwarders. A
remote attacker could possibly use this issue to manipulate cache results.
(CVE-2021-25220)
CVEs:
- https://ubuntu.com/security/CVE-2021-25220
- https://ubuntu.com/security/CVE-2021-25220
Title: USN-5343-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5343-1
Priorities: high,low,medium,negligible
Description:
Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the
Linux kernel did not properly restrict access to the cgroups v1
release_agent feature. A local attacker could use this to gain
administrative privileges. (CVE-2022-0492)
It was discovered that the aufs file system in the Linux kernel did not
properly restrict mount namespaces, when mounted with the non-default
allow_userns option set. A local attacker could use this to gain
administrative privileges. (CVE-2016-2853)
It was discovered that the aufs file system in the Linux kernel did not
properly maintain POSIX ACL xattr data, when mounted with the non-default
allow_userns option. A local attacker could possibly use this to gain
elevated privileges. (CVE-2016-2854)
It was discovered that the f2fs file system in the Linux kernel did not
properly validate metadata in some situations. An attacker could use this
to construct a malicious f2fs image that, when mounted and operated on,
could cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2019-19449)
It was discovered that the XFS file system implementation in the Linux
kernel did not properly validate meta data in some circumstances. An
attacker could use this to construct a malicious XFS image that, when
mounted, could cause a denial of service. (CVE-2020-12655)
Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the
Linux kernel contained a reference counting error. A local attacker could
use this to cause a denial of service (system crash). (CVE-2020-25670)
Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the
Linux kernel did not properly deallocate memory in certain error
situations. A local attacker could use this to cause a denial of service
(memory exhaustion). (CVE-2020-25671, CVE-2020-25672)
Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the
Linux kernel did not properly handle error conditions in some situations,
leading to an infinite loop. A local attacker could use this to cause a
denial of service. (CVE-2020-25673)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation
incorrectly handled EAPOL frames from unauthenticated senders. A physically
proximate attacker could inject malicious packets to cause a denial of
service (system crash). (CVE-2020-26139)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could
reassemble mixed encrypted and plaintext fragments. A physically proximate
attacker could possibly use this issue to inject packets or exfiltrate
selected fragments. (CVE-2020-26147)
It was discovered that the BR/EDR pin-code pairing procedure in the Linux
kernel was vulnerable to an impersonation attack. A physically proximate
attacker could possibly use this to pair to a device without knowledge of
the pin-code. (CVE-2020-26555)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly perform access control. An authenticated attacker could possibly
use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129)
It was discovered that the FUSE user space file system implementation in
the Linux kernel did not properly handle bad inodes in some situations. A
local attacker could possibly use this to cause a denial of service.
(CVE-2020-36322)
It was discovered that the Infiniband RDMA userspace connection manager
implementation in the Linux kernel contained a race condition leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possible execute arbitrary code.
(CVE-2020-36385)
It was discovered that the DRM subsystem in the Linux kernel contained
double-free vulnerabilities. A privileged attacker could possibly use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2021-20292)
It was discovered that a race condition existed in the timer implementation
in the Linux kernel. A privileged attacker could use this to cause a denial
of service. (CVE-2021-20317)
Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the
nfc implementation in the Linux kernel. A privileged local attacker could
use this issue to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-23134)
It was discovered that the Xen paravirtualization backend in the Linux
kernel did not properly deallocate memory in some situations. A local
attacker could use this to cause a denial of service (memory exhaustion).
(CVE-2021-28688)
It was discovered that the RPA PCI Hotplug driver implementation in the
Linux kernel did not properly handle device name writes via sysfs, leading
to a buffer overflow. A privileged attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2021-28972)
It was discovered that a race condition existed in the netfilter subsystem
of the Linux kernel when replacing tables. A local attacker could use this
to cause a denial of service (system crash). (CVE-2021-29650)
It was discovered that a race condition in the kernel Bluetooth subsystem
could lead to use-after-free of slab objects. An attacker could use this
issue to possibly execute arbitrary code. (CVE-2021-32399)
It was discovered that the CIPSO implementation in the Linux kernel did not
properly perform reference counting in some situations, leading to use-
after-free vulnerabilities. An attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-33033)
It was discovered that a use-after-free existed in the Bluetooth HCI driver
of the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-33034)
Asaf Modelevsky discovered that the Intel® Ethernet ixgbe driver for the
Linux kernel did not properly validate large MTU requests from Virtual
Function (VF) devices. A local attacker could possibly use this to cause a
denial of service. (CVE-2021-33098)
Norbert Slusarek discovered that the CAN broadcast manger (bcm) protocol
implementation in the Linux kernel did not properly initialize memory in
some situations. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2021-34693)
马哲宇 discovered that the IEEE 1394 (Firewire) nosy packet sniffer driver in
the Linux kernel did not properly perform reference counting in some
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-3483)
It was discovered that an out-of-bounds (OOB) memory access flaw existed in
the f2fs module of the Linux kernel. A local attacker could use this issue
to cause a denial of service (system crash). (CVE-2021-3506)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle HCI device initialization failure, leading to a double-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2021-3564)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle HCI device detach events, leading to a use-after-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2021-3573)
Murray McAllister discovered that the joystick device interface in the
Linux kernel did not properly validate data passed via an ioctl(). A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code on systems with a joystick device
registered. (CVE-2021-3612)
It was discovered that the tracing subsystem in the Linux kernel did not
properly keep track of per-cpu ring buffer state. A privileged attacker
could use this to cause a denial of service. (CVE-2021-3679)
It was discovered that the Virtio console implementation in the Linux
kernel did not properly validate input lengths in some situations. A local
attacker could possibly use this to cause a denial of service (system
crash). (CVE-2021-38160)
It was discovered that the KVM hypervisor implementation in the Linux
kernel did not properly compute the access permissions for shadow pages in
some situations. A local attacker could use this to cause a denial of
service. (CVE-2021-38198)
It was discovered that the MAX-3421 host USB device driver in the Linux
kernel did not properly handle device removal events. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2021-38204)
It was discovered that the NFC implementation in the Linux kernel did not
properly handle failed connect events leading to a NULL pointer
dereference. A local attacker could use this to cause a denial of service.
(CVE-2021-38208)
It was discovered that the configfs interface for USB gadgets in the Linux
kernel contained a race condition. A local attacker could possibly use this
to expose sensitive information (kernel memory). (CVE-2021-39648)
It was discovered that the ext4 file system in the Linux kernel contained a
race condition when writing xattrs to an inode. A local attacker could use
this to cause a denial of service or possibly gain administrative
privileges. (CVE-2021-40490)
It was discovered that the 6pack network protocol driver in the Linux
kernel did not properly perform validation checks. A privileged attacker
could use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2021-42008)
It was discovered that the ISDN CAPI implementation in the Linux kernel
contained a race condition in certain situations that could trigger an
array out-of-bounds bug. A privileged local attacker could possibly use
this to cause a denial of service or execute arbitrary code.
(CVE-2021-43389)
It was discovered that the Phone Network protocol (PhoNet) implementation
in the Linux kernel did not properly perform reference counting in some
error conditions. A local attacker could possibly use this to cause a
denial of service (memory exhaustion). (CVE-2021-45095)
Wenqing Liu discovered that the f2fs file system in the Linux kernel did
not properly validate the last xattr entry in an inode. An attacker could
use this to construct a malicious f2fs image that, when mounted and
operated on, could cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-45469)
Amit Klein discovered that the IPv6 implementation in the Linux kernel
could disclose internal state in some situations. An attacker could
possibly use this to expose sensitive information. (CVE-2021-45485)
It was discovered that the per cpu memory allocator in the Linux kernel
could report kernel pointers via dmesg. An attacker could use this to
expose sensitive information or in conjunction with another kernel
vulnerability. (CVE-2018-5995)
CVEs:
- https://ubuntu.com/security/CVE-2022-0492
- https://ubuntu.com/security/CVE-2016-2853
- https://ubuntu.com/security/CVE-2016-2854
- https://ubuntu.com/security/CVE-2019-19449
- https://ubuntu.com/security/CVE-2020-12655
- https://ubuntu.com/security/CVE-2020-25670
- https://ubuntu.com/security/CVE-2020-25671
- https://ubuntu.com/security/CVE-2020-25672
- https://ubuntu.com/security/CVE-2020-25673
- https://ubuntu.com/security/CVE-2020-26139
- https://ubuntu.com/security/CVE-2020-26147
- https://ubuntu.com/security/CVE-2020-26555
- https://ubuntu.com/security/CVE-2020-26558
- https://ubuntu.com/security/CVE-2021-0129
- https://ubuntu.com/security/CVE-2020-36322
- https://ubuntu.com/security/CVE-2020-36385
- https://ubuntu.com/security/CVE-2021-20292
- https://ubuntu.com/security/CVE-2021-20317
- https://ubuntu.com/security/CVE-2021-23134
- https://ubuntu.com/security/CVE-2021-28688
- https://ubuntu.com/security/CVE-2021-28972
- https://ubuntu.com/security/CVE-2021-29650
- https://ubuntu.com/security/CVE-2021-32399
- https://ubuntu.com/security/CVE-2021-33033
- https://ubuntu.com/security/CVE-2021-33034
- https://ubuntu.com/security/CVE-2021-33098
- https://ubuntu.com/security/CVE-2021-34693
- https://ubuntu.com/security/CVE-2021-3483
- https://ubuntu.com/security/CVE-2021-3506
- https://ubuntu.com/security/CVE-2021-3564
- https://ubuntu.com/security/CVE-2021-3573
- https://ubuntu.com/security/CVE-2021-3612
- https://ubuntu.com/security/CVE-2021-3679
- https://ubuntu.com/security/CVE-2021-38160
- https://ubuntu.com/security/CVE-2021-38198
- https://ubuntu.com/security/CVE-2021-38204
- https://ubuntu.com/security/CVE-2021-38208
- https://ubuntu.com/security/CVE-2021-39648
- https://ubuntu.com/security/CVE-2021-40490
- https://ubuntu.com/security/CVE-2021-42008
- https://ubuntu.com/security/CVE-2021-43389
- https://ubuntu.com/security/CVE-2021-45095
- https://ubuntu.com/security/CVE-2021-45469
- https://ubuntu.com/security/CVE-2021-45485
- https://ubuntu.com/security/CVE-2018-5995
- https://ubuntu.com/security/CVE-2020-25673
- https://ubuntu.com/security/CVE-2021-3564
- https://ubuntu.com/security/CVE-2021-0129
- https://ubuntu.com/security/CVE-2021-20317
- https://ubuntu.com/security/CVE-2020-26558
- https://ubuntu.com/security/CVE-2020-36385
- https://ubuntu.com/security/CVE-2021-39648
- https://ubuntu.com/security/CVE-2022-0492
- https://ubuntu.com/security/CVE-2021-20292
- https://ubuntu.com/security/CVE-2020-25671
- https://ubuntu.com/security/CVE-2020-12655
- https://ubuntu.com/security/CVE-2021-34693
- https://ubuntu.com/security/CVE-2020-26147
- https://ubuntu.com/security/CVE-2018-5995
- https://ubuntu.com/security/CVE-2021-33034
- https://ubuntu.com/security/CVE-2020-25670
- https://ubuntu.com/security/CVE-2021-38198
- https://ubuntu.com/security/CVE-2021-40490
- https://ubuntu.com/security/CVE-2021-33033
- https://ubuntu.com/security/CVE-2021-43389
- https://ubuntu.com/security/CVE-2021-3612
- https://ubuntu.com/security/CVE-2021-38160
- https://ubuntu.com/security/CVE-2020-26139
- https://ubuntu.com/security/CVE-2016-2853
- https://ubuntu.com/security/CVE-2021-38204
- https://ubuntu.com/security/CVE-2021-33098
- https://ubuntu.com/security/CVE-2021-3573
- https://ubuntu.com/security/CVE-2021-45469
- https://ubuntu.com/security/CVE-2021-28688
- https://ubuntu.com/security/CVE-2021-38208
- https://ubuntu.com/security/CVE-2021-42008
- https://ubuntu.com/security/CVE-2020-25672
- https://ubuntu.com/security/CVE-2016-2854
- https://ubuntu.com/security/CVE-2021-45095
- https://ubuntu.com/security/CVE-2021-3679
- https://ubuntu.com/security/CVE-2020-36322
- https://ubuntu.com/security/CVE-2019-19449
- https://ubuntu.com/security/CVE-2021-45485
- https://ubuntu.com/security/CVE-2020-26555
- https://ubuntu.com/security/CVE-2021-28972
- https://ubuntu.com/security/CVE-2021-23134
- https://ubuntu.com/security/CVE-2021-32399
- https://ubuntu.com/security/CVE-2021-3506
- https://ubuntu.com/security/CVE-2021-3483
- https://ubuntu.com/security/CVE-2021-29650
Title: USN-5339-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5339-1
Priorities: high,medium,low
Description:
Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the
Linux kernel did not properly restrict access to the cgroups v1
release_agent feature. A local attacker could use this to gain
administrative privileges. (CVE-2022-0492)
It was discovered that an out-of-bounds (OOB) memory access flaw existed in
the f2fs module of the Linux kernel. A local attacker could use this issue
to cause a denial of service (system crash). (CVE-2021-3506)
Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver
in the Linux kernel did not properly handle some error conditions. A
physically proximate attacker could use this to cause a denial of service
(system crash). (CVE-2021-43976)
It was discovered that the ARM Trusted Execution Environment (TEE)
subsystem in the Linux kernel contained a race condition leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service or possibly execute arbitrary code. (CVE-2021-44733)
It was discovered that the Phone Network protocol (PhoNet) implementation
in the Linux kernel did not properly perform reference counting in some
error conditions. A local attacker could possibly use this to cause a
denial of service (memory exhaustion). (CVE-2021-45095)
Samuel Page discovered that the Transparent Inter-Process Communication
(TIPC) protocol implementation in the Linux kernel contained a stack-based
buffer overflow. A remote attacker could use this to cause a denial of
service (system crash) for systems that have a TIPC bearer configured.
(CVE-2022-0435)
CVEs:
- https://ubuntu.com/security/CVE-2022-0492
- https://ubuntu.com/security/CVE-2021-3506
- https://ubuntu.com/security/CVE-2021-43976
- https://ubuntu.com/security/CVE-2021-44733
- https://ubuntu.com/security/CVE-2021-45095
- https://ubuntu.com/security/CVE-2022-0435
- https://ubuntu.com/security/CVE-2022-0435
- https://ubuntu.com/security/CVE-2022-0492
- https://ubuntu.com/security/CVE-2021-43976
- https://ubuntu.com/security/CVE-2021-3506
- https://ubuntu.com/security/CVE-2021-44733
- https://ubuntu.com/security/CVE-2021-45095
621.216
Release Date: March 09, 2022
Known Iissues
- There are currently reported issues with this stemcell and TAS Diego Cells. We have removed this stemcell until we can resolve the issue. If you need access, please contact support.
#### Metadata:
BOSH Agent Version: 2.268.63
#### USNs:
Title: USN-5300-1: PHP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5300-1
Priorities: low,medium
Description:
It was discovered that PHP incorrectly handled certain scripts.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2015-9253, CVE-2017-8923, CVE-2017-9118, CVE-2017-9120)
It was discovered that PHP incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service,
or possibly obtain sensitive information. (CVE-2017-9119)
It was discovered that PHP incorrectly handled certain scripts with XML
parsing functions.
An attacker could possibly use this issue to obtain sensitive information.
(CVE-2021-21707)
CVEs:
- https://ubuntu.com/security/CVE-2015-9253
- https://ubuntu.com/security/CVE-2017-8923
- https://ubuntu.com/security/CVE-2017-9118
- https://ubuntu.com/security/CVE-2017-9120
- https://ubuntu.com/security/CVE-2017-9119
- https://ubuntu.com/security/CVE-2021-21707
- https://ubuntu.com/security/CVE-2017-8923
- https://ubuntu.com/security/CVE-2017-9118
- https://ubuntu.com/security/CVE-2017-9120
- https://ubuntu.com/security/CVE-2015-9253
- https://ubuntu.com/security/CVE-2017-9119
- https://ubuntu.com/security/CVE-2021-21707
Title: USN-5299-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5299-1
Priorities: medium,low
Description:
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could
reassemble mixed encrypted and plaintext fragments. A physically proximate
attacker could possibly use this issue to inject packets or exfiltrate
selected fragments. (CVE-2020-26147)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly perform access control. An authenticated attacker could possibly
use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129)
It was discovered that the RPA PCI Hotplug driver implementation in the
Linux kernel did not properly handle device name writes via sysfs, leading
to a buffer overflow. A privileged attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2021-28972)
It was discovered that a use-after-free existed in the Bluetooth HCI driver
of the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-33034)
Norbert Slusarek discovered that the CAN broadcast manger (bcm) protocol
implementation in the Linux kernel did not properly initialize memory in
some situations. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2021-34693)
马哲宇 discovered that the IEEE 1394 (Firewire) nosy packet sniffer driver in
the Linux kernel did not properly perform reference counting in some
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-3483)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle HCI device initialization failure, leading to a double-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2021-3564)
Murray McAllister discovered that the joystick device interface in the
Linux kernel did not properly validate data passed via an ioctl(). A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code on systems with a joystick device
registered. (CVE-2021-3612)
It was discovered that the tracing subsystem in the Linux kernel did not
properly keep track of per-cpu ring buffer state. A privileged attacker
could use this to cause a denial of service. (CVE-2021-3679)
It was discovered that the MAX-3421 host USB device driver in the Linux
kernel did not properly handle device removal events. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2021-38204)
It was discovered that the 6pack network protocol driver in the Linux
kernel did not properly perform validation checks. A privileged attacker
could use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2021-42008)
Amit Klein discovered that the IPv6 implementation in the Linux kernel
could disclose internal state in some situations. An attacker could
possibly use this to expose sensitive information. (CVE-2021-45485)
CVEs: - https://ubuntu.com/security/CVE-2020-26147
- https://ubuntu.com/security/CVE-2020-26558
- https://ubuntu.com/security/CVE-2021-0129
- https://ubuntu.com/security/CVE-2021-28972
- https://ubuntu.com/security/CVE-2021-33034
- https://ubuntu.com/security/CVE-2021-34693
- https://ubuntu.com/security/CVE-2021-3483
- https://ubuntu.com/security/CVE-2021-3564
- https://ubuntu.com/security/CVE-2021-3612
- https://ubuntu.com/security/CVE-2021-3679
- https://ubuntu.com/security/CVE-2021-38204
- https://ubuntu.com/security/CVE-2021-42008
- https://ubuntu.com/security/CVE-2021-45485
- https://ubuntu.com/security/CVE-2020-26558
- https://ubuntu.com/security/CVE-2021-3564
- https://ubuntu.com/security/CVE-2021-34693
- https://ubuntu.com/security/CVE-2021-3483
- https://ubuntu.com/security/CVE-2020-26147
- https://ubuntu.com/security/CVE-2021-28972
- https://ubuntu.com/security/CVE-2021-33034
- https://ubuntu.com/security/CVE-2021-42008
- https://ubuntu.com/security/CVE-2021-45485
- https://ubuntu.com/security/CVE-2021-38204
- https://ubuntu.com/security/CVE-2021-0129
- https://ubuntu.com/security/CVE-2021-3679
- https://ubuntu.com/security/CVE-2021-3612
Title: USN-5298-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5298-1
Priorities: medium,low
Description:
It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)
Jürgen Groß discovered that the Xen subsystem within the Linux kernel did
not adequately limit the number of events driver domains (unprivileged PV
backends) could send to other guest VMs. An attacker in a driver domain
could use this to cause a denial of service in other guest VMs.
(CVE-2021-28711, CVE-2021-28712, CVE-2021-28713)
Jürgen Groß discovered that the Xen network backend driver in the Linux
kernel did not adequately limit the amount of queued packets when a guest
did not process them. An attacker in a guest VM can use this to cause a
denial of service (excessive kernel memory consumption) in the network
backend domain. (CVE-2021-28714, CVE-2021-28715)
Szymon Heidrich discovered that the USB Gadget subsystem in the Linux
kernel did not properly restrict the size of control requests for certain
gadget types, leading to possible out of bounds reads or writes. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2021-39685)
Jann Horn discovered a race condition in the Unix domain socket
implementation in the Linux kernel that could result in a read-after-free.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-4083)
Kirill Tkhai discovered that the XFS file system implementation in the
Linux kernel did not calculate size correctly when pre-allocating space in
some situations. A local attacker could use this to expose sensitive
information. (CVE-2021-4155)
Lin Ma discovered that the NFC Controller Interface (NCI) implementation in
the Linux kernel contained a race condition, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-4202)
Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in
the Linux kernel did not perform a GPU TLB flush in some situations. A
local attacker could use this to cause a denial of service or possibly
execute arbitrary code. (CVE-2022-0330)
It was discovered that the VMware Virtual GPU driver in the Linux kernel
did not properly handle certain failure conditions, leading to a stale
entry in the file descriptor table. A local attacker could use this to
expose sensitive information or possibly gain administrative privileges.
(CVE-2022-22942)
CVEs: - https://ubuntu.com/security/CVE-2021-22600
- https://ubuntu.com/security/CVE-2021-28711
- https://ubuntu.com/security/CVE-2021-28712
- https://ubuntu.com/security/CVE-2021-28713
- https://ubuntu.com/security/CVE-2021-28714
- https://ubuntu.com/security/CVE-2021-28715
- https://ubuntu.com/security/CVE-2021-39685
- https://ubuntu.com/security/CVE-2021-4083
- https://ubuntu.com/security/CVE-2021-4155
- https://ubuntu.com/security/CVE-2021-4202
- https://ubuntu.com/security/CVE-2022-0330
- https://ubuntu.com/security/CVE-2022-22942
- https://ubuntu.com/security/CVE-2021-39685
- https://ubuntu.com/security/CVE-2021-28715
- https://ubuntu.com/security/CVE-2021-28711
- https://ubuntu.com/security/CVE-2021-4083
- https://ubuntu.com/security/CVE-2021-28713
- https://ubuntu.com/security/CVE-2022-0330
- https://ubuntu.com/security/CVE-2021-28712
- https://ubuntu.com/security/CVE-2021-28714
- https://ubuntu.com/security/CVE-2021-22600
- https://ubuntu.com/security/CVE-2022-22942
- https://ubuntu.com/security/CVE-2021-4155
- https://ubuntu.com/security/CVE-2021-4202
Title: USN-5292-4: snapd regression
URL: https://ubuntu.com/security/notices/USN-5292-4
Priorities: medium,high
Description:
USN-5292-1 fixed a vulnerability in snapd. Unfortunately that update introduced
a regression that could break the fish shell. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
James Troup discovered that snap did not properly manage the permissions for
the snap directories. A local attacker could possibly use this issue to expose
sensitive information. (CVE-2021-3155)
Ian Johnson discovered that snapd did not properly validate content interfaces
and layout paths. A local attacker could possibly use this issue to inject
arbitrary AppArmor policy rules, resulting in a bypass of intended access
restrictions. (CVE-2021-4120)
The Qualys Research Team discovered that snapd did not properly validate the
location of the snap-confine binary. A local attacker could possibly use this
issue to execute other arbitrary binaries and escalate privileges.
(CVE-2021-44730)
The Qualys Research Team discovered that a race condition existed in the snapd
snap-confine binary when preparing a private mount namespace for a snap. A
local attacker could possibly use this issue to escalate privileges and
execute arbitrary code. (CVE-2021-44731)
CVEs: - https://ubuntu.com/security/CVE-2021-3155
- https://ubuntu.com/security/CVE-2021-4120
- https://ubuntu.com/security/CVE-2021-44730
- https://ubuntu.com/security/CVE-2021-44731
Title: USN-5310-2: GNU C Library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5310-2
Priorities: medium,low
Description:
USN-5310-1 fixed several vulnerabilities in GNU. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that the GNU C library getcwd function incorrectly
handled buffers. An attacker could use this issue to cause the GNU C
Library to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2021-3999)
It was discovered that the GNU C Library sunrpc module incorrectly handled
buffer lengths. An attacker could possibly use this issue to cause the GNU
C Library to crash, resulting in a denial of service. (CVE-2022-23218,
CVE-2022-23219)
CVEs: - https://ubuntu.com/security/CVE-2021-3999
- https://ubuntu.com/security/CVE-2022-23218
- https://ubuntu.com/security/CVE-2022-23219
- https://ubuntu.com/security/CVE-2022-23218
- https://ubuntu.com/security/CVE-2021-3999
- https://ubuntu.com/security/CVE-2022-23219
Title: USN-5319-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5319-1
Priorities: high
Description:
Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano
Giuffrida discovered that hardware mitigations added by Intel to their
processors to address Spectre-BTI were insufficient. A local attacker could
potentially use this to expose sensitive information.
CVEs: - https://ubuntu.com/security/CVE-2022-0001
- https://ubuntu.com/security/CVE-2022-0002
Title: USN-5301-2: Cyrus SASL vulnerability
URL: https://ubuntu.com/security/notices/USN-5301-2
Priorities: high
Description:
USN-5301-1 fixed a vulnerability in Cyrus. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that the Cyrus SASL SQL plugin incorrectly handled SQL
input. A remote attacker could use this issue to execute arbitrary SQL
commands.
CVEs: - https://ubuntu.com/security/CVE-2022-24407
- https://ubuntu.com/security/CVE-2015-9253
621.211
Available in VMware Tanzu Network
Release Date: February 21, 2022
Metadata:
BOSH Agent Version: 2.268.61
USNs:
Title: USN-5264-1: Graphviz vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5264-1
Priorities: low,medium
Description:
It was discovered that graphviz contains null pointer dereference
vulnerabilities. Exploitation via a specially crafted input file
can cause a denial of service.
(CVE-2018-10196, CVE-2019-11023)
It was discovered that graphviz contains a buffer overflow
vulnerability. Exploitation via a specially crafted input file can cause
a denial of service or possibly allow for arbitrary code execution.
(CVE-2020-18032)
CVEs:
- https://ubuntu.com/security/CVE-2018-10196
- https://ubuntu.com/security/CVE-2019-11023
- https://ubuntu.com/security/CVE-2020-18032
- https://ubuntu.com/security/CVE-2018-10196
- https://ubuntu.com/security/CVE-2020-18032
- https://ubuntu.com/security/CVE-2019-11023
Title: USN-5262-1: GPT fdisk vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5262-1
Priorities: low
Description:
The potential for an out of bounds write due to a missing bounds
check was discovered to impact the sgdisk utility of GPT fdisk.
Exploitation requires the use of a maliciously formatted storage
device and could cause sgdisk to crash as well as possibly
allow for local privilege escalation.
CVEs:
- https://ubuntu.com/security/CVE-2020-0256
- https://ubuntu.com/security/CVE-2021-0308
Title: USN-5280-1: Speex vulnerability
URL: https://ubuntu.com/security/notices/USN-5280-1
Priorities: medium
Description:
It was discovered that Speex incorrectly handled certain WAV files.
An attacker could possibly use this issue to cause a denial of service.
CVEs:
- https://ubuntu.com/security/CVE-2020-23903
Title: USN-5292-3: snapd vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5292-3
Priorities: medium,high
Description:
USN-5292-1 fixed several vulnerabilities in snapd. This update provides the
corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
James Troup discovered that snap did not properly manage the permissions for
the snap directories. A local attacker could possibly use this issue to expose
sensitive information. (CVE-2021-3155)
Ian Johnson discovered that snapd did not properly validate content interfaces
and layout paths. A local attacker could possibly use this issue to inject
arbitrary AppArmor policy rules, resulting in a bypass of intended access
restrictions. (CVE-2021-4120)
The Qualys Research Team discovered that snapd did not properly validate the
location of the snap-confine binary. A local attacker could possibly use this
issue to execute other arbitrary binaries and escalate privileges.
(CVE-2021-44730)
The Qualys Research Team discovered that a race condition existed in the snapd
snap-confine binary when preparing a private mount namespace for a snap. A
local attacker could possibly use this issue to escalate privileges and
execute arbitrary code. (CVE-2021-44731)
CVEs:
- https://ubuntu.com/security/CVE-2021-3155
- https://ubuntu.com/security/CVE-2021-4120
- https://ubuntu.com/security/CVE-2021-44730
- https://ubuntu.com/security/CVE-2021-44731
- https://ubuntu.com/security/CVE-2021-3155
- https://ubuntu.com/security/CVE-2021-4120
- https://ubuntu.com/security/CVE-2021-44730
- https://ubuntu.com/security/CVE-2021-44731
Title: USN-5275-1: BlueZ vulnerability
URL: https://ubuntu.com/security/notices/USN-5275-1
Priorities: medium
Description:
Ziming Zhang discovered that BlueZ incorrectly handled memory write operations
in its gatt server. A remote attacker could possibly use this to cause BlueZ to
crash leading to a denial of service, or potentially remotely execute code.
(CVE-2022-0204)
CVEs:
- https://ubuntu.com/security/CVE-2022-0204
- https://ubuntu.com/security/CVE-2022-0204
Title: USN-5269-2: Django vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5269-2
Priorities: medium
Description:
USN-5269-1 fixed several vulnerabilities in Django. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Keryn Knight discovered that Django incorrectly handled certain template
tags. A remote attacker could possibly use this issue to perform a
cross-site scripting attack. (CVE-2022-22818)
Alan Ryan discovered that Django incorrectly handled file uploads. A remote
attacker could possibly use this issue to cause Django to hang, resulting
in a denial of service. (CVE-2022-23833)
CVEs:
- https://ubuntu.com/security/CVE-2022-22818
- https://ubuntu.com/security/CVE-2022-23833
- https://ubuntu.com/security/CVE-2022-22818
- https://ubuntu.com/security/CVE-2022-23833
621.208
Available in VMware Tanzu Network
Release Date: February 10, 2022
Enhancements
/optis now mounted to the ephemeral disk rather than the root disk. This is not a recommended storage point for bosh workloads, but some agents deployed on stemcells write their logs to this folder and that could cause the root disk to fill up.
#### Metadata:
BOSH Agent Version: 2.268.59
#### USNs:
Title: USN-5254-1: shadow vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5254-1
Priorities: low
Description:
It was discovered that shadow incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
expose sensitive information. This issue only affected
Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2017-12424)
It was discovered that shadow incorrectly handled certain inputs.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2018-7169)
CVEs:
- https://ubuntu.com/security/CVE-2017-12424
- https://ubuntu.com/security/CVE-2018-7169
- https://ubuntu.com/security/CVE-2018-7169
- https://ubuntu.com/security/CVE-2017-12424
Title: USN-5259-1: Cron vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5259-1
Priorities: low
Description:
It was discovered that the postinst maintainer script in Cron unsafely
handled file permissions during package install or update operations.
An attacker could possibly use this issue to perform a privilege
escalation attack. (CVE-2017-9525)
Florian Weimer discovered that Cron incorrectly handled certain memory
operations during crontab file creation. An attacker could possibly use
this issue to cause a denial of service. (CVE-2019-9704)
It was discovered that Cron incorrectly handled user input during crontab
file creation. An attacker could possibly use this issue to cause a denial
of service. (CVE-2019-9705)
It was discovered that Cron contained a use-after-free vulnerability in
its force_rescan_user function. An attacker could possibly use this issue
to cause a denial of service. (CVE-2019-9706)
CVEs: - https://ubuntu.com/security/CVE-2017-9525
- https://ubuntu.com/security/CVE-2019-9704
- https://ubuntu.com/security/CVE-2019-9705
- https://ubuntu.com/security/CVE-2019-9706
- https://ubuntu.com/security/CVE-2019-9704
- https://ubuntu.com/security/CVE-2019-9705
- https://ubuntu.com/security/CVE-2019-9706
- https://ubuntu.com/security/CVE-2017-9525
Title: USN-5234-1: Byobu vulnerability
URL: https://ubuntu.com/security/notices/USN-5234-1
Priorities: low
Description:
Sander Bos discovered that Byobu incorrectly handled certain Apport data.
An attacker could possibly use this issue to expose sensitive information.
CVEs: - https://ubuntu.com/security/CVE-2019-7306
Title: USN-5244-1: DBus vulnerability
URL: https://ubuntu.com/security/notices/USN-5244-1
Priorities: low
Description:
Daniel Onaca discovered that DBus contained a use-after-free vulnerability,
caused by the incorrect handling of usernames sharing the same UID. An
attacker could possibly use this issue to cause DBus to crash, resulting
in a denial of service.
CVEs: - https://ubuntu.com/security/CVE-2020-35512
Title: USN-5268-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5268-1
Priorities: medium
Description:
Keyu Man discovered that the ICMP implementation in the Linux kernel did
not properly handle received ICMP error packets. A remote attacker could
use this to facilitate attacks on UDP based services that depend on source
port randomization. (CVE-2021-20322)
It was discovered that the Bluetooth subsystem in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2021-3640)
Likang Luo discovered that a race condition existed in the Bluetooth
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-3752)
Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel
did not properly perform bounds checking in some situations. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2021-42739)
CVEs: - https://ubuntu.com/security/CVE-2021-20322
- https://ubuntu.com/security/CVE-2021-3640
- https://ubuntu.com/security/CVE-2021-3752
- https://ubuntu.com/security/CVE-2021-42739
- https://ubuntu.com/security/CVE-2021-3752
- https://ubuntu.com/security/CVE-2021-20322
- https://ubuntu.com/security/CVE-2021-3640
- https://ubuntu.com/security/CVE-2021-42739
Title: USN-5021-2: curl vulnerability
URL: https://ubuntu.com/security/notices/USN-5021-2
Priorities: low,medium
Description:
USN-5021-1 fixed vulnerabilities in curl. This update provides
the corresponding updates for Ubuntu 16.04 ESM.
Original advisory details:
Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled
TELNET connections when the -t option was used on the command line.
Uninitialized data possibly containing sensitive information could be sent
to the remote server, contrary to expectations. (CVE-2021-22898,
CVE-2021-22925)
CVEs: - https://ubuntu.com/security/CVE-2021-22898
- https://ubuntu.com/security/CVE-2021-22925
- https://ubuntu.com/security/CVE-2021-22898
- https://ubuntu.com/security/CVE-2021-22925
Title: USN-5064-2: GNU cpio vulnerability
URL: https://ubuntu.com/security/notices/USN-5064-2
Priorities: medium
Description:
USN-5064-1 fixed vulnerabilities in GNU cpio. This update provides
the corresponding updates for Ubuntu 16.04 ESM.
Original advisory details:
Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled
certain pattern files. A remote attacker could use this issue to cause cpio
to crash, resulting in a denial of service, or possibly execute arbitrary
code.
CVEs: - https://ubuntu.com/security/CVE-2021-38185
Title: USN-5193-2: X.Org X Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5193-2
Priorities: medium
Description:
USN-5193-1 fixed several vulnerabilities in X.Org. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain inputs. An attacker could use this issue to cause the server to
crash, resulting in a denial of service, or possibly execute arbitrary
code and escalate privileges.
CVEs: - https://ubuntu.com/security/CVE-2021-4009
- https://ubuntu.com/security/CVE-2021-4008
- https://ubuntu.com/security/CVE-2021-4011
Title: USN-5252-2: PolicyKit vulnerability
URL: https://ubuntu.com/security/notices/USN-5252-2
Priorities: high
Description:
USN-5252-1 fixed a vulnerability in policykit-1. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that the PolicyKit pkexec tool incorrectly handled
command-line arguments. A local attacker could use this issue to escalate
privileges to an administrator.
CVEs: - https://ubuntu.com/security/CVE-2021-4034
Title: USN-5235-1: Ruby vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5235-1
Priorities: medium
Description:
It was discovered that Ruby incorrectly handled certain HTML files.
An attacker could possibly use this issue to cause a crash. This
issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10.
(CVE-2021-41816)
It was discovered that Ruby incorrectly handled certain regular expressions.
An attacker could possibly use this issue to cause a regular expression
denial of service. (CVE-2021-41817)
It was discovered that Ruby incorrectly handled certain cookie names.
An attacker could possibly use this issue to access or expose
sensitive information. (CVE-2021-41819)
CVEs: - https://ubuntu.com/security/CVE-2021-41816
- https://ubuntu.com/security/CVE-2021-41817
- https://ubuntu.com/security/CVE-2021-41819
- https://ubuntu.com/security/CVE-2021-41816
- https://ubuntu.com/security/CVE-2021-41819
- https://ubuntu.com/security/CVE-2021-41817
Title: USN-5260-3: Samba vulnerability
URL: https://ubuntu.com/security/notices/USN-5260-3
Priorities: high
Description:
USN-5260-1 fixed a vulnerability in Samba. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Orange Tsai discovered that the Samba vfs_fruit module incorrectly handled
certain memory operations. A remote attacker could use this issue to cause
Samba to crash, resulting in a denial of service, or possibly execute
arbitrary code as root. (CVE-2021-44142)
CVEs: - https://ubuntu.com/security/CVE-2021-44142
- https://ubuntu.com/security/CVE-2021-44142
Title: USN-5250-2: strongSwan vulnerability
URL: https://ubuntu.com/security/notices/USN-5250-2
Priorities: medium
Description:
USN-5250-1 fixed a vulnerability in strongSwan. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Zhuowei Zhang discovered that stringSwan incorrectly handled EAP
authentication. A remote attacker could use this issue to cause strongSwan
to crash, resulting in a denial of service, or possibly bypass client and
server authentication.
CVEs: - https://ubuntu.com/security/CVE-2021-45079
Title: USN-5243-2: AIDE vulnerability
URL: https://ubuntu.com/security/notices/USN-5243-2
Priorities: medium
Description:
USN-5243-1 fixed a vulnerability in aide. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
David Bouman discovered that AIDE incorrectly handled base64 operations. A
local attacker could use this issue to cause AIDE to crash, resulting in a
denial of service, or possibly execute arbitrary code.
CVEs: - https://ubuntu.com/security/CVE-2021-45417
Title: USN-5233-2: ClamAV vulnerability
URL: https://ubuntu.com/security/notices/USN-5233-2
Priorities: medium
Description:
USN-5233-1 fixed a vulnerability in ClamAV. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that ClamAV incorrectly handled memory when the
CL_SCAN_GENERAL_COLLECT_METADATA scan option was enabled. A remote attacker
could possibly use this issue to cause ClamAV to crash, resulting in a
denial of service.
CVEs: - https://ubuntu.com/security/CVE-2022-20698
Title: USN-5270-2: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5270-2
Priorities: medium
Description:
USN-5270-1 fixed several vulnerabilities in MySQL. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.7.37 in Ubuntu 16.04 ESM.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-37.html
https://www.oracle.com/security-alerts/cpujan2022.html
CVEs: - https://ubuntu.com/security/CVE-2022-21304
- https://ubuntu.com/security/CVE-2022-21344
- https://ubuntu.com/security/CVE-2022-21367
- https://ubuntu.com/security/CVE-2022-21303
- https://ubuntu.com/security/CVE-2022-21270
- https://ubuntu.com/security/CVE-2022-21245
- https://ubuntu.com/security/CVE-2017-12424
621.198
Available in VMware Tanzu Network
Release Date: January 18, 2022
Fixes
Fixes an issue that caused the bosh-agent to continually fail to start when either the cgroup v1 memory controller or the cgroup v2 controller was mounted in more than one location on the file system.
Metadata:
BOSH Agent Version: 2.268.54
USNs:
Title: USN-5225-1: lxml vulnerability
URL: https://ubuntu.com/security/notices/USN-5225-1
Priorities: medium
Description:
It was discovered that lxml incorrectly handled certain XML and HTML files.
An attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://ubuntu.com/security/CVE-2021-43818
Title: USN-5212-2: Apache HTTP Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5212-2
Priorities: medium
Description:
USN-5212-1 fixed several vulnerabilities in Apache. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that the Apache HTTP Server incorrectly handled certain
forward proxy requests. A remote attacker could use this issue to cause
the server to crash, resulting in a denial of service, or possibly perform
a Server Side Request Forgery attack. (CVE-2021-44224)
It was discovered that the Apache HTTP Server Lua module incorrectly
handled memory in the multipart parser. A remote attacker could use this
issue to cause the server to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2021-44790)
CVEs:
- https://ubuntu.com/security/CVE-2021-44224
- https://ubuntu.com/security/CVE-2021-44790
- https://ubuntu.com/security/CVE-2021-44790
- https://ubuntu.com/security/CVE-2021-44224
621.196
Available in VMware Tanzu Network
Release Date: January 07, 2022
Metadata:
BOSH Agent Version: 2.268.51
USNs:
Title: LSN-0083-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0083-1
Priorities: medium,high
Description:
The BPF subsystem in the Linux kernel before 4.17 mishandles
situations with a long jump over an instruction sequence where inner
instructions require substantial expansions into multiple BPF instructions,
leading to an overflow. This affects kernel/bpf/core.c and
net/core/filter.c.(CVE-2018-25020)
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD
processors in the Linux kernel did not properly prevent a guest VM from
enabling AVIC in nested guest VMs. An attacker in a guest VM could use this
to write to portions of the host’s physical memory.(CVE-2021-3653)
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages.(CVE-2021-4002)
Andy Nguyen discovered that the netfilter subsystem in the Linux kernel
contained an out-of-bounds write in its setsockopt() implementation. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.(CVE-2021-22555)
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code.(CVE-2021-33909)
CVEs:
- https://ubuntu.com/security/CVE-2018-25020
- https://ubuntu.com/security/CVE-2021-3653
- https://ubuntu.com/security/CVE-2021-4002
- https://ubuntu.com/security/CVE-2021-22555
- https://ubuntu.com/security/CVE-2021-33909
- https://ubuntu.com/security/CVE-2021-33909
- https://ubuntu.com/security/CVE-2018-25020
- https://ubuntu.com/security/CVE-2021-4002
- https://ubuntu.com/security/CVE-2021-22555
- https://ubuntu.com/security/CVE-2021-3653
Title: USN-5211-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5211-1
Priorities: high
Description:
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages.
CVEs:
- https://ubuntu.com/security/CVE-2021-4002
Title: USN-5209-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5209-1
Priorities: high,low,medium
Description:
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages. (CVE-2021-4002)
It was discovered that a race condition existed in the timer implementation
in the Linux kernel. A privileged attacker could use this cause a denial of
service. (CVE-2021-20317)
It was discovered that a race condition existed in the overlay file system
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2021-20321)
It was discovered that the NFC subsystem in the Linux kernel contained a
use-after-free vulnerability in its NFC Controller Interface (NCI)
implementation. A local attacker could possibly use this to cause a denial
of service (system crash) or execute arbitrary code. (CVE-2021-3760)
It was discovered that an integer overflow could be triggered in the eBPF
implementation in the Linux kernel when preallocating objects for stack
maps. A privileged local attacker could use this to cause a denial of
service or possibly execute arbitrary code. (CVE-2021-41864)
It was discovered that the ISDN CAPI implementation in the Linux kernel
contained a race condition in certain situations that could trigger an
array out-of-bounds bug. A privileged local attacker could possibly use
this to cause a denial of service or execute arbitrary code.
(CVE-2021-43389)
CVEs:
- https://ubuntu.com/security/CVE-2021-4002
- https://ubuntu.com/security/CVE-2021-20317
- https://ubuntu.com/security/CVE-2021-20321
- https://ubuntu.com/security/CVE-2021-3760
- https://ubuntu.com/security/CVE-2021-41864
- https://ubuntu.com/security/CVE-2021-43389
- https://ubuntu.com/security/CVE-2021-4002
- https://ubuntu.com/security/CVE-2021-43389
- https://ubuntu.com/security/CVE-2021-20321
- https://ubuntu.com/security/CVE-2021-3760
- https://ubuntu.com/security/CVE-2021-41864
- https://ubuntu.com/security/CVE-2021-20317
621.192
Available in VMware Tanzu Network
Release Date: December 17, 2021
Enhancements
/var/optis now mounted to the ephemeral disk rather than the root disk. This is not a recommended storage point for bosh workloads, but some agents deployed on stemcells write their logs to this folder and that could cause the root disk to fill up.
#### Fixes- This release reverts the NATS firewall enhancement added in 621.183. Changes associated with this feature caused VMs to report a networking failed state and prevented monit firewall rules from being applied. The NATS firewall enhancement will be reintroduced in a future release.
#### Metadata:
BOSH Agent Version: 2.268.49
#### USNs:
Title: USN-5202-1: OpenJDK vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5202-1
Priorities: medium
Description:
Varnavas Papaioannou discovered that the FTP client implementation in
OpenJDK accepted alternate server IP addresses when connecting with FTP
passive mode. An attacker controlling an FTP server that an application
connects to could possibly use this to expose sensitive information
(rudimentary port scans). This issue only affected Ubuntu 16.04 ESM,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-2341)
Markus Loewe discovered that OpenJDK did not properly handle JAR files
containing multiple manifest files. An attacker could possibly use
this to bypass JAR signature verification. This issue only affected
Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu
21.04. (CVE-2021-2369)
Huixin Ma discovered that the Hotspot VM in OpenJDK did not properly
perform range check elimination in some situations. An attacker could
possibly use this to construct a Java class that could bypass Java
sandbox restrictions. This issue only affected Ubuntu 16.04 ESM,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-2388)
Asaf Greenholts discovered that OpenJDK preferred certain weak ciphers by
default. An attacker could possibly use this to expose sensitive
information. (CVE-2021-35550)
It was discovered that the Rich Text Format (RTF) Parser in OpenJDK did not
properly restrict the amount of memory allocated in some situations. An
attacker could use this to specially craft an RTF file that caused a denial
of service. (CVE-2021-35556)
It was discovered that the Rich Text Format (RTF) Reader in OpenJDK did not
properly restrict the amount of memory allocated in some situations. An
attacker could use this to specially craft an RTF file that caused a denial
of service. (CVE-2021-35559)
Markus Loewe discovered that the HashMap and HashSet implementations in
OpenJDK did not properly validate load factors during deserialization. An
attacker could use this to cause a denial of service (excessive memory
consumption). (CVE-2021-35561)
It was discovered that the Keytool component in OpenJDK did not properly
handle certificates with validity ending dates in the far future. An
attacker could use this to specially craft a certificate that when imported
could corrupt a keystore. (CVE-2021-35564)
Tristen Hayfield discovered that the HTTP server implementation in OpenJDK
did not properly handle TLS session close in some situations. A remote
attacker could possibly use this to cause a denial of service (application
infinite loop). (CVE-2021-35565)
Chuck Hunley discovered that the Kerberos implementation in OpenJDK did not
correctly report subject principals when using Kerberos Constrained
Delegation. An attacker could possibly use this to cause incorrect Kerberos
tickets to be used. (CVE-2021-35567)
it was discovered that the TLS implementation in OpenJDK did not properly
handle TLS handshakes in certain situations where a Java application is
acting as a TLS server. A remote attacker could possibly use this to cause
a denial of service (application crash). (CVE-2021-35578)
it was discovered that OpenJDK did not properly restrict the amount of
memory allocated when processing BMP images. An attacker could use this to
specially craft a BMP image file that could cause a denial of service.
(CVE-2021-35586)
It was discovered that the HotSpot VM in OpenJDK 8 did not properly perform
validation of inner class index values in some situations. An attacker
could use this to specially craft a class file that when loaded could cause
a denial of service (Java VM crash). (CVE-2021-35588)
Artem Smotrakov discovered that the TLS implementation in OpenJDK used non-
constant time comparisons during TLS handshakes. A remote attacker could
use this to expose sensitive information. (CVE-2021-35603)
CVEs:
- https://ubuntu.com/security/CVE-2021-2341
- https://ubuntu.com/security/CVE-2021-2369
- https://ubuntu.com/security/CVE-2021-2388
- https://ubuntu.com/security/CVE-2021-35550
- https://ubuntu.com/security/CVE-2021-35556
- https://ubuntu.com/security/CVE-2021-35559
- https://ubuntu.com/security/CVE-2021-35561
- https://ubuntu.com/security/CVE-2021-35564
- https://ubuntu.com/security/CVE-2021-35565
- https://ubuntu.com/security/CVE-2021-35567
- https://ubuntu.com/security/CVE-2021-35578
- https://ubuntu.com/security/CVE-2021-35586
- https://ubuntu.com/security/CVE-2021-35588
- https://ubuntu.com/security/CVE-2021-35603
- https://ubuntu.com/security/CVE-2021-35556
- https://ubuntu.com/security/CVE-2021-35561
- https://ubuntu.com/security/CVE-2021-35588
- https://ubuntu.com/security/CVE-2021-35578
- https://ubuntu.com/security/CVE-2021-2341
- https://ubuntu.com/security/CVE-2021-35564
- https://ubuntu.com/security/CVE-2021-35603
- https://ubuntu.com/security/CVE-2021-35559
- https://ubuntu.com/security/CVE-2021-35586
- https://ubuntu.com/security/CVE-2021-35550
- https://ubuntu.com/security/CVE-2021-35567
- https://ubuntu.com/security/CVE-2021-2369
- https://ubuntu.com/security/CVE-2021-35565
- https://ubuntu.com/security/CVE-2021-2388
Title: USN-5189-1: GLib vulnerability
URL: https://ubuntu.com/security/notices/USN-5189-1
Priorities: medium
Description:
It was discovered that GLib incorrectly handled certain environment variables.
An attacker could possibly use this issue to escalate privileges.
CVEs: - https://ubuntu.com/security/CVE-2021-3800
Title: USN-5168-4: NSS regression
URL: https://ubuntu.com/security/notices/USN-5168-4
Priorities: high
Description:
USN-5168-3 fixed a vulnerability in NSS. Unfortunately that update introduced
a regression that could break SSL connections. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS
signatures. A remote attacker could use this issue to cause NSS to crash,
resulting in a denial of service, or possibly execute arbitrary code.
CVEs: - https://ubuntu.com/security/CVE-2021-43527
Title: USN-5192-2: Apache Log4j 2 vulnerability
URL: https://ubuntu.com/security/notices/USN-5192-2
Priorities: high
Description:
USN-5192-1 fixed a vulnerability in Apache Log4j 2. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run
programs via a special crafted input. An attacker could use this vulnerability
to cause a denial of service or possibly execute arbitrary code.
CVEs: - https://ubuntu.com/security/CVE-2021-44228
- https://ubuntu.com/security/CVE-2021-2341
621.183
Available in VMware Tanzu Network
Release Date: December 06, 2021
Enhancements
- Added firewall rules to restrict access to the NATS message bus except by the bosh agent. This provides an additional layer of security so even if an attacker is able to gain access to the NATS credentials, they would be unable to use those from a workload on a Bosh deployed VM. If you are attempting to debug NATS connectivity problems by directly connecting to the Bosh NATS server, you will need additional access; instructions can be found here.
#### Known issues
Errors are present in the networking service post-start scripts for all BOSH-managed VMs which: - Causes networking service to report a failed state
- Incorrectly allows external connections to the monit service
- Incorrectly allows external connections to the NATS service
#### Metadata:
BOSH Agent Version: 2.268.45
#### USNs:
Title: USN-5147-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5147-1
Priorities: low,medium
Description:
It was discovered that Vim incorrectly handled permissions on the .swp
file. A local attacker could possibly use this issue to obtain sensitive
information. This issue only affected Ubuntu 14.04 ESM. (CVE-2017-17087)
It was discovered that Vim incorrectly handled restricted mode. A local
attacker could possibly use this issue to bypass restricted mode and
execute arbitrary commands. Note: This update only makes executing shell
commands more difficult. Restricted mode should not be considered a
complete security measure. This issue only affected Ubuntu 14.04 ESM.
(CVE-2019-20807)
Brian Carpenter discovered that vim incorrectly handled memory
when opening certain files. If a user was tricked into opening
a specially crafted file, a remote attacker could crash the
application, leading to a denial of service, or possible execute
arbitrary code with user privileges. This issue only affected
Ubuntu 20.04 LTS, Ubuntu 21.04 and Ubuntu 21.10. (CVE-2021-3872)
It was discovered that vim incorrectly handled memory when
opening certain files. If a user was tricked into opening
a specially crafted file, a remote attacker could crash the
application, leading to a denial of service, or possible execute
arbitrary code with user privileges. (CVE-2021-3903)
It was discovered that vim incorrectly handled memory when
opening certain files. If a user was tricked into opening
a specially crafted file, a remote attacker could crash the
application, leading to a denial of service, or possible execute
arbitrary code with user privileges. (CVE-2021-3927)
It was discovered that vim incorrectly handled memory when
opening certain files. If a user was tricked into opening
a specially crafted file, a remote attacker could crash the
application, leading to a denial of service, or possible execute
arbitrary code with user privileges. (CVE-2021-3928)
CVEs:
- https://ubuntu.com/security/CVE-2017-17087
- https://ubuntu.com/security/CVE-2019-20807
- https://ubuntu.com/security/CVE-2021-3872
- https://ubuntu.com/security/CVE-2021-3903
- https://ubuntu.com/security/CVE-2021-3927
- https://ubuntu.com/security/CVE-2021-3928
- https://ubuntu.com/security/CVE-2021-3928
- https://ubuntu.com/security/CVE-2021-3927
- https://ubuntu.com/security/CVE-2017-17087
- https://ubuntu.com/security/CVE-2019-20807
- https://ubuntu.com/security/CVE-2021-3903
- https://ubuntu.com/security/CVE-2021-3872
Title: USN-5158-1: ImageMagick vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5158-1
Priorities: low
Description:
It was discovered that ImageMagick incorrectly handled certain values
when processing visual effects based image files. By tricking a user into
opening a specially crafted image file, an attacker could crash the
application causing a denial of service. (CVE-2021-20244)
It was discovered that ImageMagick incorrectly handled certain values
when performing resampling operations. By tricking a user into opening
a specially crafted image file, an attacker could crash the application
causing a denial of service. (CVE-2021-20246)
It was discovered that ImageMagick incorrectly handled certain values
when processing visual effects based image files. By tricking a user into
opening a specially crafted image file, an attacker could crash the
application causing a denial of service (CVE-2021-20309)
It was discovered that ImageMagick incorrectly handled certain values
when processing thumbnail image data. By tricking a user into opening
a specially crafted image file, an attacker could crash the application
causing a denial of service. (CVE-2021-20312)
It was discovered that ImageMagick incorrectly handled memory cleanup
when performing certain cryptographic operations. Under certain conditions
sensitive cryptographic information could be disclosed. (CVE-2021-20313)
CVEs: - https://ubuntu.com/security/CVE-2021-20244
- https://ubuntu.com/security/CVE-2021-20246
- https://ubuntu.com/security/CVE-2021-20309
- https://ubuntu.com/security/CVE-2021-20312
- https://ubuntu.com/security/CVE-2021-20313
- https://ubuntu.com/security/CVE-2021-20244
- https://ubuntu.com/security/CVE-2021-20246
- https://ubuntu.com/security/CVE-2021-20309
- https://ubuntu.com/security/CVE-2021-20312
- https://ubuntu.com/security/CVE-2021-20313
Title: USN-5144-1: OpenEXR vulnerability
URL: https://ubuntu.com/security/notices/USN-5144-1
Priorities: medium
Description:
It was discovered that OpenEXR incorrectly handled certain EXR
image files. An attacker could possibly use this issue to cause a crash
or execute arbitrary code.
CVEs: - https://ubuntu.com/security/CVE-2021-3933
Title: USN-5150-1: OpenEXR vulnerability
URL: https://ubuntu.com/security/notices/USN-5150-1
Priorities: medium
Description:
It was discovered that OpenEXR incorrectly handled certain EXR image files.
An attacker could possibly use this issue to cause a crash.
CVEs: - https://ubuntu.com/security/CVE-2021-3941
Title: USN-5168-3: NSS vulnerability
URL: https://ubuntu.com/security/notices/USN-5168-3
Priorities: high
Description:
USN-5168-1 fixed a vulnerability in NSS. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS
signatures. A remote attacker could use this issue to cause NSS to crash,
resulting in a denial of service, or possibly execute arbitrary code.
CVEs: - https://ubuntu.com/security/CVE-2021-43527
- https://ubuntu.com/security/CVE-2017-17087
621.176
Available in VMware Tanzu Network
Release Date: November 11, 2021
Metadata:
BOSH Agent Version: 2.268.41
USNs:
Title: USN-5114-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5114-1
Priorities: medium,low
Description:
It was discovered that a race condition existed in the Atheros Ath9k WiFi
driver in the Linux kernel. An attacker could possibly use this to expose
sensitive information (WiFi network traffic). (CVE-2020-3702)
It was discovered that the KVM hypervisor implementation in the Linux
kernel did not properly compute the access permissions for shadow pages in
some situations. A local attacker could use this to cause a denial of
service. (CVE-2021-38198)
It was discovered that the ext4 file system in the Linux kernel contained a
race condition when writing xattrs to an inode. A local attacker could use
this to cause a denial of service or possibly gain administrative
privileges. (CVE-2021-40490)
It was discovered that the 6pack network protocol driver in the Linux
kernel did not properly perform validation checks. A privileged attacker
could use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2021-42008)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-3702
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-40490
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-38198
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-42008
Title: USN-5119-1: libcaca vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5119-1
Priorities: medium
Description:
It was discovered that libcaca incorrectly handled certain images. An attacker
could possibly use this issue to cause a crash. (CVE-2021-30498, CVE-2021-30499)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-30498
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-30499
Title: USN-5136-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5136-1
Priorities: low,medium
Description:
It was discovered that the f2fs file system in the Linux kernel did not
properly validate metadata in some situations. An attacker could use this
to construct a malicious f2fs image that, when mounted and operated on,
could cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2019-19449)
It was discovered that the FUSE user space file system implementation in
the Linux kernel did not properly handle bad inodes in some situations. A
local attacker could possibly use this to cause a denial of service.
(CVE-2020-36322)
It was discovered that the Infiniband RDMA userspace connection manager
implementation in the Linux kernel contained a race condition leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possible execute arbitrary code.
(CVE-2020-36385)
Ilja Van Sprundel discovered that the SCTP implementation in the Linux
kernel did not properly perform size validations on incoming packets in
some situations. An attacker could possibly use this to expose sensitive
information (kernel memory). (CVE-2021-3655)
It was discovered that the Qualcomm IPC Router protocol implementation in
the Linux kernel did not properly validate metadata in some situations. A
local attacker could use this to cause a denial of service (system crash)
or expose sensitive information. (CVE-2021-3743)
It was discovered that the virtual terminal (vt) device implementation in
the Linux kernel contained a race condition in its ioctl handling that led
to an out-of-bounds read vulnerability. A local attacker could possibly use
this to expose sensitive information. (CVE-2021-3753)
It was discovered that the Linux kernel did not properly account for the
memory usage of certain IPC objects. A local attacker could use this to
cause a denial of service (memory exhaustion). (CVE-2021-3759)
Michael Wakabayashi discovered that the NFSv4 client implementation in the
Linux kernel did not properly order connection setup operations. An
attacker controlling a remote NFS server could use this to cause a denial
of service on the client. (CVE-2021-38199)
It was discovered that the Aspeed Low Pin Count (LPC) Bus Controller
implementation in the Linux kernel did not properly perform boundary checks
in some situations, allowing out-of-bounds write access. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. In Ubuntu, this issue only affected systems running
armhf kernels. (CVE-2021-42252)
CVEs:
- https://ubuntu.com/security/CVE-2019-19449
- https://ubuntu.com/security/CVE-2020-36322
- https://ubuntu.com/security/CVE-2020-36385
- https://ubuntu.com/security/CVE-2021-3655
- https://ubuntu.com/security/CVE-2021-3743
- https://ubuntu.com/security/CVE-2021-3753
- https://ubuntu.com/security/CVE-2021-3759
- https://ubuntu.com/security/CVE-2021-38199
- https://ubuntu.com/security/CVE-2021-42252
- https://ubuntu.com/security/CVE-2021-38199
- https://ubuntu.com/security/CVE-2020-36322
- https://ubuntu.com/security/CVE-2021-3759
- https://ubuntu.com/security/CVE-2021-3753
- https://ubuntu.com/security/CVE-2020-36385
- https://ubuntu.com/security/CVE-2019-19449
- https://ubuntu.com/security/CVE-2021-3743
- https://ubuntu.com/security/CVE-2021-42252
- https://ubuntu.com/security/CVE-2021-3655
Title: USN-5133-1: ICU vulnerability
URL: https://ubuntu.com/security/notices/USN-5133-1
Priorities: low
Description:
It was discovered that ICU contains a use after free issue.
An attacker could use this issue to cause a denial of service with crafted input.
CVEs:
- https://ubuntu.com/security/CVE-2020-21913
Title: LSN-0082-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0082-1
Priorities: medium,high
Description:
Jann Horn discovered that the tty subsystem of the Linux kernel did not use
consistent locking in some situations, leading to a read-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information (kernel memory).(CVE-2020-29660)
Jann Horn discovered a race condition in the tty subsystem of the Linux
kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after-
free vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code.(CVE-2020-29661)
De4dCr0w of 360 Alpha Lab discovered that the BPF verifier in the Linux
kernel did not properly handle mod32 destination register truncation when
the source register was known to be 0. A local attacker could use this to
expose sensitive information (kernel memory) or possibly execute arbitrary
code.(CVE-2021-3444)
kernel: use-after-free in route4_change() in
net/sched/cls_route.c(CVE-2021-3715)
CVEs:
- https://ubuntu.com/security/CVE-2020-29660
- https://ubuntu.com/security/CVE-2020-29661
- https://ubuntu.com/security/CVE-2021-3444
- https://ubuntu.com/security/CVE-2021-3715
- https://ubuntu.com/security/CVE-2020-29660
- https://ubuntu.com/security/CVE-2020-29661
- https://ubuntu.com/security/CVE-2021-3715
- https://ubuntu.com/security/CVE-2021-3444
Title: USN-5125-1: PHP vulnerability
URL: https://ubuntu.com/security/notices/USN-5125-1
Priorities: high
Description:
It was discovered that PHP-FPM in PHP incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code.
CVEs:
- https://ubuntu.com/security/CVE-2021-21703
Title: USN-5126-2: Bind vulnerability
URL: https://ubuntu.com/security/notices/USN-5126-2
Priorities: medium
Description:
USN-5126-1 fixed a vulnerability in Bind. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Kishore Kumar Kothapalli discovered that Bind incorrectly handled the lame
cache when processing responses. A remote attacker could possibly use this
issue to cause Bind to consume resources, resulting in a denial of service.
CVEs:
- https://ubuntu.com/security/CVE-2021-25219
Title: USN-5123-2: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5123-2
Priorities: medium
Description:
USN-5123-1 fixed several vulnerabilities in MySQL. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 8.0.27 in Ubuntu 20.04 LTS, Ubuntu 21.04, and
Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.36.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-36.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-27.html
https://www.oracle.com/security-alerts/cpuoct2021.html
CVEs:
- https://ubuntu.com/security/CVE-2021-35624
- https://ubuntu.com/security/CVE-2021-35604
621.171
Available in VMware Tanzu Network
Release Date: October 25, 2021
Metadata:
BOSH Agent Version: 2.268.36
Bosh-agent is now build with Go 1.17
Features:
Allow to receive nats and blobstore updates via update settings action
USNs:
Title: USN-5109-1: nginx vulnerability
URL: https://ubuntu.com/security/notices/USN-5109-1
Priorities: medium
Description:
It was discovered that nginx incorrectly handled files with
certain modification dates. A remote attacker could possibly
use this issue to cause a denial of service or other unspecified
impact.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-20005
Title: USN-5022-3: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5022-3
Priorities: medium
Description:
USN-5022-1 fixed several vulnerabilities in MySQL. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to MySQL 5.7.35 on Ubuntu 16.04 ESM.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-35.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-26.html
https://www.oracle.com/security-alerts/cpujul2021.html
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2179
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2162
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2389
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2390
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2194
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2146
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2372
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2342
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2169
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2171
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2180
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2154
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2166
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2226
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2307
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2385
Title: USN-5103-1: docker.io vulnerability
URL: https://ubuntu.com/security/notices/USN-5103-1
Priorities: medium
Description:
Lei Wang and Ruizhi Xiao discovered that the Moby Docker engine in
Docker incorrectly allowed the docker cp command to make permissions
changes in the host filesystem in some situations. A local attacker
could possibly use to this to expose sensitive information or gain
administrative privileges.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-41089
Title: USN-5111-2: strongSwan vulnerability
URL: https://ubuntu.com/security/notices/USN-5111-2
Priorities: medium
Description:
USN-5111-1 fixed a vulnerability in strongSwan. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that strongSwan incorrectly handled replacing
certificates in the cache. A remote attacker could use this issue to cause
strongSwan to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2021-41991)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-41991
Title: USN-5121-1: Mailman vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5121-1
Priorities: high
Description:
Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman
did not properly associate cross-site request forgery (CSRF) tokens
to specific accounts. A remote attacker could use this to perform a
CSRF attack to gain access to another account. (CVE-2021-42097)
Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman’s
cross-site request forgery (CSRF) tokens for the options page are
derived from the admin password. A remote attacker could possibly use
this to assist in performing a brute force attack against the admin
password. (CVE-2021-42096)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-42096
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-42097
621.160
Available in VMware Tanzu Network
Release Date: October 01, 2021
Fixes
Fixes an issue introduced in v621.151 that caused frequent udev events and high CPU usage on Azure VMs.
Metadata:
BOSH Agent Version: 2.268.29
621.154
Available in VMware Tanzu Network
Release Date: September 16, 2021
Fixes
- Fixes an issue introduced in v621.151 that caused persistent disks to frequently fail to mount.
#### Metadata:
BOSH Agent Version: 2.268.27
#### USNs:
Title: USN-5077-2: Apport vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5077-2
Priorities: medium
Description:
USN-5077-1 fixed several vulnerabilities in Apport. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Maik Münch and Stephen Röttger discovered that Apport incorrectly handled
certain information gathering operations. A local attacker could use this
issue to gain read access to arbitrary files, possibly containing sensitive
information.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3709
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3710
Title: USN-5076-1: Git vulnerability
URL: https://ubuntu.com/security/notices/USN-5076-1
Priorities: medium
Description:
It was discovered that Git allowed newline characters in
certain repository paths. An attacker could potentially use this issue to perform
cross-protocol requests.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-40330
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3709
621.151
Available in VMware Tanzu Network
Release Date: September 14, 2021
Fixes
- Updates the
/var/vcap/bosh/bin/monitwrapper script to refer tomonit-actualby absolute path, rather than relative path. This allows folks who reset or clear thePATHenvironment variable to actually be able to use themonitCLI. Prior to this fix, folks who cleared theirPATHenvironment variable would see an error like:/var/vcap/bosh/bin/monit: line 9: exec: monit-actual: not found. - Fixes the “incorrect used memory reporting” issue introduced in stemcell version
621.141. The Bosh Agent will now report the correct amount of memory used by all processes in the VM that it manages, rather than just the processes in its cgroup.
#### Known issues - We’ve seen failures with this version of the stemcell in vSphere when attempting to attach a persistent disk to a running VM. We are currently planning to address this issue with an update to the vSphere CPI. It should be fixed in vSphere CPI release >= v69. We have pulled the vSphere version of this stemcell for now.
Note: This issue is fixed in stemcell version 621.154
#### Metadata:
BOSH Agent Version: 2.268.27
#### USNs:
Title: USN-5066-2: PySAML2 vulnerability
URL: https://ubuntu.com/security/notices/USN-5066-2
Priorities: medium
Description:
USN-5066-1 fixed a vulnerability in PySAML2. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Brian Wolff discovered that PySAML2 incorrectly validated cryptographic
signatures. A remote attacker could possibly use this issue to alter SAML
documents.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-21239
Title: USN-5039-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5039-1
Priorities: high
Description:
Andy Nguyen discovered that the netfilter subsystem in the Linux kernel
contained an out-of-bounds write in its setsockopt() implementation. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22555
Title: LSN-0080-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0080-1
Priorities: high
Description:
Andy Nguyen discovered that the netfilter subsystem in the Linux kernel
contained an out-of-bounds write in its setsockopt() implementation. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.(CVE-2021-22555)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22555
Title: USN-5028-1: Exiv2 vulnerability
URL: https://ubuntu.com/security/notices/USN-5028-1
Priorities: medium
Description:
It was discovered that Exiv2 incorrectly handled certain images.
An attacker could possibly use this issue to cause a denial of service.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-31291
Title: USN-5025-2: libsndfile vulnerability
URL: https://ubuntu.com/security/notices/USN-5025-2
Priorities: medium
Description:
USN-5025-1 fixed a vulnerability in libsndfile. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libsndfile incorrectly handled certain malformed
files. A remote attacker could use this issue to cause libsndfile to crash,
resulting in a denial of service, or possibly execute arbitrary code.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3246
Title: USN-5027-2: PEAR vulnerability
URL: https://ubuntu.com/security/notices/USN-5027-2
Priorities: medium
Description:
USN-5027-1 fixed a vulnerability in PEAR. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that PEAR incorrectly handled symbolic links in archives.
A remote attacker could possibly use this issue to execute arbitrary code.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32610
Title: USN-5044-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5044-1
Priorities: medium
Description:
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle HCI device initialization failure, leading to a double-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2021-3564)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle HCI device detach events, leading to a use-after-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2021-3573)
It was discovered that the NFC implementation in the Linux kernel did not
properly handle failed connect events leading to a NULL pointer
dereference. A local attacker could use this to cause a denial of service.
(CVE-2021-3587)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3573
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3587
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3564
Title: USN-5073-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5073-1
Priorities: medium,low,high
Description:
Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor
implementation for AMD processors in the Linux kernel allowed a guest VM to
disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a
guest VM could use this to read or write portions of the host’s physical
memory. (CVE-2021-3656)
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD
processors in the Linux kernel did not properly prevent a guest VM from
enabling AVIC in nested guest VMs. An attacker in a guest VM could use this
to write to portions of the host’s physical memory. (CVE-2021-3653)
Norbert Slusarek discovered that the CAN broadcast manger (bcm) protocol
implementation in the Linux kernel did not properly initialize memory in
some situations. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2021-34693)
Murray McAllister discovered that the joystick device interface in the
Linux kernel did not properly validate data passed via an ioctl(). A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code on systems with a joystick device
registered. (CVE-2021-3612)
It was discovered that the Virtio console implementation in the Linux
kernel did not properly validate input lengths in some situations. A local
attacker could possibly use this to cause a denial of service (system
crash). (CVE-2021-38160)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3612
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-34693
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-38160
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3656
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3653
Title: USN-5062-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5062-1
Priorities: high
Description:
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD
processors in the Linux kernel did not properly prevent a guest VM from
enabling AVIC in nested guest VMs. An attacker in a guest VM could use this
to write to portions of the host’s physical memory.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3653
Title: LSN-0081-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0081-1
Priorities: high
Description:
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD
processors in the Linux kernel did not properly prevent a guest VM from
enabling AVIC in nested guest VMs. An attacker in a guest VM could use this
to write to portions of the host’s physical memory.(CVE-2021-3653)
Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor
implementation for AMD processors in the Linux kernel allowed a guest VM to
disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a
guest VM could use this to read or write portions of the host’s physical
memory.(CVE-2021-3656)
Andy Nguyen discovered that the netfilter subsystem in the Linux kernel
contained an out-of-bounds write in its setsockopt() implementation. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.(CVE-2021-22555)
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code.(CVE-2021-33909)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3653
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22555
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3656
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33909
Title: USN-5034-2: c-ares vulnerability
URL: https://ubuntu.com/security/notices/USN-5034-2
Priorities: medium
Description:
USN-5034-1 fixed a vulnerability in c-ares. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly
validated certain hostnames returned by DNS servers. A remote attacker
could possibly use this issue to perform Domain Hijacking attacks.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3672
Title: USN-5026-2: QPDF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5026-2
Priorities: medium,low
Description:
USN-5026-1 fixed several vulnerabilities in QPDF. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that QPDF incorrectly handled certain malformed PDF
files. A remote attacker could use this issue to cause QPDF to consume
resources, resulting in a denial of service. (CVE-2018-18020)
It was discovered that QPDF incorrectly handled certain malformed PDF
files. A remote attacker could use this issue to cause QPDF to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2021-36978)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-36978
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18020
Title: USN-5051-2: OpenSSL vulnerability
URL: https://ubuntu.com/security/notices/USN-5051-2
Priorities: medium
Description:
USN-5051-1 fixed a vulnerability in OpenSSL. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1
strings. A remote attacker could use this issue to cause OpenSSL to crash,
resulting in a denial of service, or possibly obtain sensitive information.
(CVE-2021-3712)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3712
Title: USN-5043-1: Exiv2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5043-1
Priorities: medium
Description:
It was discovered that Exiv2 incorrectly handled certain image files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-32815, CVE-2021-34334, CVE-2021-37620, CVE-2021-37622)
It was discovered that Exiv2 incorrectly handled certain image files.
An attacker could possibly use this issue to cause a denial of service.
These issues only affected Ubuntu 20.04 LTS and Ubuntu 21.04.
(CVE-2021-34335, CVE-2021-37615, CVE-2021-37616, CVE-2021-37618,
CVE-2021-37619, CVE-2021-37621, CVE-2021-37623)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37622
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32815
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37623
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37621
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37620
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37618
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-34335
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37615
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37619
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37616
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-34334
Title: USN-5055-1: GNOME grilo vulnerability
URL: https://ubuntu.com/security/notices/USN-5055-1
Priorities: medium
Description:
Michael Catanzaro discovered that grilo incorrectly handled certain TLS
certificate verification. An attacker could possibly use this issue to
MITM attacks.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-39365
Title: USN-5068-1: GD library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5068-1
Priorities: medium,low
Description:
It was discovered that GD Graphics Library incorrectly handled certain GD and GD2 files.
An attacker could possibly use this issue to cause a crash or expose sensitive information.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 ESM, and Ubuntu 14.04 ESM.
(CVE-2017-6363)
It was discovered that GD Graphics Library incorrectly handled certain TGA files.
An attacker could possibly use this issue to cause a denial of service or
expose sensitive information. (CVE-2021-381)
It was discovered that GD Graphics Library incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash.
(CVE-2021-40145)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-40145
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-38115
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6363
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-21239
621.141
Available in VMware Tanzu Network
Release Date: August 30, 2021
Enhancements
- Added firewall rules to restrict Monit API access to the Monit CLI and BOSH Agent. To see how to grant your program access to the Monit API, examine the new
monitwrapper script, found at/var/vcap/bosh/bin/monit.
#### Known issues - The memory used by the VM that a Bosh Agent manages is incorrectly reported. The Agent will report very significantly smaller amounts of memory used by the VM than are actually used. This means that the “memory used” information in the output of
bosh vms --vitalsand related commands is incorrect. For now, avoid using this stemcell version, if you rely on the VM memory usage information reported by the Bosh Agent, Director, or theboshCLI.
NOTE: This issue has been resolved in Stemcell version 621.151.
#### Metadata:
BOSH Agent Version: 2.268.23
#### USNs:
Title: USN-5039-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5039-1
Priorities: high
Description:
Andy Nguyen discovered that the netfilter subsystem in the Linux kernel
contained an out-of-bounds write in its setsockopt() implementation. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22555
Title: LSN-0080-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0080-1
Priorities: high
Description:
Andy Nguyen discovered that the netfilter subsystem in the Linux kernel
contained an out-of-bounds write in its setsockopt() implementation. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.(CVE-2021-22555)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22555
Title: USN-5028-1: Exiv2 vulnerability
URL: https://ubuntu.com/security/notices/USN-5028-1
Priorities: medium
Description:
It was discovered that Exiv2 incorrectly handled certain images.
An attacker could possibly use this issue to cause a denial of service.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-31291
Title: USN-5025-2: libsndfile vulnerability
URL: https://ubuntu.com/security/notices/USN-5025-2
Priorities: medium
Description:
USN-5025-1 fixed a vulnerability in libsndfile. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libsndfile incorrectly handled certain malformed
files. A remote attacker could use this issue to cause libsndfile to crash,
resulting in a denial of service, or possibly execute arbitrary code.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3246
Title: USN-5027-2: PEAR vulnerability
URL: https://ubuntu.com/security/notices/USN-5027-2
Priorities: medium
Description:
USN-5027-1 fixed a vulnerability in PEAR. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that PEAR incorrectly handled symbolic links in archives.
A remote attacker could possibly use this issue to execute arbitrary code.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32610
Title: USN-5044-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5044-1
Priorities: medium
Description:
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle HCI device initialization failure, leading to a double-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2021-3564)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle HCI device detach events, leading to a use-after-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2021-3573)
It was discovered that the NFC implementation in the Linux kernel did not
properly handle failed connect events leading to a NULL pointer
dereference. A local attacker could use this to cause a denial of service.
(CVE-2021-3587)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3573
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3587
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3564
Title: USN-5034-2: c-ares vulnerability
URL: https://ubuntu.com/security/notices/USN-5034-2
Priorities: medium
Description:
USN-5034-1 fixed a vulnerability in c-ares. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly
validated certain hostnames returned by DNS servers. A remote attacker
could possibly use this issue to perform Domain Hijacking attacks.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3672
Title: USN-5026-2: QPDF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5026-2
Priorities: medium,low
Description:
USN-5026-1 fixed several vulnerabilities in QPDF. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that QPDF incorrectly handled certain malformed PDF
files. A remote attacker could use this issue to cause QPDF to consume
resources, resulting in a denial of service. (CVE-2018-18020)
It was discovered that QPDF incorrectly handled certain malformed PDF
files. A remote attacker could use this issue to cause QPDF to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2021-36978)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-36978
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18020
Title: USN-5043-1: Exiv2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5043-1
Priorities: medium
Description:
It was discovered that Exiv2 incorrectly handled certain image files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-32815, CVE-2021-34334, CVE-2021-37620, CVE-2021-37622)
It was discovered that Exiv2 incorrectly handled certain image files.
An attacker could possibly use this issue to cause a denial of service.
These issues only affected Ubuntu 20.04 LTS and Ubuntu 21.04.
(CVE-2021-34335, CVE-2021-37615, CVE-2021-37616, CVE-2021-37618,
CVE-2021-37619, CVE-2021-37621, CVE-2021-37623)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37622
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32815
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37623
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37621
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37620
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37618
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-34335
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37615
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37619
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37616
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-34334
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22555
621.136
Available in VMware Tanzu Network
Release Date: July 26, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4336-2: GNU binutils vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4336-2
Priorities: low,medium
Description:
USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that GNU binutils contained a large number of security
issues. If a user or automated system were tricked into processing a
specially-crafted file, a remote attacker could cause GNU binutils to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-19932
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9074
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18309
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12451
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16828
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7302
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9751
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17080
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12700
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14130
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18483
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7568
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14128
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9749
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12458
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9070
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9755
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10534
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9746
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12972
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7300
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-9138
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7299
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-4488
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15020
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9742
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17125
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14939
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14250
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14129
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12967
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17124
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12934
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7210
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8395
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7227
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12459
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9754
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20002
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-4489
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9073
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-8945
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12448
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-4491
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-17794
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13710
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14333
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15021
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14940
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14930
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7225
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7223
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12452
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6965
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18701
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15024
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10372
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18484
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16832
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9748
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15225
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7569
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16831
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-17358
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-6543
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7224
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-4493
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17121
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9041
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9071
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-19931
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9756
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18700
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10373
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17451
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12697
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18606
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12641
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17123
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-4492
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16826
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9753
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-6323
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8394
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16827
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12450
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6131
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14529
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9038
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-2226
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9747
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-4490
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12456
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20671
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10535
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-4487
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15939
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7643
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-13033
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9039
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15022
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8393
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20623
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9744
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7642
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9752
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12698
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12699
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15996
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9044
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-6759
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9745
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7208
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6969
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12449
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14932
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7614
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12454
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-1000876
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8396
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8397
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12455
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9954
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-17360
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14444
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9075
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-17985
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8398
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18607
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8421
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17450
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12799
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15938
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7301
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9750
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7226
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15025
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18605
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9042
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12457
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12453
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-17359
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9040
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7209
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9077
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6966
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14938
Title: USN-5020-1: Ruby vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5020-1
Priorities: medium,low
Description:
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2021-31799)
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to conduct
port scans and service banner extractions. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-31810)
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to perform
man-in-the-middle attackers to bypass the TLS protection.
(CVE-2021-32066)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-31799
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32066
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-31810
Title: LSN-0079-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0079-1
Priorities: high
Description:
It was discovered that the eBPF implementation in the Linux kernel did not
properly track bounds information for 32 bit registers when performing div
and mod operations. A local attacker could use this to possibly execute
arbitrary code.(CVE-2021-3600)
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code.(CVE-2021-33909)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3600
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33909
621.135
Available in VMware Tanzu Network
Release Date: July 21, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-5013-2: systemd vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5013-2
Priorities: low,high
Description:
USN-5013-1 fixed several vulnerabilities in systemd. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that systemd incorrectly handled certain mount paths. A
local attacker could possibly use this issue to cause systemd to crash,
resulting in a denial of service. (CVE-2021-33910)
Mitchell Frank discovered that systemd incorrectly handled DHCP FORCERENEW
packets. A remote attacker could possibly use this issue to reconfigure
servers. (CVE-2020-13529)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13529
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33910
Title: USN-5018-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5018-1
Priorities: medium,high
Description:
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code. (CVE-2021-33909)
Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel
did not properly enforce limits for pointer operations. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-33200)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did
not properly clear received fragments from memory in some situations. A
physically proximate attacker could possibly use this issue to inject
packets or expose sensitive information. (CVE-2020-24586)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation
incorrectly handled encrypted fragments. A physically proximate attacker
could possibly use this issue to decrypt fragments. (CVE-2020-24587)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation
incorrectly handled EAPOL frames from unauthenticated senders. A physically
proximate attacker could inject malicious packets to cause a denial of
service (system crash). (CVE-2020-26139)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could
reassemble mixed encrypted and plaintext fragments. A physically proximate
attacker could possibly use this issue to inject packets or exfiltrate
selected fragments. (CVE-2020-26147)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly perform access control. An authenticated attacker could possibly
use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129)
Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the
nfc implementation in the Linux kernel. A privileged local attacker could
use this issue to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-23134)
Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel
did not properly prevent speculative loads in certain situations. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2021-31829)
It was discovered that a race condition in the kernel Bluetooth subsystem
could lead to use-after-free of slab objects. An attacker could use this
issue to possibly execute arbitrary code. (CVE-2021-32399)
It was discovered that a use-after-free existed in the Bluetooth HCI driver
of the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-33034)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-0129
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24586
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33909
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23134
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33200
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33034
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26139
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26147
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24587
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-31829
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26558
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32399
Title: USN-5014-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5014-1
Priorities: high
Description:
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33909
621.134
Available in VMware Tanzu Network
Release Date: July 19, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: LSN-0078-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0078-1
Priorities: high
Description:
Norbert Slusarek discovered a race condition in the CAN BCM networking
protocol of the Linux kernel leading to multiple use-after-free
vulnerabilities. A local attacker could use this issue to execute arbitrary
code.(CVE-2021-3609)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3609
621.133
Available in VMware Tanzu Network
Release Date: July 15, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-5006-2: PHP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5006-2
Priorities: low,medium
Description:
USN-5006-1 fixed several vulnerabilities in PHP. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that PHP incorrectly handled certain PHAR files. A remote
attacker could possibly use this issue to cause PHP to crash, resulting in
a denial of service, or possibly obtain sensitive information. (CVE-2020-7068)
It was discovered that PHP incorrectly handled parsing URLs with passwords.
A remote attacker could possibly use this issue to cause PHP to mis-parse
the URL and produce wrong data. (CVE-2020-7071)
It was discovered that PHP incorrectly handled certain malformed XML data
when being parsed by the SOAP extension. A remote attacker could possibly
use this issue to cause PHP to crash, resulting in a denial of service.
(CVE-2021-21702)
It was discovered that PHP incorrectly handled the pdo_firebase module. A
remote attacker could possibly use this issue to cause PHP to crash,
resulting in a denial of service. (CVE-2021-21704)
It was discovered that PHP incorrectly handled the FILTER_VALIDATE_URL
check. A remote attacker could possibly use this issue to perform a server-
side request forgery attack. (CVE-2021-21705)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-21702
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-7071
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-21705
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-7068
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-21704
Title: USN-5004-1: RabbitMQ vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5004-1
Priorities: medium,low
Description:
It was discovered that RabbitMQ incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service. This
issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2019-11287)
Jonathan Knudsen discovered RabbitMQ incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-22116)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22116
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11287
Title: USN-5008-2: Avahi vulnerability
URL: https://ubuntu.com/security/notices/USN-5008-2
Priorities: medium
Description:
USN-5008-1 fixed a vulnerability in avahi. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Thomas Kremer discovered that Avahi incorrectly handled termination signals
on the Unix socket. A local attacker could possibly use this issue to cause
Avahi to hang, resulting in a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3468
Title: USN-5005-1: DjVuLibre vulnerability
URL: https://ubuntu.com/security/notices/USN-5005-1
Priorities: medium
Description:
It was discovered that DjVuLibre incorrectly handled certain djvu files.
An attacker could possibly use this issue to execute arbitrary code or
cause a crash.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3630
621.131
Available in VMware Tanzu Network
Release Date: June 23, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4986-2: rpcbind vulnerability
URL: https://ubuntu.com/security/notices/USN-4986-2
Priorities: low
Description:
USN-4986-1 fixed a vulnerability in rpcbind. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that rpcbind incorrectly handled certain large data
sizes. A remote attacker could use this issue to cause rpcbind to consume
resources, leading to a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8779
Title: USN-4989-2: BlueZ vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4989-2
Priorities: medium,low
Description:
USN-4989-1 fixed several vulnerabilities in BlueZ. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that BlueZ incorrectly checked certain permissions when
pairing. A local attacker could possibly use this issue to impersonate
devices. (CVE-2020-26558)
Jay LV discovered that BlueZ incorrectly handled redundant disconnect MGMT
events. A local attacker could use this issue to cause BlueZ to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-27153)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26558
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27153
Title: USN-4971-2: libwebp vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4971-2
Priorities: medium
Description:
USN-4971-1 fixed several vulnerabilities in libwebp. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libwebp incorrectly handled certain malformed
images. If a user or automated system were tricked into opening a specially
crafted image file, a remote attacker could use this issue to cause libwebp
to crash, resulting in a denial of service, or possibly execute arbitrary
code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36331
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-25014
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36328
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-25012
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-25009
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-25013
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-25011
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-25010
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36330
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36329
Title: USN-5003-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5003-1
Priorities: medium,high
Description:
Norbert Slusarek discovered a race condition in the CAN BCM networking
protocol of the Linux kernel leading to multiple use-after-free
vulnerabilities. A local attacker could use this issue to execute arbitrary
code. (CVE-2021-3609)
It was discovered that the eBPF implementation in the Linux kernel did not
properly track bounds information for 32 bit registers when performing div
and mod operations. A local attacker could use this to possibly execute
arbitrary code. (CVE-2021-3600)
Or Cohen discovered that the SCTP implementation in the Linux kernel
contained a race condition in some situations, leading to a use-after-free
condition. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-23133)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23133
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3609
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3600
Title: USN-4994-2: Apache HTTP Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4994-2
Priorities: medium,low
Description:
USN-4994-1 fixed several vulnerabilities in Apache. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Antonio Morales discovered that the Apache mod_auth_digest module
incorrectly handled certain Digest nonces. A remote attacker could possibly
use this issue to cause Apache to crash, resulting in a denial of service.
(CVE-2020-35452)
Antonio Morales discovered that the Apache mod_session module incorrectly
handled certain Cookie headers. A remote attacker could possibly use this
issue to cause Apache to crash, resulting in a denial of service.
(CVE-2021-26690)
Christophe Jaillet discovered that the Apache mod_session module
incorrectly handled certain SessionHeader values. A remote attacker could
use this issue to cause Apache to crash, resulting in a denial of service,
or possibly execute arbitrary code. (CVE-2021-26691)
Christoph Anton Mitterer discovered that the new MergeSlashes configuration
option resulted in unexpected behaviour in certain situations.
(CVE-2021-30641)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-26691
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-35452
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-30641
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-26690
Title: USN-4991-1: libxml2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4991-1
Priorities: medium,low
Description:
Yunho Kim discovered that libxml2 incorrectly handled certain error
conditions. A remote attacker could exploit this with a crafted XML file to
cause a denial of service, or possibly cause libxml2 to expose sensitive
information. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04
ESM. (CVE-2017-8872)
Zhipeng Xie discovered that libxml2 incorrectly handled certain XML
schemas. A remote attacker could possibly use this issue to cause a denial
of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM,
and Ubuntu 18.04 LTS. (CVE-2019-20388)
It was discovered that libxml2 incorrectly handled invalid UTF-8 input. A
remote attacker could possibly exploit this with a crafted XML file to
cause libxml2 to crash, resulting in a denial of service. This issue only
affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04
LTS and Ubuntu 20.10. (CVE-2020-24977)
It was discovered that libxml2 incorrectly handled invalid UTF-8 input. A
remote attacker could possibly exploit this with a crafted XML file to
cause libxml2 to crash, resulting in a denial of service. (CVE-2021-3517)
It was discovered that libxml2 did not properly handle certain crafted XML
files. A local attacker could exploit this with a crafted input to cause
libxml2 to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2021-3516, CVE-2021-3518)
It was discovered that libxml2 incorrectly handled error states. A remote
attacker could exploit this with a crafted XML file to cause libxml2 to
crash, resulting in a denial of service. (CVE-2021-3537)
Sebastian Pipping discovered that libxml2 did not properly handle certain
crafted XML files. A remote attacker could exploit this with a crafted XML
file to cause libxml2 to crash, resulting in a denial of service. This
issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04.
(CVE-2021-3541)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3516
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8872
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24977
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3541
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3537
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3517
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3518
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20388
Title: USN-4996-2: OpenEXR vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4996-2
Priorities: medium,low
Description:
USN-4996-1 fixed several vulnerabilities in OpenEXR. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that OpenEXR incorrectly handled certain malformed EXR
image files. If a user were tricked into opening a crafted EXR image file,
a remote attacker could cause a denial of service, or possibly execute
arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3605
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-26260
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-20296
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23215
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3598
621.130
Available in VMware Tanzu Network
Release Date: June 09, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4985-1: Intel Microcode vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4985-1
Priorities: medium,high
Description:
It was discovered that some Intel processors may not properly invalidate
cache entries used by Intel Virtualization Technology for Directed I/O
(VT-d). This may allow a local user to perform a privilege escalation
attack. (CVE-2021-24489)
Joseph Nuzman discovered that some Intel processors may not properly apply
EIBRS mitigations (originally developed for CVE-2017-5715) and hence may
allow unauthorized memory reads via sidechannel attacks. A local attacker
could use this to expose sensitive information, including kernel
memory. (CVE-2020-24511)
Travis Downs discovered that some Intel processors did not properly flush
cache-lines for trivial-data values. This may allow an unauthorized user to
infer the presence of these trivial-data-cache-lines via timing sidechannel
attacks. A local attacker could use this to expose sensitive
information. (CVE-2020-24512)
It was discovered that certain Intel Atom processors could expose memory
contents stored in microarchitectural buffers. A local attacker could use
this to expose sensitive information. (CVE-2020-24513)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24512
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-24489
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24513
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24511
Title: USN-4967-2: nginx vulnerability
URL: https://ubuntu.com/security/notices/USN-4967-2
Priorities: medium
Description:
USN-4967-1 fixed a vulnerability in nginx. This update provides
the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx
incorrectly handled responses to the DNS resolver. A remote attacker could
use this issue to cause nginx to crash, resulting in a denial of service,
or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23017
Title: USN-4969-2: DHCP vulnerability
URL: https://ubuntu.com/security/notices/USN-4969-2
Priorities: medium
Description:
USN-4969-1 fixed a vulnerability in DHCP. This update provides
the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly
handled lease file parsing. A remote attacker could possibly use this issue
to cause DHCP to crash, resulting in a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25217
Title: USN-4966-2: libx11 vulnerability
URL: https://ubuntu.com/security/notices/USN-4966-2
Priorities: medium
Description:
USN-4966-1 fixed a vulnerability in libx11. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libx11 incorrectly validated certain parameter
lengths. A remote attacker could possibly use this issue to trick libx11
into emitting extra X protocol requests.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-31535
Title: USN-4979-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4979-1
Priorities: medium,low
Description:
Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the
Linux kernel contained a reference counting error. A local attacker could
use this to cause a denial of service (system crash). (CVE-2020-25670)
Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the
Linux kernel did not properly deallocate memory in certain error
situations. A local attacker could use this to cause a denial of service
(memory exhaustion). (CVE-2020-25671, CVE-2020-25672)
Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the
Linux kernel did not properly handle error conditions in some situations,
leading to an infinite loop. A local attacker could use this to cause a
denial of service. (CVE-2020-25673)
It was discovered that the Realtek RTL8188EU Wireless device driver in the
Linux kernel did not properly validate ssid lengths in some situations. An
attacker could use this to cause a denial of service (system crash).
(CVE-2021-28660)
Zygo Blaxell discovered that the btrfs file system implementation in the
Linux kernel contained a race condition during certain cloning operations.
A local attacker could possibly use this to cause a denial of service
(system crash). (CVE-2021-28964)
Vince Weaver discovered that the perf subsystem in the Linux kernel did not
properly handle certain PEBS records properly for some Intel Haswell
processors. A local attacker could use this to cause a denial of service
(system crash). (CVE-2021-28971)
It was discovered that the RPA PCI Hotplug driver implementation in the
Linux kernel did not properly handle device name writes via sysfs, leading
to a buffer overflow. A privileged attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2021-28972)
It was discovered that the Qualcomm IPC router implementation in the Linux
kernel did not properly initialize memory passed to user space. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2021-29647)
Dan Carpenter discovered that the block device manager (dm) implementation
in the Linux kernel contained a buffer overflow in the ioctl for listing
devices. A privileged local attacker could use this to cause a denial of
service (system crash). (CVE-2021-31916)
It was discovered that the CIPSO implementation in the Linux kernel did not
properly perform reference counting in some situations, leading to use-
after-free vulnerabilities. An attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-33033)
Wolfgang Frisch discovered that the ext4 file system implementation in the
Linux kernel contained an integer overflow when handling metadata inode
extents. An attacker could use this to construct a malicious ext4 file
system image that, when mounted, could cause a denial of service (system
crash). (CVE-2021-3428)
马哲宇 discovered that the IEEE 1394 (Firewire) nosy packet sniffer driver in
the Linux kernel did not properly perform reference counting in some
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-3483)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-31916
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3428
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25670
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25673
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25672
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28660
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28971
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28964
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29647
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3483
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33033
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25671
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28972
Title: USN-4975-2: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-4975-2
Priorities: low
Description:
USN-4975-1 fixed a vulnerability in Django. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Rasmus Lerchedahl Petersen and Rasmus Wriedt Larsen discovered that Django
incorrectly handled path sanitation in admindocs. A remote attacker could
possibly use this issue to determine the existence of arbitrary files and
in certain configurations obtain their contents. (CVE-2021-33203)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33203
621.129
Available in VMware Tanzu Network
Release Date: May 26, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4954-1: GNU C Library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4954-1
Priorities: negligible,low
Description:
Jason Royes and Samuel Dytrych discovered that the memcpy()
implementation for 32 bit ARM processors in the GNU C Library contained
an integer underflow vulnerability. An attacker could possibly use
this to cause a denial of service (application crash) or execute
arbitrary code. (CVE-2020-6096)
It was discovered that the POSIX regex implementation in the GNU C
Library did not properly parse alternatives. An attacker could use this
to cause a denial of service. (CVE-2009-5155)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2009-5155
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6096
Title: USN-4934-2: Exim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4934-2
Priorities: medium
Description:
USN-4934-1 fixed several vulnerabilities in Exim. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
CVE-2020-28026 only affected Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Exim contained multiple security issues. An attacker
could use these issues to cause a denial of service, execute arbitrary
code remotely, obtain sensitive information, or escalate local privileges.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28011
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28009
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27216
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28022
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28025
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28026
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28024
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28014
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28007
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28016
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28020
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28013
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28008
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28015
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28017
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28012
Title: USN-4953-1: AWStats vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4953-1
Priorities: low,medium
Description:
Sean Boran discovered that AWStats incorrectly filtered certain parameters.
A remote attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-29600)
It was discovered that AWStats incorrectly filtered certain parameters. A
remote attacker could possibly use this issue to access sensitive
information. (CVE-2020-35176)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-35176
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-1000501
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29600
Title: USN-4962-1: Babel vulnerability
URL: https://ubuntu.com/security/notices/USN-4962-1
Priorities: medium
Description:
It was discovered that Babel incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-20095
Title: USN-4930-1: Samba vulnerability
URL: https://ubuntu.com/security/notices/USN-4930-1
Priorities: medium
Description:
Peter Eriksson discovered that Samba incorrectly handled certain negative
idmap cache entries. This issue could result in certain users gaining
unauthorized access to files, contrary to expected behaviour.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-20254
Title: USN-4946-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4946-1
Priorities: low,medium
Description:
It was discovered that the DRM subsystem in the Linux kernel contained
double-free vulnerabilities. A privileged attacker could possibly use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2021-20292)
Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan H. Schönherr
discovered that the Xen paravirtualization backend in the Linux kernel did
not properly propagate errors to frontend drivers in some situations. An
attacker in a guest VM could possibly use this to cause a denial of service
(host domain crash). (CVE-2021-26930)
Jan Beulich discovered that multiple Xen backends in the Linux kernel did
not properly handle certain error conditions under paravirtualization. An
attacker in a guest VM could possibly use this to cause a denial of service
(host domain crash). (CVE-2021-26931)
Jan Beulich discovered that the Xen netback backend in the Linux kernel did
not properly handle certain error conditions under paravirtualization. An
attacker in a guest VM could possibly use this to cause a denial of service
(host domain crash). (CVE-2021-28038)
It was discovered that the Xen paravirtualization backend in the Linux
kernel did not properly deallocate memory in some situations. A local
attacker could use this to cause a denial of service (memory exhaustion).
(CVE-2021-28688)
It was discovered that the Freescale Gianfar Ethernet driver for the Linux
kernel did not properly handle receive queue overrun when jumbo frames were
enabled in some situations. An attacker could use this to cause a denial of
service (system crash). (CVE-2021-29264)
It was discovered that the USB/IP driver in the Linux kernel contained race
conditions during the update of local and shared status. An attacker could
use this to cause a denial of service (system crash). (CVE-2021-29265)
It was discovered that a race condition existed in the netfilter subsystem
of the Linux kernel when replacing tables. A local attacker could use this
to cause a denial of service (system crash). (CVE-2021-29650)
Arnd Bergmann discovered that the video4linux subsystem in the Linux kernel
did not properly deallocate memory in some situations. A local attacker
could use this to cause a denial of service (memory exhaustion).
(CVE-2021-30002)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-20292
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-26930
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29264
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29265
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29650
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28688
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-26931
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28038
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-30002
Title: USN-4941-1: Exiv2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4941-1
Priorities: medium
Description:
It was discovered that Exiv2 incorrectly handled certain images.
An attacker could possibly use this issue to execute arbitrary code or cause
a crash. (CVE-2021-29457)
It was discovered that Exiv2 incorrectly handled certain images.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-29458, CVE-2021-29470)
It was discovered that Exiv2 incorrectly handled certain images.
An attacker could possibly use this issue to execute arbitrary code or
cause a crash. (CVE-2021-3482)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29458
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3482
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29470
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29457
Title: USN-4964-1: Exiv2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4964-1
Priorities: low,medium
Description:
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04.
(CVE-2021-29463)
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04.
(CVE-2021-29464)
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-29473, CVE-2021-32617)
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04.
(CVE-2021-29623)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29464
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29463
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32617
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29623
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29473
Title: USN-4932-2: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-4932-2
Priorities: medium
Description:
USN-4932-1 fixed a vulnerability in Django. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Django incorrectly handled certain
filenames. A remote attacker could possibly use this issue to create or
overwrite files in unexpected directories.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-31542
Title: USN-4957-2: DjVuLibre vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4957-2
Priorities: medium,low
Description:
USN-4957-1 fixed several vulnerabilities in DjVuLibre. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that DjVuLibre incorrectly handled certain memory
operations. If a user or automated system were tricked into processing a
specially crafted DjVu file, a remote attacker could cause applications
to hang or crash, resulting in a denial of service, or possibly execute
arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32491
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32492
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32493
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32490
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3500
Title: USN-4965-2: Apport vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4965-2
Priorities: medium
Description:
USN-4965-1 fixed several vulnerabilities in Apport. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Maik Münch discovered that Apport incorrectly handled certain information
gathering operations. A local attacker could use these issues to read and
write arbitrary files as an administrator, and possibly escalate
privileges.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32549
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32555
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32551
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32548
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32550
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32554
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32553
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32557
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32552
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32547
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32556
621.125
Available in VMware Tanzu Network
Release Date: April 30, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4924-1: Dnsmasq vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4924-1
Priorities: low
Description:
It was discovered that Dnsmasq incorrectly handled certain wildcard
synthesized NSEC records. A remote attacker could possibly use this issue
to prove the non-existence of hostnames that actually exist.
(CVE-2017-15107)
It was discovered that Dnsmasq incorrectly handled certain large DNS
packets. A remote attacker could possibly use this issue to cause Dnsmasq
to crash, resulting in a denial of service. (CVE-2019-14513)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14513
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15107
Title: USN-4919-1: OpenSLP vulnerability
URL: https://ubuntu.com/security/notices/USN-4919-1
Priorities: medium
Description:
It was discovered that OpenSLP did not properly validate URLs. A remote
attacker could use this issue to cause OpenSLP to crash or possibly execute
arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-5544
Title: USN-4927-1: File Roller vulnerability
URL: https://ubuntu.com/security/notices/USN-4927-1
Priorities: medium
Description:
It was discovered that File Roller incorrectly handled symlinks.
An attacker could possibly use this issue to expose sensitive information.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36314
Title: USN-4918-1: ClamAV vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4918-1
Priorities: medium
Description:
It was discovered that ClamAV incorrectly handled parsing Excel documents.
A remote attacker could possibly use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2021-1252)
It was discovered that ClamAV incorrectly handled parsing PDF documents. A
remote attacker could possibly use this issue to cause ClamAV to crash,
resulting in a denial of service. (CVE-2021-1404)
It was discovered that ClamAV incorrectly handled parsing email. A remote
attacker could possibly use this issue to cause ClamAV to crash, resulting
in a denial of service. (CVE-2021-1405)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-1405
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-1404
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-1252
Title: USN-4892-1: OpenJDK vulnerability
URL: https://ubuntu.com/security/notices/USN-4892-1
Priorities: medium
Description:
It was discovered that OpenJDK incorrectly verified Jar signatures. An
attacker could possibly use this issue to bypass intended security
restrictions when using Jar files signed with a disabled algorithm.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2163
Title: USN-4913-1: Underscore vulnerability
URL: https://ubuntu.com/security/notices/USN-4913-1
Priorities: medium
Description:
It was discovered that Underscore incorrectly handled certain inputs.
An attacker could possibly use this issue to inject arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23358
Title: USN-4926-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4926-1
Priorities: medium
Description:
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, spoof the
browser UI, bypass security restrictions, trick the user into disclosing
confidential information, or execute arbitrary code. (CVE-2021-23994,
CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999,
CVE-2021-24000, CVE-2021-24001, CVE-2021-29945, CVE-2021-29946,
CVE-2021-29947)
A use-after-free was discovered when Responsive Design Mode was
enabled. If a user were tricked into opening a specially crafted
website with Responsive Design Mode enabled, an attacker could
potentially exploit this to cause a denial of service, or execute
arbitrary code. (CVE-2021-23995)
It was discovered that Firefox mishandled ftp URLs with encoded newline
characters. If a user were tricked into clicking on a specially crafted
link, an attacker could potentially exploit this to send arbitrary
FTP commands. (CVE-2021-24002)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-24000
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23996
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23997
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23995
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29946
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23999
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23994
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23998
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29945
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-24001
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-24002
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29947
Title: USN-4922-1: Ruby vulnerability
URL: https://ubuntu.com/security/notices/USN-4922-1
Priorities: medium
Description:
Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly
parsed and serialized XML documents. A remote attacker could possibly use
this issue to perform an XML round-trip attack.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28965
Title: USN-4921-1: libcaca vulnerability
URL: https://ubuntu.com/security/notices/USN-4921-1
Priorities: medium
Description:
It was discovered that libcaca incorrectly handled certain images.
An attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3410
Title: USN-4916-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4916-1
Priorities: high
Description:
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges. (CVE-2021-3493)
Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux
kernel did not properly validate computation of branch displacements in
some situations. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-29154)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3493
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29154
Title: USN-4928-1: GStreamer Good Plugins vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4928-1
Priorities: medium
Description:
It was discovered that GStreamer Good Plugins incorrectly handled certain files.
An attacker could possibly use this issue to cause access sensitive information
or cause a crash. (CVE-2021-3497)
It was discovered that GStreamer Good Plugins incorrectly handled certain files.
An attacker could possibly use this issue to execute arbitrary code or cause
a crash. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu
20.10. (CVE-2021-3498)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3498
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3497
621.123
Available in VMware Tanzu Network
Release Date: April 19, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4899-1: SpamAssassin vulnerability
URL: https://ubuntu.com/security/notices/USN-4899-1
Priorities: medium
Description:
Damian Lukowski discovered that SpamAssassin incorrectly handled certain CF
files. If a user or automated system were tricked into using a specially-
crafted CF file, a remote attacker could possibly run arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-1946
Title: USN-4895-1: Squid vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4895-1
Priorities: medium,low
Description:
Alex Rousskov and Amit Klein discovered that Squid incorrectly handled
certain Content-Length headers. A remote attacker could possibly use this
issue to perform an HTTP request smuggling attack, resulting in cache
poisoning. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-15049)
Jianjun Chen discovered that Squid incorrectly validated certain input. A
remote attacker could use this issue to perform HTTP Request Smuggling and
possibly access services forbidden by the security controls.
(CVE-2020-25097)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25097
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15049
Title: USN-4561-2: Rack vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4561-2
Priorities: low,medium
Description:
USN-4561-1 fixed vulnerabilities in Rack. This update provides the
corresponding update for Ubuntu 16.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10.
Original advisory details:
It was discovered that Rack incorrectly handled certain paths. An attacker
could possibly use this issue to obtain sensitive information. This issue
only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2020-8161)
It was discovered that Rack incorrectly validated cookies. An attacker
could possibly use this issue to forge a secure cookie. (CVE-2020-8184)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8161
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8184
Title: USN-4885-1: Pygments vulnerability
URL: https://ubuntu.com/security/notices/USN-4885-1
Priorities: medium
Description:
It was discovered that Pygments incorrectly handled parsing SML files. If a
user or automated system were tricked into parsing a specially crafted SML
file, a remote attacker could cause Pygments to hang, resulting in a denial
of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-20270
Title: USN-4898-1: curl vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4898-1
Priorities: medium
Description:
Viktor Szakats discovered that curl did not strip off user credentials
from referrer header fields. A remote attacker could possibly use this
issue to obtain sensitive information. (CVE-2021-22876)
Mingtao Yang discovered that curl incorrectly handled session tickets when
using an HTTPS proxy. A remote attacker in control of an HTTPS proxy could
use this issue to bypass certificate checks and intercept communications.
This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10.
(CVE-2021-22890)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22890
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22876
Title: USN-4893-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4893-1
Priorities: medium,low
Description:
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information, or execute arbitrary code. (CVE-2021-23981, CVE-2021-23982,
CVE-2021-23983, CVE-2021-23987, CVE-2021-23988)
It was discovered that extensions could open popup windows with control
of the window title in some circumstances. If a user were tricked into
installing a specially crafted extension, an attacker could potentially
exploit this to spook a website and trick the user into providing
credentials. (CVE-2021-23984)
It was discovered that the DevTools remote debugging feature could be
enabled without an indication to the user. If a local attacker could
modify the browser configuration, a remote attacker could potentially
exploit this to obtain sensitive information. (CVE-2021-23985)
It was discovered that extensions could read the response of cross
origin requests in some circumstances. If a user were tricked into
installing a specially crafted extension, an attacker could potentially
exploit this to obtain sensitive information. (CVE-2021-23986)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23987
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23986
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23985
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23988
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23984
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23981
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23982
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23983
Title: USN-4897-1: Pygments vulnerability
URL: https://ubuntu.com/security/notices/USN-4897-1
Priorities: medium
Description:
Ben Caller discovered that Pygments incorrectly handled parsing certain
files. If a user or automated system were tricked into parsing a specially
crafted file, a remote attacker could cause Pygments to hang or consume
resources, resulting in a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27291
Title: USN-4883-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4883-1
Priorities: high,medium
Description:
Adam Nichols discovered that heap overflows existed in the iSCSI subsystem
in the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-27365)
Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did
not properly restrict access to iSCSI transport handles. A local attacker
could use this to cause a denial of service or expose sensitive information
(kernel pointer addresses). (CVE-2021-27363)
Adam Nichols discovered that an out-of-bounds read existed in the iSCSI
subsystem in the Linux kernel. A local attacker could use this to cause a
denial of service (system crash) or expose sensitive information (kernel
memory). (CVE-2021-27364)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27365
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27363
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27364
Title: USN-4902-1: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-4902-1
Priorities: low
Description:
Dennis Brinkrolf discovered that Django incorrectly handled certain
filenames. A remote attacker could possibly use this issue to create or
overwrite files in unexpected directories.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28658
Title: USN-4896-1: lxml vulnerability
URL: https://ubuntu.com/security/notices/USN-4896-1
Priorities: medium
Description:
It was discovered that lxml incorrectly handled certain HTML attributes. A
remote attacker could possibly use this issue to perform cross-site
scripting (XSS) attacks.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28957
Title: USN-4905-1: X.Org X Server vulnerability
URL: https://ubuntu.com/security/notices/USN-4905-1
Priorities: medium
Description:
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain lengths of XInput extension ChangeFeedbackControl requests. An
attacker could use this issue to cause the server to crash, resulting in a
denial of service, or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3472
Title: USN-4900-1: OpenEXR vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4900-1
Priorities: medium,low
Description:
It was discovered that OpenEXR incorrectly handled certain malformed EXR
image files. If a user were tricked into opening a crafted EXR image file,
a remote attacker could cause a denial of service, or possibly execute
arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3476
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3475
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3474
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3477
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3478
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3479
Title: USN-4916-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4916-1
Priorities: high
Description:
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges. (CVE-2021-3493)
Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux
kernel did not properly validate computation of branch displacements in
some situations. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-29154)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3493
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29154
621.117
Available in VMware Tanzu Network
Release Date: March 25, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4888-1: ldb vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4888-1
Priorities: high
Description:
Douglas Bagnall discovered that ldb, when used with Samba, incorrectly
handled certain LDAP attributes. A remote attacker could possibly use this
issue to cause the LDAP server to crash, resulting in a denial of service.
(CVE-2021-20277)
Douglas Bagnall discovered that ldb, when used with Samba, incorrectly
handled certain DN strings. A remote attacker could use this issue to
cause the LDAP server to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2020-27840)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-20277
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27840
Title: USN-4890-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4890-1
Priorities: high
Description:
Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not
properly compute a speculative execution limit on pointer arithmetic in
some situations. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2020-27171)
Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not
properly apply speculative execution limits on some pointer types. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2020-27170)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27170
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27171
621.115
Available in VMware Tanzu Network
Release Date: March 22, 2021
Metadata:
BOSH Agent Version: 2.268.21
USNs:
Title: USN-4758-1: Go vulnerability
URL: https://ubuntu.com/security/notices/USN-4758-1
Priorities: low
Description:
It was discovered that Go applications incorrectly handled uploaded content. If
a user were tricked into visiting a malicious page, a remote attacker could
exploit this with a crafted file to conduct cross-site scripting (XSS) attacks.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24553
Title: USN-4761-1: Git vulnerability
URL: https://ubuntu.com/security/notices/USN-4761-1
Priorities: medium
Description:
Matheus Tavares discovered that Git incorrectly handled delay-capable
clean/smudge filters when being used on case-insensitive filesystems. A
remote attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-21300
Title: USN-4759-1: GLib vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4759-1
Priorities: medium
Description:
Krzesimir Nowak discovered that GLib incorrectly handled certain large
buffers. A remote attacker could use this issue to cause applications
linked to GLib to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2021-27218)
Kevin Backhouse discovered that GLib incorrectly handled certain memory
allocations. A remote attacker could use this issue to cause applications
linked to GLib to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2021-27219)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27218
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27219
Title: USN-4763-1: Pillow vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4763-1
Priorities: medium
Description:
It was discovered that Pillow incorrectly handled certain Tiff image files.
If a user or automated system were tricked into opening a specially-crafted
Tiff file, a remote attacker could cause Pillow to crash, resulting in a
denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-25289,
CVE-2021-25291)
It was discovered that Pillow incorrectly handled certain Tiff image files.
If a user or automated system were tricked into opening a specially-crafted
Tiff file, a remote attacker could cause Pillow to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2021-25290)
It was discovered that Pillow incorrectly handled certain PDF files. If a
user or automated system were tricked into opening a specially-crafted
PDF file, a remote attacker could cause Pillow to hang, resulting in a
denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04
LTS, and Ubuntu 20.10. (CVE-2021-25292)
It was discovered that Pillow incorrectly handled certain SGI image files.
If a user or automated system were tricked into opening a specially-crafted
SGI file, a remote attacker could possibly cause Pillow to crash,
resulting in a denial of service. This issue only affected Ubuntu 18.04
LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-25293)
Jiayi Lin, Luke Shaffer, Xinran Xie, and Akshay Ajayan discovered that
Pillow incorrectly handled certain BLP files. If a user or automated system
were tricked into opening a specially-crafted BLP file, a remote attacker
could possibly cause Pillow to consume resources, resulting in a denial of
service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and
Ubuntu 20.10. (CVE-2021-27921)
Jiayi Lin, Luke Shaffer, Xinran Xie, and Akshay Ajayan discovered that
Pillow incorrectly handled certain ICNS files. If a user or automated
system were tricked into opening a specially-crafted ICNS file, a remote
attacker could possibly cause Pillow to consume resources, resulting in a
denial of service. (CVE-2021-27922)
Jiayi Lin, Luke Shaffer, Xinran Xie, and Akshay Ajayan discovered that
Pillow incorrectly handled certain ICO files. If a user or automated
system were tricked into opening a specially-crafted ICO file, a remote
attacker could possibly cause Pillow to consume resources, resulting in a
denial of service. (CVE-2021-27922)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27922
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25291
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27921
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25293
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27923
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25290
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25292
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25289
621.113
Available in VMware Tanzu Network
Release Date: March 15, 2021
Metadata:
BOSH Agent Version: 2.268.20
USNs:
Title: USN-4755-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4755-1
Priorities: medium
Description:
It was discovered that LibTIFF incorrectly handled certain malformed
images. If a user or automated system were tricked into opening a specially
crafted image, a remote attacker could crash the application, leading to a
denial of service, or possibly execute arbitrary code with user privileges.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-35524
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-35523
Title: USN-4756-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4756-1
Priorities: medium,low
Description:
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information, conduct cross-site scripting (XSS) attacks, bypass HTTP auth
phishing warnings, or execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23971
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23973
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23970
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23972
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23969
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23968
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23974
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23975
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23978
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23979
Title: USN-4757-1: wpa_supplicant and hostapd vulnerability
URL: https://ubuntu.com/security/notices/USN-4757-1
Priorities: medium
Description:
It was discovered that wpa_supplicant did not properly handle P2P
(Wi-Fi Direct) provision discovery requests in some situations. A
physically proximate attacker could use this to cause a denial of service
or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27803
Title: USN-4754-4: Python 2.7 vulnerability
URL: https://ubuntu.com/security/notices/USN-4754-4
Priorities: medium
Description:
USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a
subsequent update removed the fix for CVE-2021-3177. This update reinstates
the security fix for CVE-2021-3177.
We apologize for the inconvenience.
Original advisory details:
It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code
or cause a denial of service. (CVE-2020-27619, CVE-2021-3177)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3177
621.109
Available in VMware Tanzu Network
Release Date: March 05, 2021
Fixes Issues:
GCP rsyslog behavior is fixed - cf ssh and rsyslog should be working as expected
Important Notice:
As of this release, on all IAASs, rsyslog will not start until /var/log is mounted. When used with a Bosh Agent, /var/log will automatically be mounted, and no further action is required.
If you use this stemcell without a Bosh Agent and do not mount /var/log, then you need to do one of these two actions:
* Remove the ExecStartPre= line from /etc/systemd/system/rsyslog.service
* Blank out the contents of /usr/local/bin/wait_for_var_log_to_be_mounted
Either action will cause rsyslog to no longer wait for /var/log to be mounted before starting.
Metadata:
BOSH Agent Version: 2.268.19
USNs:
Title: USN-4754-1: Python vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4754-1
Priorities: medium,low
Description:
It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code
or cause a denial of service. (CVE-2020-27619, CVE-2021-3177)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3177
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27619
621.108
Available in VMware Tanzu Network
Release Date: March 01, 2021
Known Issues:
This version of the stemcell has the following issues when used on GCP:
* Attempts to use cf ssh timeout.
* The iptables-logger job fails to deploy
This is because rsyslog is started before /var/log is mounted. This causes it to log to the root filesystem rather than the mounted persistent disk.
This issue is fixed in stemcell version 621.109.
Metadata:
BOSH Agent Version: 2.268.19
USNs:
Title: USN-4741-1: Jackson vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4741-1
Priorities: medium
Description:
It was discovered that Jackson Databind incorrectly handled
deserialization. An attacker could possibly use this issue to execute
arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15095
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7525
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-10172
Title: USN-4749-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4749-1
Priorities: medium,low
Description:
Bodong Zhao discovered a use-after-free in the Sun keyboard driver
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
(CVE-2020-25669)
It was discovered that the jfs file system implementation in the Linux
kernel contained an out-of-bounds read vulnerability. A local attacker
could use this to possibly cause a denial of service (system crash).
(CVE-2020-27815)
Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in
the Linux kernel did not correctly handle setting line discipline in some
situations. A local attacker could use this to cause a denial of service
(system crash). (CVE-2020-27830, CVE-2020-28941)
It was discovered that the memory management subsystem in the Linux kernel
did not properly handle copy-on-write operations in some situations. A
local attacker could possibly use this to gain unintended write access to
read-only memory pages. (CVE-2020-29374)
Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event
processing backend in the Linux kernel did not properly limit the number of
events queued. An attacker in a guest VM could use this to cause a denial
of service in the host OS. (CVE-2020-29568)
Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the
Xen paravirt block backend in the Linux kernel, leading to a use-after-free
vulnerability. An attacker in a guest VM could use this to cause a denial
of service in the host OS. (CVE-2020-29569)
Jann Horn discovered that the tty subsystem of the Linux kernel did not use
consistent locking in some situations, leading to a read-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information (kernel memory).
(CVE-2020-29660)
Jann Horn discovered a race condition in the tty subsystem of the Linux
kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after-
free vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2020-29661)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27815
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29660
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27830
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29568
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29374
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29569
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29661
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25669
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28941
Title: USN-4748-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4748-1
Priorities: medium,low
Description:
It was discovered that the jfs file system implementation in the Linux
kernel contained an out-of-bounds read vulnerability. A local attacker
could use this to possibly cause a denial of service (system crash).
(CVE-2020-27815)
It was discovered that the memory management subsystem in the Linux kernel
did not properly handle copy-on-write operations in some situations. A
local attacker could possibly use this to gain unintended write access to
read-only memory pages. (CVE-2020-29374)
Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event
processing backend in the Linux kernel did not properly limit the number of
events queued. An attacker in a guest VM could use this to cause a denial
of service in the host OS. (CVE-2020-29568)
Jann Horn discovered that the tty subsystem of the Linux kernel did not use
consistent locking in some situations, leading to a read-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information (kernel memory).
(CVE-2020-29660)
Jann Horn discovered a race condition in the tty subsystem of the Linux
kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after-
free vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2020-29661)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29660
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29374
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29661
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29568
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27815
Title: USN-4747-1: GNU Screen vulnerability
URL: https://ubuntu.com/security/notices/USN-4747-1
Priorities: medium
Description:
Felix Weinmann discovered that GNU Screen incorrectly handled certain
character sequences. A remote attacker could use this issue to cause GNU
Screen to crash, resulting in a denial of service, or possibly execute
arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-26937
Title: USN-4746-1: xterm vulnerability
URL: https://ubuntu.com/security/notices/USN-4746-1
Priorities: medium
Description:
Tavis Ormandy discovered that xterm incorrectly handled certain character
sequences. A remote attacker could use this issue to cause xterm to crash,
resulting in a denial of service, or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27135
Known Issues: When used on GCP, rsyslog is started before /var/log is mounted. This causes it to log to the root filesystem rather than the mounted persistent disk.
621.107
Available in VMware Tanzu Network
Release Date: February 24, 2021
Known Issues:
This version of the stemcell has the following issues when used on GCP:
* Attempts to use cf ssh timeout.
* The iptables-logger job fails to deploy
This is because rsyslog is started before /var/log is mounted. This causes it to log to the root filesystem rather than the mounted persistent disk.
This issue is fixed in stemcell version 621.109.
Metadata:
BOSH Agent Version: 2.268.19
USNs:
Title: USN-4728-1: snapd vulnerability
URL: https://ubuntu.com/security/notices/USN-4728-1
Priorities: high
Description:
Gilad Reti discovered that snapd did not correctly specify cgroup
delegation when generating systemd service units for various container
management snaps. This could allow a local attacker to escalate privileges
via access to arbitrary devices of the container host from within a
compromised or malicious container.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27352
Title: USN-4718-1: fastd vulnerability
URL: https://ubuntu.com/security/notices/USN-4718-1
Priorities: medium
Description:
It was discovered that fastd incorrectly handled certain packets.
An attacker could possibly use this issue to cause a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27638
Title: USN-4729-1: Open vSwitch vulnerability
URL: https://ubuntu.com/security/notices/USN-4729-1
Priorities: medium
Description:
Joakim Hindersson discovered that Open vSwitch incorrectly parsed certain
network packets. A remote attacker could use this issue to cause a denial
of service, or possibly alter packet classification.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-35498
Title: USN-4724-1: OpenLDAP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4724-1
Priorities: medium
Description:
It was discovered that OpenLDAP incorrectly handled Certificate Exact
Assertion processing. A remote attacker could possibly use this issue to
cause OpenLDAP to crash, resulting in a denial of service. (CVE-2020-36221)
It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing.
A remote attacker could use this issue to cause OpenLDAP to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2020-36222, CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
It was discovered that OpenLDAP incorrectly handled Return Filter control
handling. A remote attacker could use this issue to cause OpenLDAP to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2020-36223)
It was discovered that OpenLDAP incorrectly handled certain cancel
operations. A remote attacker could possibly use this issue to cause
OpenLDAP to crash, resulting in a denial of service. (CVE-2020-36227)
It was discovered that OpenLDAP incorrectly handled Certificate List
Extract Assertion processing. A remote attacker could possibly use this
issue to cause OpenLDAP to crash, resulting in a denial of service.
(CVE-2020-36228)
It was discovered that OpenLDAP incorrectly handled X.509 DN parsing. A
remote attacker could possibly use this issue to cause OpenLDAP to crash,
resulting in a denial of service. (CVE-2020-36229, CVE-2020-36230)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36223
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36226
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36227
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36230
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36221
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36229
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36224
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36225
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36228
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36222
Title: USN-4737-1: Bind vulnerability
URL: https://ubuntu.com/security/notices/USN-4737-1
Priorities: medium
Description:
It was discovered that Bind incorrectly handled GSSAPI security policy
negotiation. A remote attacker could use this issue to cause Bind to crash,
resulting in a denial of service, or possibly execute arbitrary code. In
the default installation, attackers would be isolated by the Bind AppArmor
profile.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8625
Title: USN-4734-1: wpa_supplicant and hostapd vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4734-1
Priorities: high,medium
Description:
It was discovered that wpa_supplicant did not properly handle P2P
(Wi-Fi Direct) group information in some situations, leading to a
heap overflow. A physically proximate attacker could use this to cause a
denial of service or possibly execute arbitrary code. (CVE-2021-0326)
It was discovered that hostapd did not properly handle UPnP subscribe
messages in some circumstances. An attacker could use this to cause a
denial of service. (CVE-2020-12695)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-0326
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12695
Title: USN-4720-1: Apport vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4720-1
Priorities: medium
Description:
Itai Greenhut discovered that Apport incorrectly parsed certain files in
the /proc filesystem. A local attacker could use this issue to escalate
privileges and run arbitrary code. (CVE-2021-25682, CVE-2021-25683)
Itai Greenhut discovered that Apport incorrectly handled opening certain
special files. A local attacker could possibly use this issue to cause
Apport to hang, resulting in a denial of service. (CVE-2021-25684)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25683
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25682
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25684
Known Issues: When used on GCP, rsyslog is started before /var/log is mounted. This causes it to log to the root filesystem rather than the mounted persistent disk.
621.101
Available in VMware Tanzu Network
Release Date: February 03, 2021
Metadata:
BOSH Agent Version: 2.268.17
USNs:
Title: USN-4702-1: Pound vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4702-1
Priorities: medium
Description:
It was discovered that Pound incorrectly handled certain HTTP requests
A remote attacker could use it to retrieve some sensitive
information. (CVE-2016-10711, CVE-2018-21245)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-21245
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-10711
Title: USN-4708-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4708-1
Priorities: medium,low
Description:
Wen Xu discovered that the XFS filesystem implementation in the Linux
kernel did not properly track inode validations. An attacker could use this
to construct a malicious XFS image that, when mounted, could cause a denial
of service (system crash). (CVE-2018-13093)
It was discovered that the btrfs file system implementation in the Linux
kernel did not properly validate file system metadata in some situations.
An attacker could use this to construct a malicious btrfs image that, when
mounted, could cause a denial of service (system crash). (CVE-2019-19813,
CVE-2019-19816)
Bodong Zhao discovered a use-after-free in the Sun keyboard driver
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
(CVE-2020-25669)
Daniel Axtens discovered that PowerPC RTAS implementation in the Linux
kernel did not properly restrict memory accesses in some situations. A
privileged local attacker could use this to arbitrarily modify kernel
memory, potentially bypassing kernel lockdown restrictions.
(CVE-2020-27777)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27777
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-13093
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19816
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25669
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19813
Title: USN-4709-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4709-1
Priorities: high,low
Description:
It was discovered that the LIO SCSI target implementation in the Linux
kernel performed insufficient identifier checking in certain XCOPY
requests. An attacker with access to at least one LUN in a multiple
backstore environment could use this to expose sensitive information or
modify data. (CVE-2020-28374)
Wen Xu discovered that the XFS filesystem implementation in the Linux
kernel did not properly track inode validations. An attacker could use this
to construct a malicious XFS image that, when mounted, could cause a denial
of service (system crash). (CVE-2018-13093)
It was discovered that the btrfs file system implementation in the Linux
kernel did not properly validate file system metadata in some situations.
An attacker could use this to construct a malicious btrfs image that, when
mounted, could cause a denial of service (system crash). (CVE-2019-19813,
CVE-2019-19816)
Bodong Zhao discovered a use-after-free in the Sun keyboard driver
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
(CVE-2020-25669)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28374
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19816
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25669
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19813
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-13093
Title: USN-4711-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4711-1
Priorities: high,medium
Description:
It was discovered that the LIO SCSI target implementation in the Linux
kernel performed insufficient identifier checking in certain XCOPY
requests. An attacker with access to at least one LUN in a multiple
backstore environment could use this to expose sensitive information or
modify data. (CVE-2020-28374)
Kiyin (尹亮) discovered that the perf subsystem in the Linux kernel did
not properly deallocate memory in some situations. A privileged attacker
could use this to cause a denial of service (kernel memory exhaustion).
(CVE-2020-25704)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28374
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25704
Title: USN-4716-1: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4716-1
Priorities: medium
Description:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 8.0.23 in Ubuntu 20.04 LTS and Ubuntu 20.10.
Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.33.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-33.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-23.html
https://www.oracle.com/security-alerts/cpujan2021.html
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2088
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2076
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2022
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2061
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2081
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2065
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2070
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2002
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2072
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2122
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2046
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2048
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2038
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2031
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2056
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2087
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2010
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2036
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2060
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2021
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2024
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2014
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2032
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2058
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2011
Title: USN-4717-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4717-1
Priorities: medium
Description:
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information, conduct clickjacking attacks, or execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23954
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23964
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23958
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23960
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23963
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23955
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23961
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23962
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23953
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23956
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23965
Title: USN-4703-1: Mutt vulnerability
URL: https://ubuntu.com/security/notices/USN-4703-1
Priorities: medium
Description:
It was discovered that Mutt incorrectly handled certain email messages.
An attacker could possibly use this issue to cause a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3181
Title: USN-4715-1: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-4715-1
Priorities: medium
Description:
Wang Baohua discovered that Django incorrectly extracted archive files. A
remote attacker could possibly use this issue to extract files outside of
their expected location.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3281
621.99
Available in VMware Tanzu Network
Release Date: January 27, 2021
Metadata:
BOSH Agent Version: 2.268.16
USNs:
USN: 4705-1
URL: https://ubuntu.com/security/notices/USN-4705-1
USN: 4704-1
URL: https://ubuntu.com/security/notices/USN-4704-1
USN: 4703-1
URL: https://ubuntu.com/security/notices/USN-4703-1
USN: 4702-1
URL: https://ubuntu.com/security/notices/USN-4702-1
USN: 4700-1
URL: https://ubuntu.com/security/notices/USN-4700-1
USN: 4699-1
URL: https://ubuntu.com/security/notices/USN-4699-1
USN: 4698-1
URL: https://ubuntu.com/security/notices/USN-4698-1
USN: 4697-1
URL: https://ubuntu.com/security/notices/USN-4697-1
USN: 4696-1
URL: https://ubuntu.com/security/notices/USN-4696-1
USN: 4695-1
URL: https://ubuntu.com/security/notices/USN-4695-1
USN: 4694-1
URL: https://ubuntu.com/security/notices/USN-4694-1
621.97
Available in VMware Tanzu Network
Release Date: January 15, 2021
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4688-1: JasPer vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4688-1
Priorities: negligible,low,medium
Description:
It was discovered that Jasper incorrectly certain files.
An attacker could possibly use this issue to cause a crash.
(CVE-2018-18873)
It was discovered that Jasper incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2018-19542)
It was discovered that Jasper incorrectly handled certain JPC encoders.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-27828)
It was discovered that Jasper incorrectly handled certain images.
An attacker could possibly use this issue to expose sensitive information
or cause a crash.
(CVE-2017-9782)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9782
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18873
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-19542
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27828
Title: USN-4672-1: unzip vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4672-1
Priorities: low,negligible
Description:
Rene Freingruber discovered that unzip incorrectly handled certain
specially crafted password protected ZIP archives. If a user or automated
system using unzip were tricked into opening a specially crafted zip file,
an attacker could exploit this to cause a crash, resulting in a denial of
service. (CVE-2018-1000035)
Antonio Carista discovered that unzip incorrectly handled certain
specially crafted ZIP archives. If a user or automated system using unzip
were tricked into opening a specially crafted zip file, an attacker could
exploit this to cause a crash, resulting in a denial of service. This
issue only affected Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
(CVE-2018-18384)
It was discovered that unzip incorrectly handled certain specially crafted
ZIP archives. If a user or automated system using unzip were tricked into
opening a specially crafted zip file, an attacker could exploit this to
cause resource consumption, resulting in a denial of service.
(CVE-2019-13232)
Martin Carpenter discovered that unzip incorrectly handled certain
specially crafted ZIP archives. If a user or automated system using unzip
were tricked into opening a specially crafted zip file, an attacker could
exploit this to cause a crash, resulting in a denial of service. This
issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04
LTS. (CVE-2014-9913)
Alexis Vanden Eijnde discovered that unzip incorrectly handled certain
specially crafted ZIP archives. If a user or automated system using unzip
were tricked into opening a specially crafted zip file, an attacker could
exploit this to cause a crash, resulting in a denial of service. This
issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04
LTS. (CVE-2016-9844)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-1000035
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18384
- https://people.canonical.com/~ubuntu-security/cve/CVE-2014-9913
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9844
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13232
Title: USN-4684-1: EDK II vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4684-1
Priorities: low
Description:
Laszlo Ersek discovered that EDK II incorrectly validated certain signed
images. An attacker could possibly use this issue with a specially crafted
image to cause EDK II to hang, resulting in a denial of service. This issue
only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.
(CVE-2019-14562)
It was discovered that EDK II incorrectly parsed signed PKCS #7 data. An
attacker could use this issue to cause EDK II to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2019-14584)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14584
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14562
Title: USN-4670-1: ImageMagick vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4670-1
Priorities: low,negligible
Description:
It was discovered that ImageMagick incorrectly handled certain specially
crafted image files. If a user or automated system using ImageMagick were
tricked into opening a specially crafted image, an attacker could exploit
this to cause a denial of service or other unspecified impact. This issue
only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.10.
(CVE-2019-19948, CVE-2019-19949)
It was discovered that ImageMagick incorrectly handled certain specially
crafted image files. If a user or automated system using ImageMagick were
tricked into opening a specially crafted image, an attacker could exploit
this to cause a denial of service. (CVE-2020-27560)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19949
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27560
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19948
Title: USN-4680-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4680-1
Priorities: low,medium
Description:
It was discovered that debugfs in the Linux kernel as used by blktrace
contained a use-after-free in some situations. A privileged local attacker
could possibly use this to cause a denial of service (system crash).
(CVE-2019-19770)
It was discovered that a race condition existed in the binder IPC
implementation in the Linux kernel, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2020-0423)
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered
that legacy pairing and secure-connections pairing authentication in the
Bluetooth protocol could allow an unauthenticated user to complete
authentication without pairing credentials via adjacent access. A
physically proximate attacker could use this to impersonate a previously
paired Bluetooth device. (CVE-2020-10135)
It was discovered that the console keyboard driver in the Linux kernel
contained a race condition. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2020-25656)
Minh Yuan discovered that the tty driver in the Linux kernel contained race
conditions when handling fonts. A local attacker could possibly use this to
expose sensitive information (kernel memory). (CVE-2020-25668)
Keyu Man discovered that the ICMP global rate limiter in the Linux kernel
could be used to assist in scanning open UDP ports. A remote attacker could
use to facilitate attacks on UDP based services that depend on source port
randomization. (CVE-2020-25705)
Jinoh Kang discovered that the Xen event channel infrastructure in the
Linux kernel contained a race condition. An attacker in guest could
possibly use this to cause a denial of service (dom0 crash).
(CVE-2020-27675)
Daniel Axtens discovered that PowerPC RTAS implementation in the Linux
kernel did not properly restrict memory accesses in some situations. A
privileged local attacker could use this to arbitrarily modify kernel
memory, potentially bypassing kernel lockdown restrictions.
(CVE-2020-27777)
Minh Yuan discovered that the framebuffer console driver in the Linux
kernel did not properly handle fonts in some conditions. A local attacker
could use this to cause a denial of service (system crash) or possibly
expose sensitive information (kernel memory). (CVE-2020-28974)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-0423
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28974
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25656
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10135
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27675
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27777
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25705
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19770
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25668
Title: USN-4687-1: Firefox vulnerability
URL: https://ubuntu.com/security/notices/USN-4687-1
Priorities: medium
Description:
A use-after-free was discovered in Firefox when handling SCTP packets.
An attacker could potentially exploit this to cause a denial of service,
or execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-16044
Title: USN-4674-1: Dovecot vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4674-1
Priorities: medium
Description:
It was discovered that Dovecot incorrectly handled certain imap hibernation
commands. A remote authenticated attacker could possibly use this issue to
access other users’ email. This issue only affected Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2020-24386)
Innokentii Sennovskiy discovered that Dovecot incorrectly handled MIME
parsing. A remote attacker could possibly use this issue to cause Dovecot
to crash, resulting in a denial of service. (CVE-2020-25275)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24386
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25275
Title: USN-4681-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4681-1
Priorities: medium,low
Description:
Ryan Hall discovered that the Intel 700 Series Ethernet Controllers driver
in the Linux kernel did not properly deallocate memory in some conditions.
A local attacker could use this to cause a denial of service (kernel memory
exhaustion). (CVE-2019-0148)
It was discovered that the console keyboard driver in the Linux kernel
contained a race condition. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2020-25656)
Minh Yuan discovered that the tty driver in the Linux kernel contained race
conditions when handling fonts. A local attacker could possibly use this to
expose sensitive information (kernel memory). (CVE-2020-25668)
Jinoh Kang discovered that the Xen event channel infrastructure in the
Linux kernel contained a race condition. An attacker in guest could
possibly use this to cause a denial of service (dom0 crash).
(CVE-2020-27675)
Minh Yuan discovered that the framebuffer console driver in the Linux
kernel did not properly handle fonts in some conditions. A local attacker
could use this to cause a denial of service (system crash) or possibly
expose sensitive information (kernel memory). (CVE-2020-28974)
It was discovered that Power 9 processors could be coerced to expose
information from the L1 cache in certain situations. A local attacker could
use this to expose sensitive information. (CVE-2020-4788)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25668
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-4788
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-0148
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28974
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27675
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25656
Title: USN-4671-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4671-1
Priorities: medium,low
Description:
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information, bypass the CSS sanitizer, bypass security restrictions,
spoof the URL bar, or execute arbitrary code. (CVE-2020-16042,
CVE-2020-26971, CVE-2020-26972, CVE-2020-26793, CVE-2020-26974,
CVE-2020-26976, CVE-2020-26978, CVE-2020-26979,
CVE-2020-35113, CVE-2020-35114)
It was discovered that the proxy.onRequest API did not catch
view-source URLs. If a user were tricked in to installing an
extension with the proxy permission and opening View Source, an
attacker could potentially exploit this to obtain sensitive
information. (CVE-2020-35111)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26971
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26973
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26978
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26979
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-35111
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26972
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26976
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-35113
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-35114
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26974
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-16042
Title: USN-4666-2: lxml vulnerability
URL: https://ubuntu.com/security/notices/USN-4666-2
Priorities: medium
Description:
USN-4666-1 partially fixed a vulnerability in lxml, but an additional patch was needed. This update provides
the corresponding additional patch in order to properly fix the vulnerability.
Original advisory details:
It was discovered that lxml incorrectly handled certain HTML.
An attacker could possibly use this issue to cross-site scripting (XSS) attacks.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27783
Title: USN-4686-1: Ghostscript vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4686-1
Priorities: medium,low,negligible
Description:
It was discovered that Ghostscript incorrectly handled certain image
files. If a user or automated system were tricked into processing a
specially crafted file, a remote attacker could use this issue to cause
Ghostscript to crash, resulting in a denial of service, or possibly
execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27842
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27845
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27814
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27841
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6851
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27824
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27843
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8112
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-5727
Title: USN-4694-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-4694-1
Priorities: high
Description:
It was discovered that the LIO SCSI target implementation in the Linux
kernel performed insufficient identifier checking in certain XCOPY
requests. An attacker with access to at least one LUN in a multiple
backstore environment could use this to expose sensitive information or
modify data.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28374
621.95
Available in VMware Tanzu Network
Release Date: December 21, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4669-1: SquirrelMail vulnerability
URL: https://ubuntu.com/security/notices/USN-4669-1
Priorities: medium
Description:
It was discovered that a cross-site scripting (XSS) vulnerability in
SquirrelMail allows remote attackers to use malicious script content from
HTML e-mail to execute code and/or provoke a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12970
Title: USN-4657-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4657-1
Priorities: low,medium
Description:
Elena Petrova discovered that the pin controller device tree implementation
in the Linux kernel did not properly handle string references. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2020-0427)
Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered
that legacy pairing and secure-connections pairing authentication in the
Bluetooth protocol could allow an unauthenticated user to complete
authentication without pairing credentials via adjacent access. A
physically proximate attacker could use this to impersonate a previously
paired Bluetooth device. (CVE-2020-10135)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the Linux
kernel did not properly initialize memory in some situations. A physically
proximate remote attacker could use this to expose sensitive information
(kernel memory). (CVE-2020-12352)
It was discovered that a race condition existed in the perf subsystem of
the Linux kernel, leading to a use-after-free vulnerability. An attacker
with access to the perf subsystem could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2020-14351)
It was discovered that the frame buffer implementation in the Linux kernel
did not properly handle some edge cases in software scrollback. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-14390)
It was discovered that the netfilter connection tracker for netlink in the
Linux kernel did not properly perform bounds checking in some situations. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2020-25211)
It was discovered that the Rados block device (rbd) driver in the Linux
kernel did not properly perform privilege checks for access to rbd devices
in some situations. A local attacker could use this to map or unmap rbd
block devices. (CVE-2020-25284)
It was discovered that the HDLC PPP implementation in the Linux kernel did
not properly validate input in some situations. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2020-25643)
It was discovered that the GENEVE tunnel implementation in the Linux kernel
when combined with IPSec did not properly select IP routes in some
situations. An attacker could use this to expose sensitive information
(unencrypted network traffic). (CVE-2020-25645)
Keyu Man discovered that the ICMP global rate limiter in the Linux kernel
could be used to assist in scanning open UDP ports. A remote attacker could
use to facilitate attacks on UDP based services that depend on source port
randomization. (CVE-2020-25705)
It was discovered that the framebuffer implementation in the Linux kernel
did not properly perform range checks in certain situations. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2020-28915)
It was discovered that Power 9 processors could be coerced to expose
information from the L1 cache in certain situations. A local attacker could
use this to expose sensitive information. (CVE-2020-4788)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14351
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25284
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25211
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25705
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10135
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-0427
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25645
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28915
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-4788
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12352
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25643
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14390
Title: USN-4660-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4660-1
Priorities: low,medium
Description:
It was discovered that a race condition existed in the perf subsystem of
the Linux kernel, leading to a use-after-free vulnerability. An attacker
with access to the perf subsystem could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2020-14351)
It was discovered that the frame buffer implementation in the Linux kernel
did not properly handle some edge cases in software scrollback. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2020-14390)
It was discovered that the netfilter connection tracker for netlink in the
Linux kernel did not properly perform bounds checking in some situations. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2020-25211)
It was discovered that the Rados block device (rbd) driver in the Linux
kernel did not properly perform privilege checks for access to rbd devices
in some situations. A local attacker could use this to map or unmap rbd
block devices. (CVE-2020-25284)
It was discovered that a race condition existed in the hugetlb sysctl
implementation in the Linux kernel. A privileged attacker could use this to
cause a denial of service (system crash). (CVE-2020-25285)
It was discovered that the block layer subsystem in the Linux kernel did
not properly handle zero-length requests. A local attacker could use this
to cause a denial of service. (CVE-2020-25641)
It was discovered that the HDLC PPP implementation in the Linux kernel did
not properly validate input in some situations. A local attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2020-25643)
It was discovered that the GENEVE tunnel implementation in the Linux kernel
when combined with IPSec did not properly select IP routes in some
situations. An attacker could use this to expose sensitive information
(unencrypted network traffic). (CVE-2020-25645)
It was discovered that the framebuffer implementation in the Linux kernel
did not properly perform range checks in certain situations. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2020-28915)
It was discovered that Power 9 processors could be coerced to expose
information from the L1 cache in certain situations. A local attacker could
use this to expose sensitive information. (CVE-2020-4788)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14351
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25643
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25284
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25285
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25645
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28915
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-4788
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25211
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14390
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25641
Title: USN-4661-1: Snapcraft vulnerability
URL: https://ubuntu.com/security/notices/USN-4661-1
Priorities: medium
Description:
It was discovered that Snapcraft includes the current directory when
configuring LD_LIBRARY_PATH for application commands. If a user were
tricked into installing a malicious snap or downloading a malicious
library, under certain circumstances an attacker could exploit this to
affect strict mode snaps that have access to the library and when
launched from the directory containing the library.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27348
Title: USN-4664-1: Aptdaemon vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4664-1
Priorities: medium
Description:
Kevin Backhouse discovered that Aptdaemon incorrectly handled certain
properties. A local attacker could use this issue to test for the presence
of local files. (CVE-2020-16128)
Kevin Backhouse discovered that Aptdaemon incorrectly handled permission
checks. A local attacker could possibly use this issue to cause a denial of
service. (CVE-2020-27349)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27349
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-16128
Title: USN-4667-1: APT vulnerability
URL: https://ubuntu.com/security/notices/USN-4667-1
Priorities: medium
Description:
Kevin Backhouse discovered that APT incorrectly handled certain packages.
A local attacker could possibly use this issue to cause APT to crash or
stop responding, resulting in a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27350
Title: USN-4668-1: python-apt vulnerability
URL: https://ubuntu.com/security/notices/USN-4668-1
Priorities: medium
Description:
Kevin Backhouse discovered that python-apt incorrectly handled resources. A
local attacker could possibly use this issue to cause python-apt to consume
resources, leading to a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27351
Title: USN-4665-1: curl vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4665-1
Priorities: medium,low
Description:
Marc Aldorasi discovered that curl incorrectly handled the libcurl
CURLOPT_CONNECT_ONLY option. This could result in data being sent to the
wrong destination, possibly exposing sensitive information. This issue only
affected Ubuntu 20.10. (CVE-2020-8231)
Varnavas Papaioannou discovered that curl incorrectly handled FTP PASV
responses. An attacker could possibly use this issue to trick curl into
connecting to an arbitrary IP address and be used to perform port scanner
and other information gathering. (CVE-2020-8284)
It was discovered that curl incorrectly handled FTP wildcard matchins. A
remote attacker could possibly use this issue to cause curl to consume
resources and crash, resulting in a denial of service. (CVE-2020-8285)
It was discovered that curl incorrectly handled OCSP response verification.
A remote attacker could possibly use this issue to provide a fraudulent
OCSP response. (CVE-2020-8286)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8286
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8285
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8231
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8284
621.94
Available in VMware Tanzu Network
Release Date: December 08, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4652-1: SniffIt vulnerability
URL: https://ubuntu.com/security/notices/USN-4652-1
Priorities: medium
Description:
It was discovered that SniffIt incorrectly handled certain configuration
files. An attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2014-5439
Title: USN-4662-1: OpenSSL vulnerability
URL: https://ubuntu.com/security/notices/USN-4662-1
Priorities: high
Description:
David Benjamin discovered that OpenSSL incorrectly handled comparing
certificates containing a EDIPartyName name type. A remote attacker could
possibly use this issue to cause OpenSSL to crash, resulting in a denial of
service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-1971
621.93
Available in VMware Tanzu Network
Release Date: December 01, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
- [USN-4611-1] Samba vulnerabilities
- [USN-4605-2] Blueman update
- [USN-4614-1] GDM vulnerability
- [USN-4616-1] AccountsService vulnerabilities
- [USN-4613-1] python-cryptography vulnerability
- [USN-4615-1] Yerase’s TNEF vulnerabilities
- [USN-4617-1] SPICE vdagent vulnerabilities
- [USN-4616-2] AccountsService vulnerabilities
- [USN-4618-1] tmux vulnerability
- [USN-4619-1] dom4j vulnerability
- [USN-4599-3] Firefox regressions
- [USN-4620-1] phpLDAPadmin vulnerability
- [USN-4621-1] netqmail vulnerabilities
- [USN-4622-1] OpenLDAP vulnerability
- [USN-4623-1] Pacemaker vulnerability
- [USN-4624-1] libexif vulnerability
- [USN-4625-1] Firefox vulnerability
- [USN-4626-1] Linux kernel vulnerabilities
- [USN-4627-1] Linux kernel vulnerability
- [USN-4628-1] Intel Microcode vulnerabilities
- [USN-4629-1] MoinMoin vulnerabilities
- [USN-4630-1] Raptor vulnerability
- [USN-4622-2] OpenLDAP vulnerability
- [USN-4628-2] Intel Microcode regression
- [USN-4171-6] Apport regression
- [USN-4631-1] libmaxminddb vulnerability
- [USN-4632-1] SLiRP vulnerabilities
- [USN-4607-2] OpenJDK regressions
- [USN-4633-1] PostgreSQL vulnerabilities
- [USN-4634-1] OpenLDAP vulnerabilities
- [USN-4635-1] Kerberos vulnerability
- [USN-4636-1] LibVNCServer, Vino vulnerability
- [USN-4637-1] Firefox vulnerabilities
- [USN-4638-1] c-ares vulnerability
- [USN-4639-1] phpMyAdmin vulnerabilities
- [USN-4637-2] Firefox vulnerabilities
- [USN-4634-2] OpenLDAP vulnerabilities
- [USN-4640-1] PulseAudio vulnerability
- [USN-4641-1] libextractor vulnerabilities
- [USN-4642-1] PDFResurrect vulnerability
- [USN-4643-1] atftp vulnerabilities
- [USN-4644-1] igraph vulnerability
- [USN-4645-1] Mutt vulnerability
- [USN-4646-1] poppler vulnerabilities
- [USN-4647-1] Thunderbird vulnerabilities
- [USN-4648-1] WebKitGTK vulnerabilities
- [USN-4649-1] xdg-utils vulnerability
- [USN-4646-2] poppler regression
- [USN-4382-2] FreeRDP vulnerabilities
- [USN-4650-1] QEMU vulnerabilities
621.92
Available in VMware Tanzu Network
Release Date: November 16, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4587-1: iTALC vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4587-1
Priorities: medium,low
Description:
Nicolas Ruff discovered that iTALC had buffer overflows, divide-by-zero errors and didn’t check malloc return values. A remote attacker could use these issues to cause a denial of service or possibly execute arbitrary code. (CVE-2014-6051, CVE-2014-6052, CVE-2014-6053, CVE-2014-6054, CVE-2014-6055)
Josef Gajdusek discovered that iTALC had…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2014-6051
- https://people.canonical.com/~ubuntu-security/cve/CVE-2014-6052
- https://people.canonical.com/~ubuntu-security/cve/CVE-2014-6053
- https://people.canonical.com/~ubuntu-security/cve/CVE-2014-6054
- https://people.canonical.com/~ubuntu-security/cve/CVE-2014-6055
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9941
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9942
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-15127
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20019
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20020
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20021
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20022
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20023
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20024
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20748
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20749
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20750
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7225
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15681
Title: USN-4552-2: Pam-python vulnerability
URL: https://ubuntu.com/security/notices/USN-4552-2
Priorities: medium
Description:
Malte Kraus discovered that Pam-python mishandled certain environment variables. A local attacker could potentially use this vulnerability to execute programs as root.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16729
621.90
Available in VMware Tanzu Network
Release Date: October 23, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4593-1: FreeType vulnerability
URL: https://ubuntu.com/security/notices/USN-4593-1
Priorities: high
Description:
Sergei Glazunov discovered that FreeType did not correctly handle certain malformed font files. If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash or possibly execute arbitrary code with user privileges.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15999
621.89
Available in VMware Tanzu Network
Release Date: October 20, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4582-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4582-1
Priorities: low
Description:
It was discovered that Vim incorrectly handled permissions on the .swp file. A local attacker could possibly use this issue to obtain sensitive information. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-17087)
It was discovered that Vim incorrectly handled restricted mode. A local attacker could possibly use this issue to bypass restricted…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17087
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20807
Title: USN-4579-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4579-1
Priorities: low,medium,high
Description:
Hador Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-16119)
Wen Xu discovered that the XFS file system in the Linux kernel…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10322
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14314
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-16119
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25285
Title: USN-4591-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4591-1
Priorities: high,medium
Description:
Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-12351)
Andy Nguyen discovered that the Bluetooth A2MP implementation in the…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12351
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12352
Title: USN-4589-1: containerd vulnerability
URL: https://ubuntu.com/security/notices/USN-4589-1
Priorities: medium
Description:
It was discovered that containerd could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user’s registry credentials.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15157
Title: USN-4589-2: Docker vulnerability
URL: https://ubuntu.com/security/notices/USN-4589-2
Priorities: medium
Description:
USN-4589-1 fixed a vulnerability in containerd. This update provides the corresponding update for docker.io.
Original advisory details:
It was discovered that containerd could be made to expose sensitive information when processing URLs in container image manifests. A remote attacker could use this to trick the user and obtain the user’s…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15157
Title: USN-4581-1: Python vulnerability
URL: https://ubuntu.com/security/notices/USN-4581-1
Priorities: medium
Description:
It was discovered that Python incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26116
Title: USN-4584-1: HtmlUnit vulnerability
URL: https://ubuntu.com/security/notices/USN-4584-1
Priorities: medium
Description:
It was discovered that HtmlUnit incorrectly initialized Rhino engine. An Attacker could possibly use this issue to execute arbitrary Java code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-5529
Title: USN-4583-1: PHP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4583-1
Priorities: medium
Description:
It was discovered that PHP incorrectly handled certain encrypt ciphers. An attacker could possibly use this issue to decrease security or cause incorrect encryption data. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-7069)
It was discorevered that PHP incorrectly handled certain HTTP cookies. An attacker could…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-7069
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-7070
621.87
Available in VMware Tanzu Network
Release Date: October 14, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4573-1: Vino vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4573-1
Priorities: medium,low
Description:
Nicolas Ruff discovered that Vino incorrectly handled large ClientCutText messages. A remote attacker could use this issue to cause the server to crash, resulting in a denial of service. (CVE-2014-6053)
It was discovered that Vino incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2014-6053
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7225
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15681
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14397
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14402
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14403
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14404
Title: USN-4554-1: libPGF vulnerability
URL: https://ubuntu.com/security/notices/USN-4554-1
Priorities: medium
Description:
It was discovered that libPGF lacked proper validation when opening a specially crafted PGF file. An attacker could possibly use this issue to cause a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2015-6673
Title: USN-4557-1: Tomcat vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4557-1
Priorities: low,medium
Description:
It was discovered that the Tomcat realm implementations incorrectly handled passwords when a username didn’t exist. A remote attacker could possibly use this issue to enumerate usernames. (CVE-2016-0762)
Alvaro Munoz and Alexander Mirosh discovered that Tomcat incorrectly limited use of a certain utility method. A malicious application…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-0762
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-5018
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6794
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6796
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6797
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6816
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-8735
Title: USN-4578-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4578-1
Priorities: low,medium,high
Description:
Hador Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-16119)
Wen Xu discovered that the XFS file system in the Linux kernel…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10322
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19448
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14314
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-16119
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-16120
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25212
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26088
Title: USN-4547-2: SSVNC vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4547-2
Priorities: medium
Description:
It was discovered that the LibVNCClient vendored in SSVNC incorrectly handled certain packet lengths. A remote attacker could possibly use this issue to obtain sensitive information, cause a denial of service, or execute arbitrary code. (CVE-2018-20020, CVE-2018-20021, CVE-2018-20022, CVE-2018-2024)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20020
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20021
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20022
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20024
Title: USN-4571-1: rack-cors vulnerability
URL: https://ubuntu.com/security/notices/USN-4571-1
Priorities: medium
Description:
It was discovered that rack-cors did not properly handle relative file paths. An attacker could use this vulnerability to access arbitrary files.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18978
Title: USN-4572-1: Spice vulnerability
URL: https://ubuntu.com/security/notices/USN-4572-1
Priorities: medium
Description:
Frediano Ziglio discovered that Spice incorrectly handled QUIC image decoding. A remote attacker could use this to cause Spice to crash, resulting in a denial of service, or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14355
Title: USN-4559-1: Samba update
URL: https://ubuntu.com/security/notices/USN-4559-1
Priorities: medium
Description:
Tom Tervoort discovered that the Netlogon protocol implemented by Samba incorrectly handled the authentication scheme. A remote attacker could use this issue to forge an authentication token and steal the credentials of the domain admin.
While a previous security update fixed the issue by changing the “server schannel” setting to default to…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-1472
Title: USN-4551-1: Squid vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4551-1
Priorities: low,medium
Description:
Alex Rousskov and Amit Klein discovered that Squid incorrectly handled certain Content-Length headers. A remote attacker could possibly use this issue to perform an HTTP request smuggling attack, resulting in cache poisoning. (CVE-2020-15049)
Amit Klein discovered that Squid incorrectly validated certain data. A remote attacker could possibly use…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15049
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15810
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15811
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24606
Title: USN-4564-1: Apache Tika vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4564-1
Priorities: medium,low
Description:
It was discovered that Apache Tika can have an excessive memory usage by using a crafted or corrupt PSD file. An attacker could use it to cause a denial of service (crash). (CVE-2020-1950, CVE-2020-1951)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-1950
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-1951
Title: USN-4570-1: urllib3 vulnerability
URL: https://ubuntu.com/security/notices/USN-4570-1
Priorities: medium
Description:
It was discovered that urllib3 incorrectly handled certain character sequences. A remote attacker could possibly use this issue to perform CRLF injection.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26137
Title: USN-4568-1: Brotli vulnerability
URL: https://ubuntu.com/security/notices/USN-4568-1
Priorities: medium
Description:
It was discovered that Brotli incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8927
621.85
Available in VMware Tanzu Network
Release Date: September 28, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4500-1: bsdiff vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4500-1
Priorities: medium
Description:
It was discovered that bsdiff mishandled certain input. If a user were tricked into opening a malicious file, an attacker could cause bsdiff to crash or potentially execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2014-9862
Title: USN-4506-1: MCabber vulnerability
URL: https://ubuntu.com/security/notices/USN-4506-1
Priorities: medium
Description:
It was discovered that MCabber does not properly manage roster pushes. An attacker could possibly use this issue to remotely perform man-in-the-middle attacks. (CVE-2016-9928).
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9928
Title: USN-4513-1: apng2gif vulnerability
URL: https://ubuntu.com/security/notices/USN-4513-1
Priorities: medium
Description:
Dileep Kumar Jallepalli discovered that apng2gif incorrectly handled loading APNG files. An attacker could exploit this with a crafted APNG file to access sensitive information. (CVE-2017-6960)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6960
Title: USN-4517-1: Email-Address-List vulnerability
URL: https://ubuntu.com/security/notices/USN-4517-1
Priorities: medium
Description:
It was discovered that Email-Address-List does not properly parse email addresses during email-ingestion. A remote attacker could use this issue to cause an algorithmic complexity attack, resulting in a denial of service. (CVE-2018-18898)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18898
Title: USN-4507-1: ncmpc vulnerability
URL: https://ubuntu.com/security/notices/USN-4507-1
Priorities: medium
Description:
It was discovered that ncmpc incorrectly handled long chat messages. A remote attacker could possibly exploit this with a crafted chat message, causing ncmpc to crash, resulting in a denial of service. (CVE-2018-9240)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-9240
Title: USN-4499-1: MilkyTracker vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4499-1
Priorities: medium
Description:
It was discovered that MilkyTracker did not properly handle certain input. If a user were tricked into opening a malicious file, an attacker could cause MilkyTracker to crash or potentially execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14464
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14496
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14497
Title: USN-4504-1: OpenSSL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4504-1
Priorities: low
Description:
Robert Merget, Marcus Brinkmann, Nimrod Aviram, and Juraj Somorovsky discovered that certain Diffie-Hellman ciphersuites in the TLS specification and implemented by OpenSSL contained a flaw. A remote attacker could possibly use this issue to eavesdrop on encrypted communications. This was fixed in this update by removing the insecure ciphersuites…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1547
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1551
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1563
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-1968
Title: USN-4498-1: Loofah vulnerability
URL: https://ubuntu.com/security/notices/USN-4498-1
Priorities: medium
Description:
It was discovered that Loofah does not properly sanitize JavaScript in sanitized output. An attacker could possibly use this issue to perform XSS attacks. (CVE-2019-15587)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15587
Title: USN-4496-1: Apache XML-RPC vulnerability
URL: https://ubuntu.com/security/notices/USN-4496-1
Priorities: medium
Description:
It was discovered that Apache XML-RPC (aka ws-xmlrpc) does not properly deserialize untrusted data. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-17570)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17570
Title: USN-4526-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4526-1
Priorities: low,medium
Description:
It was discovered that the AMD Cryptographic Coprocessor device driver in the Linux kernel did not properly deallocate memory in some situations. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-18808)
It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18808
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19054
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19061
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19067
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19073
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19074
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9445
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12888
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14356
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-16166
Title: USN-4527-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4527-1
Priorities: low,medium
Description:
It was discovered that the Conexant 23885 TV card device driver for the Linux kernel did not properly deallocate memory in some error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19054)
It was discovered that the Atheros HTC based wireless driver in the Linux kernel did not properly…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19054
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19073
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19074
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20811
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9445
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9453
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-0067
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25212
Title: USN-4520-1: Exim SpamAssassin vulnerability
URL: https://ubuntu.com/security/notices/USN-4520-1
Priorities: medium
Description:
It was discovered that Exim SpamAssassin does not properly handle configuration strings. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-19920)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19920
Title: USN-4534-1: Perl DBI module vulnerability
URL: https://ubuntu.com/security/notices/USN-4534-1
Priorities: medium
Description:
It was discovered that Perl DBI module incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or expose sensitive information.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20919
Title: USN-4535-1: RDFLib vulnerability
URL: https://ubuntu.com/security/notices/USN-4535-1
Priorities: medium
Description:
Gabriel Corona discovered that RDFLib did not properly load modules on the command-line. An attacker could possibly use this issue to cause RDFLib to execute arbitrary code. (CVE-2019-7653)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-7653
Title: USN-4528-1: Ceph vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4528-1
Priorities: medium
Description:
Adam Mohammed discovered that Ceph incorrectly handled certain CORS ExposeHeader tags. A remote attacker could possibly use this issue to preform an HTTP header injection attack. (CVE-2020-10753)
Lei Cao discovered that Ceph incorrectly handled certain POST requests with invalid tagging XML. A remote attacker could possibly use this issue…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10753
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12059
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-1760
Title: USN-4518-1: xawtv vulnerability
URL: https://ubuntu.com/security/notices/USN-4518-1
Priorities: low
Description:
Matthias Gerstner discovered that xawtv incorrectly handled opening files. A local attacker could possibly use this issue to open and write to arbitrary files and escalate privileges. (CVE-2020-13696)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13696
Title: USN-4521-1: pam_tacplus vulnerability
URL: https://ubuntu.com/security/notices/USN-4521-1
Priorities: low
Description:
It was discovered that pam_tacplus did not properly manage shared secrets if DEBUG loglevel and journald are used. A remote attacker could use this issue to expose sensitive information.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13881
Title: USN-4511-1: QEMU vulnerability
URL: https://ubuntu.com/security/notices/USN-4511-1
Priorities: medium
Description:
Ziming Zhang, Xiao Wei, Gonglei Arei, and Yanyu Zhang discovered that QEMU incorrectly handled certain USB packets. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service, or possibly execute arbitrary code on the host. In the default installation, when QEMU is used with libvirt, attackers would…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14364
Title: USN-4503-1: Perl DBI module vulnerability
URL: https://ubuntu.com/security/notices/USN-4503-1
Priorities: medium
Description:
It was discovered that Perl DBI module incorrectly handled certain calls. An attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14392
Title: USN-4537-1: Aptdaemon vulnerability
URL: https://ubuntu.com/security/notices/USN-4537-1
Priorities: medium
Description:
Vaisha Bernard discovered that Aptdaemon incorrectly handled the Locale property. A local attacker could use this issue to test for the presence of local files.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15703
Title: USN-4519-1: PulseAudio vulnerability
URL: https://ubuntu.com/security/notices/USN-4519-1
Priorities: medium
Description:
Ratchanan Srirattanamet discovered that an Ubuntu-specific patch caused PulseAudio to incorrectly handle memory under certain error conditions in the Bluez 5 module. An attacker could use this issue to cause PulseAudio to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-15710)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15710
Title: USN-4501-1: LuaJIT vulnerability
URL: https://ubuntu.com/security/notices/USN-4501-1
Priorities: low
Description:
It was discovered that an out-of-bounds read existed in LuaJIT. An attacker could use this to cause a denial of service (application crash) or possibly expose sensitive information. (CVE-2020-15890)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15890
Title: USN-4538-1: PackageKit vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4538-1
Priorities: low,medium
Description:
Vaisha Bernard discovered that PackageKit incorrectly handled certain methods. A local attacker could use this issue to learn the MIME type of any file on the system. (CVE-2020-16121)
Sami Niemimäki discovered that PackageKit incorrectly handled local deb packages. A local user could possibly use this issue to install untrusted packages, contrary…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-16121
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-16122
Title: USN-4514-1: libproxy vulnerability
URL: https://ubuntu.com/security/notices/USN-4514-1
Priorities: medium
Description:
It was discovered that libproxy incorrectly handled certain PAC files. An attacker could possibly use this issue to cause a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25219
Title: USN-4508-1: StoreBackup vulnerability
URL: https://ubuntu.com/security/notices/USN-4508-1
Priorities: medium
Description:
It was discovered that StoreBackup did not properly manage lock files. A local attacker could use this issue to cause a denial of service or escalate privileges and run arbitrary code. (CVE-2020-7040)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-7040
Title: USN-4515-1: Pure-FTPd vulnerability
URL: https://ubuntu.com/security/notices/USN-4515-1
Priorities: low
Description:
Antonio Norales discovered that Pure-FTPd incorrectly handled directory aliases. An attacker could possibly use this issue to access sensitive information. (CVE-2020-9274)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-9274
621.84
Available in VMware Tanzu Network
Release Date: September 09, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4470-1: sane-backends vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4470-1
Priorities: low,medium
Description:
Kritphong Mongkhonvanit discovered that sane-backends incorrectly handled certain packets. A remote attacker could possibly use this issue to obtain sensitive memory information. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-6318)
It was discovered that sane-backends incorrectly handled certain memory operations. A remote attacker could…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6318
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12861
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12862
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12863
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12864
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12865
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12866
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12867
Title: USN-4485-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4485-1
Priorities: low,medium,negligible
Description:
Timothy Michaud discovered that the i915 graphics driver in the Linux kernel did not properly validate user memory locations for the i915_gem_execbuffer2_ioctl. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. (CVE-2018-20669)
It was discovered that the Kvaser CAN/USB driver in the Linux kernel…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20669
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19947
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20810
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10732
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10766
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10767
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10768
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10781
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12655
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12656
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12771
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13974
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15393
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24394
Title: USN-4476-1: NSS vulnerability
URL: https://ubuntu.com/security/notices/USN-4476-1
Priorities: medium
Description:
It was discovered that NSS incorrectly handled some inputs. An attacker could possibly use this issue to expose sensitive information.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12403
Title: USN-4490-1: X.Org X Server vulnerability
URL: https://ubuntu.com/security/notices/USN-4490-1
Priorities: medium
Description:
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSetNames function. A local attacker could possibly use this issue to escalate privileges.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14345
Title: USN-4489-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-4489-1
Priorities: high
Description:
Or Cohen discovered that the AF_PACKET implementation in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14386
Title: USN-4471-1: Net-SNMP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4471-1
Priorities: medium
Description:
Tobias Neitzel discovered that Net-SNMP incorrectly handled certain symlinks. An attacker could possibly use this issue to access sensitive information. (CVE-2020-15861)
It was discovered that Net-SNMP incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 14.04…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15861
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15862
Title: USN-4482-1: Ark vulnerability
URL: https://ubuntu.com/security/notices/USN-4482-1
Priorities: medium
Description:
Fabian Vogt discovered that Ark incorrectly handled symbolic links in tar archive files. An attacker could use this to construct a malicious tar archive that, when opened, would create files outside the extraction directory.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24654
621.82
Available in VMware Tanzu Network
Release Date: August 21, 2020
This release changes the way the Linux Google light stemcell works to reference a source image. It will lead to a decrease in the time it takes to upload the light stemcell. This change will also help mitigate the impact of the new GCP image creation rate limit which any user uploading more than 6 GCP stemcells an hour would hit.
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4459-1: Salt vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4459-1
Priorities: medium
Description:
It was discovered that Salt allows remote attackers to determine which files exist on the server. An attacker could use that to extract sensitive information. (CVE-2018-15750)
It was discovered that Salt has a vulnerability that allows an user to bypass authentication. An attacker could use that to extract sensitive information, execute abritrary…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-15750
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-15751
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17361
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11651
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11652
Title: USN-4463-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4463-1
Priorities: low
Description:
It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. (CVE-2020-12771)
Kyungtae Kim discovered that the USB testing driver in the Linux kernel did not properly deallocate memory on disconnect events. A…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12771
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15393
621.81
Available in VMware Tanzu Network
Release Date: August 19, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4427-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4427-1
Priorities: negligible,low,medium
Description:
It was discovered that the Kvaser CAN/USB driver in the Linux kernel did not properly initialize memory in certain situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-19947)
Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12380
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19947
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20810
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20908
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10732
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10766
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10767
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10768
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11935
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13974
Title: USN-4446-1: Squid vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4446-1
Priorities: medium
Description:
Jeriko One discovered that Squid incorrectly handled caching certain requests. A remote attacker could possibly use this issue to perform cache-injection attacks or gain access to reverse proxy features such as ESI. (CVE-2019-12520)
Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled certain URN requests. A remote…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12520
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12523
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12524
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18676
Title: USN-4426-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4426-1
Priorities: medium
Description:
Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading SSDT code from an EFI variable. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. (CVE-2019-20908)
Fan Yang discovered that the mremap implementation in the Linux…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20908
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10757
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11935
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15780
Title: USN-4432-1: GRUB 2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4432-1
Priorities: high,medium
Description:
Jesse Michael and Mickey Shkatov discovered that the configuration parser in GRUB2 did not properly exit when errors were discovered, resulting in heap-based buffer overflows. A local attacker could use this to execute arbitrary code and bypass UEFI Secure Boot restrictions. (CVE-2020-10713)
Chris Coulson discovered that the GRUB2 function…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10713
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14308
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14309
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14310
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14311
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15705
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15706
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15707
Title: USN-4449-1: Apport vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4449-1
Priorities: medium
Description:
Ryota Shiga discovered that Apport incorrectly dropped privileges when making certain D-Bus calls. A local attacker could use this issue to read arbitrary files. (CVE-2020-11936)
Seong-Joong Kim discovered that Apport incorrectly parsed configuration files. A local attacker could use this issue to cause Apport to crash, resulting in a denial of…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11936
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15701
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15702
Title: USN-4456-1: Dovecot vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4456-1
Priorities: medium
Description:
It was discovered that Dovecot incorrectly handled deeply nested MIME parts. A remote attacker could possibly use this issue to cause Dovecot to consume resources, resulting in a denial of service. (CVE-2020-12100)
It was discovered that Dovecot incorrectly handled memory when using NTLM. A remote attacker could possibly use this issue to cause…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12100
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12673
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12674
Title: USN-4455-1: NSS vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4455-1
Priorities: medium
Description:
It was discovered that NSS incorrectly handled certain signatures. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-12400, CVE-2020-12401, CVE-2020-6829)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12400
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12401
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6829
Title: USN-4448-1: Tomcat vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4448-1
Priorities: medium,low
Description:
It was discovered that Tomcat incorrectly validated the payload length in a WebSocket frame. A remote attacker could possibly use this issue to cause Tomcat to hang, resulting in a denial of service. (CVE-2020-13935)
It was discovered that Tomcat incorrectly handled HTTP header parsing. In certain environments where Tomcat is located behind a…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13935
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-1935
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-9484
Title: USN-4454-1: Samba vulnerability
URL: https://ubuntu.com/security/notices/USN-4454-1
Priorities: medium
Description:
Martin von Wittich and Wilko Meyer discovered that Samba incorrectly handled certain empty UDP packets when being used as a AD DC NBT server. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14303
Title: USN-4441-1: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4441-1
Priorities: medium
Description:
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.
MySQL has been updated to 8.0.21 in Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.31.
In addition to security fixes, the updated packages contain bug fixes, new features, and…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14539
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14540
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14547
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14550
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14553
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14559
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14568
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14575
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14576
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14586
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14591
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14597
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14619
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14620
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14623
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14624
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14631
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14632
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14633
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14634
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14641
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14643
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14651
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14654
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14656
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14663
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14678
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14680
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14697
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14702
Title: USN-4453-1: OpenJDK 8 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4453-1
Priorities: medium
Description:
Johannes Kuhn discovered that OpenJDK 8 incorrectly handled access control contexts. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-14556)
Philippe Arteau discovered that OpenJDK 8 incorrectly verified names in TLS server’s X.509 certificates. An attacker could possibly use this issue to obtain sensitive…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14556
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14577
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14578
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14579
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14581
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14583
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14593
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14621
Title: USN-4443-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4443-1
Priorities: medium,low
Description:
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass iframe sandbox restrictions, confuse the user, or execute arbitrary code. (CVE-2020-6463, CVE-2020-6514,…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15652
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15653
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15654
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15655
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15656
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15658
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15659
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6463
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6514
Title: USN-4451-1: ppp vulnerability
URL: https://ubuntu.com/security/notices/USN-4451-1
Priorities: medium
Description:
Thomas Chauchefoin working with Trend Micro´s Zero Day Initiative, discovered that ppp incorrectly handled module loading. A local attacker could use this issue to load arbitrary kernel modules and possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15704
Title: USN-4447-1: libssh vulnerability
URL: https://ubuntu.com/security/notices/USN-4447-1
Priorities: medium
Description:
It was discovered that libssh incorrectly handled certain requests. An attacker could possibly use this issue to cause a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-16135
621.78
Available in VMware Tanzu Network
Release Date: July 30, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4427-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4427-1
Priorities: low,medium,negligible
Description:
It was discovered that the Kvaser CAN/USB driver in the Linux kernel did not properly initialize memory in certain situations. A local attacker could possibly use this to expose sensitive information (kernel memory). (CVE-2019-19947)
Chuhong Yuan discovered that go7007 USB audio device driver in the Linux kernel did not properly deallocate memory…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12380
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19947
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20810
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20908
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10732
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10766
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10767
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10768
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11935
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13974
Title: USN-4426-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4426-1
Priorities: medium
Description:
Jason A. Donenfeld discovered that the ACPI implementation in the Linux kernel did not properly restrict loading SSDT code from an EFI variable. A privileged attacker could use this to bypass Secure Boot lockdown restrictions and execute arbitrary code in the kernel. (CVE-2019-20908)
Fan Yang discovered that the mremap implementation in the Linux…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20908
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10757
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11935
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15780
Title: USN-4436-1: librsvg vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4436-1
Priorities: low
Description:
It was discovered that librsvg incorrectly handled parsing certain SVG files. A remote attacker could possibly use this issue to cause librsvg to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-11464)
It was discovered that librsvg incorrectly handled parsing certain SVG files with nested patterns. A…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-11464
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20446
Title: USN-4435-1: ClamAV vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4435-1
Priorities: medium
Description:
It was discovered that ClamAV incorrectly handled parsing ARJ archives. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2020-3327)
It was discovered that ClamAV incorrectly handled scanning malicious files. A local attacker could possibly use this issue to delete arbitrary…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-3327
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-3350
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-3481
Title: USN-4434-1: LibVNCServer vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4434-1
Priorities: medium
Description:
Ramin Farajpour Cami discovered that LibVNCServer incorrectly handled certain malformed unix socket names. A remote attacker could exploit this with a crafted socket name, leading to a denial of service, or possibly execute arbitrary code. (CVE-2019-20839)
It was discovered that LibVNCServer did not properly access byte-aligned data. A remote…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20839
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20840
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14396
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14397
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14398
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14399
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14400
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14401
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14402
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14403
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14404
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14405
Title: USN-4431-1: FFmpeg vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4431-1
Priorities: low,medium
Description:
It was discovered that FFmpeg incorrectly verified empty audio packets or HEVC data. An attacker could possibly use this issue to cause a denial of service via a crafted file. This issue only affected Ubuntu 16.04 LTS, as it was already fixed in Ubuntu 18.04 LTS. For more information see: https://usn.ubuntu.com/usn/usn-3967-1 (CVE-2018-15822,…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-15822
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11338
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12730
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13312
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13390
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17539
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17542
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12284
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13904
Title: USN-4428-1: Python vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4428-1
Priorities: low,medium
Description:
It was discovered that Python documentation had a misleading information. A security issue could be possibly caused by wrong assumptions of this information. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-17514)
It was discovered that Python incorrectly handled certain TAR…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17514
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20907
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9674
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14422
Title: USN-4424-1: snapd vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4424-1
Priorities: medium
Description:
It was discovered that cloud-init as managed by snapd on Ubuntu Core 16 and Ubuntu Core 18 devices ran on every boot without restrictions. A physical attacker could exploit this to craft cloud-init user-data/meta-data via external media to perform arbitrary changes on the device to bypass intended security mechanisms such as full disk encryption….
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11933
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11934
Title: USN-4421-1: Thunderbird vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4421-1
Priorities: medium
Description:
Multiple security issues were discovered in Thunderbird. If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbtirary code. (CVE-2020-12405, CVE-2020-12406, CVE-2020-12410, CVE-2020-12417,…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12398
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12399
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12405
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12406
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12410
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12417
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12418
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12419
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12420
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12421
Title: USN-4419-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4419-1
Priorities: low,medium
Description:
It was discovered that a race condition existed in the Precision Time Protocol (PTP) implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could possibly use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2020-10690)
Matthew Sheets discovered that the SELinux…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10690
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10711
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12770
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13143
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8992
Title: USN-4414-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4414-1
Priorities: low,medium,negligible
Description:
It was discovered that the network block device (nbd) implementation in the Linux kernel did not properly check for error conditions in some situations. An attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16089)
It was discovered that the btrfs file system implementation in the Linux kernel did not properly…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12380
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16089
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19036
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19039
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19318
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19377
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19462
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19813
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19816
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10711
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12770
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13143
Title: USN-4416-1: GNU C Library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4416-1
Priorities: low,medium
Description:
Florian Weimer discovered that the GNU C Library incorrectly handled certain memory operations. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-12133)
It was discovered that the GNU C Library…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12133
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18269
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-11236
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-11237
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-19591
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-6485
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19126
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9169
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10029
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-1751
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-1752
Title: USN-4415-1: coTURN vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4415-1
Priorities: medium
Description:
Felix Dörre discovered that coTURN response buffer is not initialized properly. An attacker could possibly use this issue to obtain sensitive information. (CVE-2020-4067)
It was discovered that coTURN web server incorrectly handled HTTP POST requests. An attacker could possibly use this issue to cause a denial of service, obtain sensitive…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-4067
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6061
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6062
Title: USN-4408-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4408-1
Priorities: medium
Description:
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass permission prompts, or execute arbitrary code. (CVE-2020-12415, CVE-2020-12416, CVE-2020-12417,…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12415
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12416
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12417
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12418
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12419
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12420
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12421
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12422
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12424
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12425
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12426
Title: USN-4409-1: Samba vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4409-1
Priorities: medium
Description:
Andrew Bartlett discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-10730)
Douglas Bagnall discovered that Samba…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10730
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10745
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10760
Title: USN-4407-1: LibVNCServer vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4407-1
Priorities: low,medium
Description:
It was discovered that LibVNCServer incorrectly handled decompressing data. An attacker could possibly use this issue to cause LibVNCServer to crash, resulting in a denial of service. (CVE-2019-15680)
It was discovered that an information disclosure vulnerability existed in LibVNCServer when sending a ServerCutText message. An attacker could…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-18922
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15680
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15681
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15690
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20788
Title: USN-4403-1: Mutt vulnerability and regression
URL: https://ubuntu.com/security/notices/USN-4403-1
Priorities: medium
Description:
It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. (CVE-2020-14954)
This update also address a regression caused in the last update USN-4401-1. It only affected Ubuntu 12.04 ESM, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 19.10.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14954
Title: USN-4402-1: curl vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4402-1
Priorities: medium
Description:
Marek Szlagor, Gregory Jefferis and Jeroen Ooms discovered that curl incorrectly handled certain credentials. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-8169)
It was discovered that curl incorrectly handled certain parameters. An attacker could…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8169
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8177
621.77
Available in VMware Tanzu Network
Release Date: July 20, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4397-1: NSS vulnerabilities
URL: https://usn.ubuntu.com/4397-1/
Priorities: low,medium
Description:
It was discovered that NSS incorrectly handled the TLS State Machine. A remote attacker could possibly use this issue to cause NSS to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 19.10. (CVE-2019-17023)
Cesar Pereida Garcia discovered that NSS incorrectly handled DSA key generation. A local attacker…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17023
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12399
Title: USN-4400-1: nfs-utils vulnerability
URL: https://usn.ubuntu.com/4400-1/
Priorities: low
Description:
It was discovered that the nfs-utils package set incorrect permissions on the /var/lib/nfs directory. An attacker could possibly use this issue to escalate privileges.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-3689
Title: USN-4396-1: libexif vulnerabilities
URL: https://usn.ubuntu.com/4396-1/
Priorities: low,medium
Description:
It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2020-0093, CVE-2020-0182)
It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a remote denial of service. (CVE-2020-0198)
It was…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-0093
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-0182
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-0198
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13112
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13113
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13114
Title: USN-4395-1: fwupd vulnerability
URL: https://usn.ubuntu.com/4395-1/
Priorities: medium
Description:
Justin Steven discovered that fwupd incorrectly handled certain signature verification. An attacker could possibly use this issue to install an unsigned firmware.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10759
Title: USN-4398-1: DBus vulnerability
URL: https://usn.ubuntu.com/4398-1/
Priorities: medium
Description:
Kevin Backhouse discovered that DBus incorrectly handled file descriptors. A local attacker could possibly use this issue to cause DBus to crash, resulting in a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12049
Title: USN-4401-1: Mutt vulnerabilities
URL: https://usn.ubuntu.com/4401-1/
Priorities: medium,low
Description:
It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to enable MITM attacks. (CVE-2020-14093)
It was discovered that Mutt incorrectly handled certain requests. An attacker could possibly use this issue to proceeds with a connection even if the user rejects an expired intermediate…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14093
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-14154
621.76
Available in VMware Tanzu Network
Release Date: June 17, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4385-1: Intel Microcode vulnerabilities
URL: https://usn.ubuntu.com/4385-1/
Priorities: medium
Description:
It was discovered that memory contents previously stored in microarchitectural special registers after RDRAND, RDSEED, and SGX EGETKEY read operations on Intel client and Xeon E3 processors may be briefly exposed to processes on the same or different processor cores. A local attacker could use this to expose sensitive information….
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-0543
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-0548
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-0549
Title: LSN-0068-1: Kernel Live Patch Security Notice
URL: https://usn.ubuntu.com/lsn/0068-1/
Priorities: medium
Description:
Several security issues were fixed in the kernel.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-0543
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8647
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8648
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8649
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11494
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12114
Title: USN-4386-1: libjpeg-turbo vulnerability
URL: https://usn.ubuntu.com/4386-1/
Priorities: medium
Description:
It was discovered that libjpeg-turbo incorrectly handled certain PPM files. An attacker could possibly use this issue to access sensitive information.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13790
Known Issue:
If you use the NSX-T Container Plugin (NCP) tile v3.0.1 or earlier, do not upgrade to stemcell 621.76. 621.76 is not compatible with the NCP tile v3.0.1 and causes the openvswitch job to fail when you deploy. Please upgrade the NCP tile to 3.0.2 before updating to stemcell 621.76 or newer.
621.75
Available in VMware Tanzu Network
Release Date: June 09, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4358-1: libexif vulnerabilities
URL: https://usn.ubuntu.com/4358-1/
Priorities: low,medium
Description:
It was discovered that libexif incorrectly handled certain tags. An attacker could possibly use this issue to cause a denial of service. (CVE-2018-20030)
It was discovered that libexif incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash. (CVE-2020-12767)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20030
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12767
Title: USN-4351-1: Linux firmware vulnerability
URL: https://usn.ubuntu.com/4351-1/
Priorities: medium
Description:
Eli Biham and Lior Neumann discovered that certain Bluetooth devices incorrectly validated key exchange parameters. An attacker could possibly use this issue to obtain sensitive information.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-5383
Title: USN-4364-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4364-1/
Priorities: low,medium
Description:
It was discovered that the ADIS16400 IIO IMU Driver for the Linux kernel did not properly deallocate memory in certain error conditions. A local attacker could use this to cause a denial of service (memory exhaustion). (CVE-2019-19060)
It was discovered that the vhost net driver in the Linux kernel contained a stack buffer overflow. A local…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19060
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10942
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11494
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11565
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11608
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11609
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11668
Title: USN-4354-1: Mailman vulnerability
URL: https://usn.ubuntu.com/4354-1/
Priorities: medium
Description:
It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary content in the login page.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12108
Title: USN-4352-1: OpenLDAP vulnerability
URL: https://usn.ubuntu.com/4352-1/
Priorities: medium
Description:
It was discovered that OpenLDAP incorrectly handled certain queries. A remote attacker could possibly use this issue to cause OpenLDAP to consume resources, resulting in a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12243
Title: USN-4353-1: Firefox vulnerabilities
URL: https://usn.ubuntu.com/4353-1/
Priorities: medium
Description:
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the URL bar, or execute arbitrary code. (CVE-2020-6831, CVE-2020-12387, CVE-2020-12390, CVE-2020-12391, CVE-2020-12394,…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12387
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12390
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12391
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12392
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12394
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12395
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12396
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6831
Title: USN-4360-1: json-c vulnerability
URL: https://usn.ubuntu.com/4360-1/
Priorities: medium
Description:
It was discovered that json-c incorrectly handled certain JSON files. An attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12762
Title: USN-4350-1: MySQL vulnerabilities
URL: https://usn.ubuntu.com/4350-1/
Priorities: medium
Description:
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.
MySQL has been updated to 8.0.80 in Ubuntu 19.10 and Ubuntu 20.04 LTS. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.30.
In addition to security fixes, the updated packages contain bug fixes,…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2759
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2760
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2762
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2763
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2765
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2780
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2804
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2812
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2892
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2893
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2895
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2896
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2897
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2898
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2901
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2903
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2904
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2921
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2922
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2923
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2924
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2925
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2926
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2928
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2930
Title: USN-4359-1: APT vulnerability
URL: https://usn.ubuntu.com/4359-1/
Priorities: medium
Description:
It was discovered that APT incorrectly handled certain filenames during package installation. If an attacker could provide a specially crafted package to be installed by the system administrator, this could cause APT to crash.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-3810
Title: USN-4365-1: Bind vulnerabilities
URL: https://usn.ubuntu.com/4365-1/
Priorities: medium
Description:
Lior Shafir, Yehuda Afek, and Anat Bremler-Barr discovered that Bind incorrectly limited certain fetches. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service, or possibly use Bind to perform a reflection attack. (CVE-2020-8616)
Tobias Klein discovered that Bind incorrectly handled…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8616
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8617
Title: LSN-0066-1: Kernel Live Patch Security Notice
URL: https://usn.ubuntu.com/lsn/0066-1/
Priorities: medium
Description:
Several security issues were fixed in the Linux kernel.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8647
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8648
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8649
621.74
Available in VMware Tanzu Network
Release Date: May 12, 2020
Metadata:
BOSH Agent Version: 2.268.16
USNs:
Title: USN-4339-1: OpenEXR vulnerabilities
URL: https://usn.ubuntu.com/4339-1/
Priorities: low,medium
Description:
Brandon Perry discovered that OpenEXR incorrectly handled certain malformed EXR image files. If a user were tricked into opening a crafted EXR image file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. This issue only applied to Ubuntu 20.04 LTS. (CVE-2017-9111, CVE-2017-9113, CVE-2017-9115)
Tan Jie…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9111
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9113
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9115
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18444
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11758
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11759
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11760
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11761
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11762
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11763
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11764
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11765
Title: USN-4348-1: Mailman vulnerabilities
URL: https://usn.ubuntu.com/4348-1/
Priorities: low,medium
Description:
It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this to issue execute arbitrary scripts or HTML. (CVE-2018-0618)
It was discovered that Mailman incorrectly handled certain inputs. An attacker could possibly use this issue to display arbitrary text on a web page. (CVE-2018-13796)
It was discovered…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-0618
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-13796
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12137
Title: USN-4349-1: EDK II vulnerabilities
URL: https://usn.ubuntu.com/4349-1/
Priorities: medium,low
Description:
A buffer overflow was discovered in the network stack. An unprivileged user could potentially enable escalation of privilege and/or denial of service. This issue was already fixed in a previous release for 18.04 LTS and 19.10. (CVE-2018-12178)
A buffer overflow was discovered in BlockIo service. An unauthenticated user could potentially enable…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12178
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12180
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12181
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14558
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14559
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14563
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14575
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14586
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14587
Title: USN-4346-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4346-1/
Priorities: low,medium
Description:
It was discovered that the QLogic Fibre Channel driver in the Linux kernel did not properly check for error, leading to a NULL pointer dereference. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2019-16233)
It was discovered that the Intel Wi-Fi driver in the Linux kernel did not properly check for…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16233
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16234
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19768
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8648
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-9383
Title: USN-4345-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4345-1/
Priorities: low,medium,high
Description:
Al Viro discovered that the Linux kernel for s390x systems did not properly perform page table upgrades for kernel sections that use secondary address mode. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code. (CVE-2020-11884)
It was discovered that the Intel Wi-Fi driver in the Linux kernel did…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16234
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19768
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10942
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11608
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11609
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11668
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11884
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8648
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-9383
Title: USN-4340-1: CUPS vulnerabilities
URL: https://usn.ubuntu.com/4340-1/
Priorities: low,medium
Description:
It was discovered that CUPS incorrectly handled certain language values. A local attacker could possibly use this issue to cause CUPS to crash, leading to a denial of service, or possibly obtain sensitive information. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 19.10. (CVE-2019-2228)
Stephan Zeisberg discovered that…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2228
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-3898
Title: USN-4341-1: Samba vulnerabilities
URL: https://usn.ubuntu.com/4341-1/
Priorities: medium
Description:
Andrei Popa discovered that Samba incorrectly handled certain LDAP queries. A remote attacker could use this issue to cause Samba to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 19.10 and Ubuntu 20.04 LTS. (CVE-2020-10700)
It was discovered that Samba incorrectly handled certain LDAP…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10700
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10704
621.71
Available in VMware Tanzu Network
Release Date: April 23, 2020
Metadata:
BOSH Agent Version: 2.268.15
USNs:
Title: USN-4333-1: Python vulnerabilities
URL: https://usn.ubuntu.com/4333-1/
Priorities: medium,low
Description:
It was discovered that Python incorrectly stripped certain characters from requests. A remote attacker could use this issue to perform CRLF injection. (CVE-2019-18348)
It was discovered that Python incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service. (CVE-2020-8492)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18348
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8492
Title: USN-4334-1: Git vulnerability
URL: https://usn.ubuntu.com/4334-1/
Priorities: medium
Description:
Carlo Arenas discovered that Git incorrectly handled certain URLs containing newlines, empty hosts, or lacking a scheme. A remote attacker could possibly use this issue to trick Git into returning credential information for a wrong host.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11008
Title: USN-4332-1: File Roller vulnerability
URL: https://usn.ubuntu.com/4332-1/
Priorities: medium
Description:
It was discovered that File Roller incorrectly handled symlinks. An attacker could possibly use this issue to expose sensitive information.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-11736
621.69
Available in VMware Tanzu Network
Release Date: April 21, 2020
Metadata:
BOSH Agent Version: 2.268.15
USNs:
Title: USN-4326-1: libiberty vulnerabilities
URL: https://usn.ubuntu.com/4326-1/
Priorities: low,medium
Description:
It was discovered that libiberty incorrectly handled parsing certain binaries. If a user or automated system were tricked into processing a specially crafted binary, a remote attacker could use this issue to cause libiberty to crash, resulting in a denial of service, or possibly execute arbitrary code
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12641
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12697
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12698
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12934
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-17794
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-17985
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18483
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18484
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18700
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18701
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-9138
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14250
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9070
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9071
Title: USN-4323-1: Firefox vulnerabilities
URL: https://usn.ubuntu.com/4323-1/
Priorities: medium
Description:
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2020-6821, CVE-2020-6822, CVE-2020-6824, CVE-2020-6825, CVE-2020-6826)
It was discovered that…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6821
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6822
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6823
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6824
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6825
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6826
Title: USN-4320-1: Linux kernel vulnerability
URL: https://usn.ubuntu.com/4320-1/
Priorities: medium
Description:
Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory).
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8428
Title: USN-4318-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4318-1/
Priorities: medium,low
Description:
Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-8428)
Gustavo Romero and Paul Mackerras discovered that the KVM implementation in the Linux kernel for…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8428
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8834
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8992
Title: USN-4324-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4324-1/
Priorities: medium,low
Description:
Al Viro discovered that the vfs layer in the Linux kernel contained a use- after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2020-8428)
Shijie Luo discovered that the ext4 file system implementation in the Linux kernel did not…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8428
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8992
621.64
Available in VMware Tanzu Network
Release Date: April 06, 2020
Metadata:
BOSH Agent Version: 2.268.12
USNs:
Title: USN-4311-1: BlueZ vulnerabilities
URL: https://usn.ubuntu.com/4311-1/
Priorities: low,medium
Description:
It was discovered that BlueZ incorrectly handled bonding HID and HOGP devices. A local attacker could possibly use this issue to impersonate non-bonded devices. (CVE-2020-0556)
It was discovered that BlueZ incorrectly handled certain commands. A local attacker could use this issue to cause BlueZ to crash, resulting in a denial of service, or…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-7837
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-0556
Title: USN-4316-1: GD Graphics Library vulnerabilities
URL: https://usn.ubuntu.com/4316-1/
Priorities: low
Description:
It was discovered that GD Graphics Library incorrectly handled cloning an image. An attacker could possibly use this issue to cause GD Graphics Library to crash, resulting in a denial of service. (CVE-2018-14553)
It was discovered that GD Graphics Library incorrectly handled loading images from X bitmap format files. An attacker could possibly…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14553
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11038
Title: USN-4134-3: IBus vulnerability
URL: https://usn.ubuntu.com/4134-3/
Priorities: medium
Description:
USN-4134-1 fixed a vulnerability in IBus. The update caused a regression in some Qt applications and the fix was subsequently reverted in USN-4134-2. The regression has since been resolved and so this update fixes the original vulnerability.
We apologize for the inconvenience.
Original advisory details:
Simon McVittie discovered that IBus did…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14822
Title: USN-4314-1: pam-krb5 vulnerability
URL: https://usn.ubuntu.com/4314-1/
Priorities: medium
Description:
Russ Allbery discovered that pam-krb5 incorrectly handled some responses. An attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-10595
Title: USN-4317-1: Firefox vulnerabilities
URL: https://usn.ubuntu.com/4317-1/
Priorities: high
Description:
Two use-after-free bugs were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could exploit these to cause a denial of service or execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6819
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6820
Title: USN-4315-1: Apport vulnerabilities
URL: https://usn.ubuntu.com/4315-1/
Priorities: high,medium
Description:
Maximilien Bourgeteau discovered that the Apport lock file was created with insecure permissions. This could allow a local attacker to escalate their privileges via a symlink attack. (CVE-2020-8831)
Maximilien Bourgeteau discovered a race condition in Apport when setting crash report permissions. This could allow a local attacker to…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8831
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8833
621.61
Available in VMware Tanzu Network
Release Date: March 24, 2020
Metadata:
BOSH Agent Version: 2.268.12
USNs:
Title: USN-4298-1: SQLite vulnerabilities
URL: https://usn.ubuntu.com/4298-1/
Priorities: medium,low
Description:
It was discovered that SQLite incorrectly handled certain shadow tables. An attacker could use this issue to cause SQLite to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2019-13734, CVE-2019-13750, CVE-2019-13753)
It was discovered that SQLite incorrectly handled certain corrupt records. An attacker could use…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13734
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13750
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13751
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13752
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13753
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19880
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19923
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19924
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19925
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19926
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19959
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20218
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-9327
Title: USN-4299-1: Firefox vulnerabilities
URL: https://usn.ubuntu.com/4299-1/
Priorities: medium,low
Description:
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the URL or other browser chrome, obtain sensitive information, bypass Content Security Policy (CSP) protections, or execute arbitrary…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20503
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6805
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6806
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6807
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6808
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6809
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6810
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6811
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6812
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6813
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6814
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6815
Title: USN-4296-1: Django vulnerability
URL: https://usn.ubuntu.com/4296-1/
Priorities: medium
Description:
Norbert Szetei discovered that Django incorrectly handled the GIS functions and aggregates on Oracle. A remote attacker could possibly use this issue to perform an SQL injection attack.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-9402
621.59
Available in VMware Tanzu Network
Release Date: March 03, 2020
Metadata:
BOSH Agent Version: 2.268.12
USNs:
Title: USN-4279-2: PHP regression
URL: https://usn.ubuntu.com/4279-2/
Priorities: low
Description:
USN-4279-1 fixed vulnerabilities in PHP. The updated packages caused a regression. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that PHP incorrectly handled certain scripts. An attacker could possibly use this issue to cause a denial of service. This issue only affected…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2015-9253
Title: USN-4290-1: libpam-radius-auth vulnerability
URL: https://usn.ubuntu.com/4290-1/
Priorities: medium
Description:
It was discovered that libpam-radius-auth incorrectly handled certain long passwords. A remote attacker could possibly use this issue to cause libpam-radius-auth to crash, resulting in a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2015-9542
Title: USN-4292-1: rsync vulnerabilities
URL: https://usn.ubuntu.com/4292-1/
Priorities: low
Description:
It was discovered that rsync incorrectly handled pointer arithmetic in zlib. An attacker could use this issue to cause rsync to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-9840, CVE-2016-9841)
It was discovered that rsync incorrectly handled vectors involving left shifts of negative integers in zlib. An…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9840
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9841
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9842
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9843
Title: USN-4289-1: Squid vulnerabilities
URL: https://usn.ubuntu.com/4289-1/
Priorities: medium
Description:
Jeriko One discovered that Squid incorrectly handled memory when connected to an FTP server. A remote attacker could possibly use this issue to obtain sensitive information from Squid memory. (CVE-2019-12528)
Regis Leroy discovered that Squid incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to access…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12528
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8449
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8450
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8517
Title: USN-4293-1: libarchive vulnerabilities
URL: https://usn.ubuntu.com/4293-1/
Priorities: low,medium
Description:
It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to access sensitive information. (CVE-2019-19221)
It was discovered that libarchive incorrectly handled certain archive files. An attacker could possibly use this issue to cause a crash resulting in a denial of service or…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19221
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-9308
Title: USN-4278-2: Firefox vulnerabilities
URL: https://usn.ubuntu.com/4278-2/
Priorities: medium
Description:
USN-4278-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubuntu 16.04 LTS.
Original advisory details:
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, conduct…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6796
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6798
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6800
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6801
Title: USN-4288-1: ppp vulnerability
URL: https://usn.ubuntu.com/4288-1/
Priorities: medium
Description:
It was discovered that ppp incorrectly handled certain rhostname values. A remote attacker could use this issue to cause ppp to crash, resulting in a denial of service, or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8597
621.57
Available in VMware Tanzu Network
Release Date: February 19, 2020
Metadata:
BOSH Agent Version: 2.268.12
USNs:
Title: USN-4277-1: libexif vulnerabilities
URL: https://usn.ubuntu.com/4277-1/
Priorities: low,medium
Description:
Liu Bingchang discovered that libexif incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information or cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04 LTS. (CVE-2016-6328)
Lili Xu and Bingchang Liu discovered that libexif incorrectly handled…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6328
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7544
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9278
Title: USN-4275-1: Qt vulnerabilities
URL: https://usn.ubuntu.com/4275-1/
Priorities: low,medium
Description:
It was discovered that Qt incorrectly handled certain PPM images. If a user or automated system were tricked into opening a specially crafted PPM file, a remote attacker could cause Qt to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-19872)
It was discovered that Qt incorrectly…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-19872
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18281
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-0569
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-0570
Title: USN-4272-1: Pillow vulnerabilities
URL: https://usn.ubuntu.com/4272-1/
Priorities: low,medium
Description:
It was discovered that Pillow incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-16865, CVE-2019-19911)
It was discovered that Pillow incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code. (CVE-2020-5312)
It was discovered that…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16865
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19911
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-5310
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-5311
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-5312
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-5313
Title: USN-4273-1: ReportLab vulnerability
URL: https://usn.ubuntu.com/4273-1/
Priorities: medium
Description:
It was discovered that ReportLab incorrectly handled certain XML documents. If a user or automated system were tricked into processing a specially crafted document, a remote attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17626
Title: USN-4274-1: libxml2 vulnerabilities
URL: https://usn.ubuntu.com/4274-1/
Priorities: low,medium
Description:
It was discovered that libxml2 incorrectly handled certain XML files. An attacker could possibly use this issue to cause a denial of service. (CVE-2019-19956, CVE-2020-7595)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19956
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-7595
621.55
Available in VMware Tanzu Network
Release Date: February 06, 2020
Metadata:
BOSH Agent Version: 2.268.12
USNs:
Title: USN-4259-1: Apache Solr vulnerability
URL: https://usn.ubuntu.com/4259-1/
Priorities: high
Description:
Michael Stepankin and Olga Barinova discovered that Apache Solr was vulnerable to an XXE attack. An attacker could use this vulnerability to remotely execute code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12629
Title: USN-4252-1: tcpdump vulnerabilities
URL: https://usn.ubuntu.com/4252-1/
Priorities: low,medium
Description:
Multiple security issues were discovered in tcpdump. A remote attacker could use these issues to cause tcpdump to crash, resulting in a denial of service, or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16808
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10103
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10105
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14461
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14462
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14463
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14464
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14465
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14466
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14467
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14468
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14469
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14470
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14879
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14880
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14881
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14882
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-16227
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-16228
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-16229
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-16230
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-16300
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-16451
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-16452
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-19519
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1010220
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15166
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15167
Title: USN-4254-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4254-1/
Priorities: medium,negligible,low
Description:
It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors. A local attacker could use this to expose sensitive information. (CVE-2019-14615)
It was discovered that a race condition existed in the Virtual Video Test Driver in the Linux kernel. An attacker with write…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14615
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15291
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18683
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18885
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19057
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19062
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19063
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19227
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19332
Title: USN-4255-2: Linux kernel (HWE) vulnerabilities
URL: https://usn.ubuntu.com/4255-2/
Priorities: medium
Description:
USN-4255-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement (HWE) kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS.
It was discovered that the Linux kernel did not properly clear data structures on context switches for certain Intel graphics…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14615
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-7053
Title: USN-4263-1: Sudo vulnerability
URL: https://usn.ubuntu.com/4263-1/
Priorities: low
Description:
Joe Vennix discovered that Sudo incorrectly handled memory operations when the pwfeedback option is enabled. A local attacker could possibly use this issue to obtain unintended access to the administrator account.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18634
Title: USN-4256-1: Cyrus SASL vulnerability
URL: https://usn.ubuntu.com/4256-1/
Priorities: medium
Description:
It was discovered that Cyrus SASL incorrectly handled certain LDAP packets. An attacker could possibly use this issue to execute arbitrary code or cause a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19906
Title: USN-4265-1: SpamAssassin vulnerabilities
URL: https://usn.ubuntu.com/4265-1/
Priorities: medium
Description:
It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-crafted CF file, a remote attacker could possibly run arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-1930
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-1931
Title: USN-4250-1: MySQL vulnerabilities
URL: https://usn.ubuntu.com/4250-1/
Priorities: medium
Description:
Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues.
MySQL has been updated to 8.0.19 in Ubuntu 19.10. Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.29.
In addition to security fixes, the updated packages contain bug fixes, new features, and possibly…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2570
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2572
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2573
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2574
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2577
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2579
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2584
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2588
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2589
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2627
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2660
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2679
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2686
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2694
Title: USN-4257-1: OpenJDK vulnerabilities
URL: https://usn.ubuntu.com/4257-1/
Priorities: low,medium
Description:
It was discovered that OpenJDK incorrectly handled exceptions during deserialization in BeanContextSupport. An attacker could possibly use this issue to cause a denial of service or other unspecified impact. (CVE-2020-2583)
It was discovered that OpenJDK incorrectly validated properties of SASL messages included in Kerberos GSSAPI. An…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2583
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2590
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2593
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2601
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2604
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2654
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2655
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-2659
621.51
Available in VMware Tanzu Network
Release Date: January 24, 2020
Bug Fixes
* Addresses https://github.com/cloudfoundry/bosh/issues/2223 - prevent AWS from overriding search domains
Metadata:
BOSH Agent Version: 2.268.11
USNs:
Title: USN-4246-1: zlib vulnerabilities
URL: https://usn.ubuntu.com/4246-1/
Priorities: low
Description:
It was discovered that zlib incorrectly handled pointer arithmetic. An attacker could use this issue to cause zlib to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-9840, CVE-2016-9841)
It was discovered that zlib incorrectly handled vectors involving left shifts of negative integers. An attacker could use…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9840
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9841
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9842
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9843
Title: USN-4248-1: GraphicsMagick vulnerabilities
URL: https://usn.ubuntu.com/4248-1/
Priorities: medium
Description:
It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16545
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16547
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16669
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17498
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17500
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17501
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17502
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17503
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17782
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17783
Title: USN-4244-1: Samba vulnerabilities
URL: https://usn.ubuntu.com/4244-1/
Priorities: low,medium
Description:
It was discovered that Samba did not automatically replicate ACLs set to inherit down a subtree on AD Directory, contrary to expectations. This issue was only addressed in Ubuntu 18.04 LTS, Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-14902)
Robert Święcki discovered that Samba incorrectly handled certain character conversions when the log level is…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14902
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14907
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19344
Title: USN-4247-1: python-apt vulnerabilities
URL: https://usn.ubuntu.com/4247-1/
Priorities: medium
Description:
It was discovered that python-apt would still use MD5 hashes to validate certain downloaded packages. If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. (CVE-2019-15795)
It was discovered that python-apt could install packages from untrusted repositories, contrary…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15795
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15796
Title: USN-4249-1: e2fsprogs vulnerability
URL: https://usn.ubuntu.com/4249-1/
Priorities: medium
Description:
It was discovered that e2fsprogs incorrectly handled certain ext4 partitions. An attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-5188
Title: USN-4245-1: PySAML2 vulnerability
URL: https://usn.ubuntu.com/4245-1/
Priorities: medium
Description:
It was discovered that PySAML2 incorrectly handled certain SAML files. An attacker could possibly use this issue to bypass signature verification with arbitrary data.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-5390
621.50
Available in VMware Tanzu Network
Release Date: January 21, 2020
Metadata:
BOSH Agent Version: 2.268.10
USNs:
Title: USN-4232-1: GraphicsMagick vulnerabilities
URL: https://usn.ubuntu.com/4232-1/
Priorities: medium,low
Description:
It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14165
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14314
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14504
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14649
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14733
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14994
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14997
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15277
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15930
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16352
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16353
Title: USN-4237-1: SpamAssassin vulnerabilities
URL: https://usn.ubuntu.com/4237-1/
Priorities: medium
Description:
It was discovered that SpamAssassin incorrectly handled certain CF files. If a user or automated system were tricked into using a specially-crafted CF file, a remote attacker could possibly run arbitrary code. (CVE-2018-11805)
It was discovered that SpamAssassin incorrectly handled certain messages. A remote attacker could possibly use this issue…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-11805
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12420
Title: USN-4238-1: SDL_image vulnerabilities
URL: https://usn.ubuntu.com/4238-1/
Priorities: medium,low
Description:
It was discovered that SDL_image incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-3977
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12216
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12217
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12218
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12219
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12220
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12221
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12222
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13616
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-5051
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-5052
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-7635
Title: USN-4240-1: Kamailio vulnerability
URL: https://usn.ubuntu.com/4240-1/
Priorities: high
Description:
It was discovered that Kamailio can be exploited by using a specially crafted message that can cause a buffer overflow issue.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-8828
Title: USN-4239-1: PHP vulnerabilities
URL: https://usn.ubuntu.com/4239-1/
Priorities: low
Description:
It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 ESM, 16.04 LTS, 18.04 LTS, 19.04 and 19.10. (CVE-2019-11045)
It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11045
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11046
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11047
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11050
Title: USN-4236-2: Libgcrypt vulnerability
URL: https://usn.ubuntu.com/4236-2/
Priorities: medium
Description:
USN-4236-1 fixed a vulnerability in Libgcrypt. This update provides the corresponding fix for Ubuntu 16.04 LTS.
Original advisory details:
It was discovered that Libgcrypt was susceptible to a ECDSA timing attack. An attacker could possibly use this attack to recover sensitive information.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13627
Title: USN-4227-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4227-1/
Priorities: medium,low
Description:
It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901)
It was discovered that a heap-based buffer overflow existed in the…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14895
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14896
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14897
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14901
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16231
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16233
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18660
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19045
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19052
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19083
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19524
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19529
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19534
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19807
Title: USN-4228-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4228-1/
Priorities: medium,low
Description:
It was discovered that a heap-based buffer overflow existed in the Marvell WiFi-Ex Driver for the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-14895, CVE-2019-14901)
It was discovered that a heap-based buffer overflow existed in the…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14895
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14896
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14897
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14901
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18660
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19052
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19524
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19534
Title: USN-4230-1: ClamAV vulnerability
URL: https://usn.ubuntu.com/4230-1/
Priorities: medium
Description:
It was discovered that ClamAV incorrectly handled certain MIME messages. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15961
Title: USN-4231-1: NSS vulnerability
URL: https://usn.ubuntu.com/4231-1/
Priorities: medium
Description:
It was discovered that NSS incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17006
Title: USN-4234-1: Firefox vulnerabilities
URL: https://usn.ubuntu.com/4234-1/
Priorities: medium,low
Description:
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass Content Security Policy (CSP) restrictions, conduct cross-site scripting (XSS) attacks, or execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17016
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17017
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17020
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17022
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17023
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17024
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17025
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17026
Title: USN-4235-1: nginx vulnerability
URL: https://usn.ubuntu.com/4235-1/
Priorities: medium
Description:
Bert JW Regeer and Francisco Oca Gonzalez discovered that nginx incorrectly handled certain error_page configurations. A remote attacker could possibly use this issue to perform HTTP request smuggling attacks and access resources contrary to expectations.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20372
621.41
Available in VMware Tanzu Network
Release Date: February 04, 2020
BOSH Agent version: 2.268.9
USNs:
Title: USN-4222-1: GraphicsMagick vulnerabilities
URL: https://usn.ubuntu.com/4222-1/
Priorities: medium,low
Description:
It was discovered that GraphicsMagick incorrectly handled certain image files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-11638
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-11641
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-11642
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-11643
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12935
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12936
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12937
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13063
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13064
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13065
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13134
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13737
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13775
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13776
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13777
Title: USN-4216-2: Firefox vulnerabilities
URL: https://usn.ubuntu.com/4216-2/
Priorities: medium
Description:
USN-4216-1 fixed vulnerabilities in Firefox. This update provides the corresponding update for Ubuntu 16.04 LTS.
Original advisory details:
Multiple security issues were discovered in Firefox. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11745
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11756
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17005
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17008
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17010
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17011
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17012
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17013
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17014
Title: USN-4220-1: Git vulnerabilities
URL: https://usn.ubuntu.com/4220-1/
Priorities: medium,low
Description:
Joern Schneeweisz and Nicolas Joly discovered that Git contained various security flaws. An attacker could possibly use these issues to overwrite arbitrary paths, execute arbitrary code, and overwrite files in the .git directory.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1348
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1349
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1350
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1351
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1352
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1353
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1354
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-1387
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19604
Title: USN-4217-1: Samba vulnerabilities
URL: https://usn.ubuntu.com/4217-1/
Priorities: medium
Description:
Andreas Oster discovered that the Samba DNS management server incorrectly handled certain records. An authenticated attacker could possibly use this issue to crash Samba, resulting in a denial of service. (CVE-2019-14861)
Isaac Boukris discovered that Samba did not enforce the Kerberos DelegationNotAllowed feature restriction, contrary to…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14861
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14870
Title: USN-4219-1: libssh vulnerability
URL: https://usn.ubuntu.com/4219-1/
Priorities: medium
Description:
It was discovered that libssh incorrectly handled certain scp commands. If a user or automated system were tricked into using a specially-crafted scp command, a remote attacker could execute arbitrary commands on the server.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14889
Title: USN-4221-1: libpcap vulnerability
URL: https://usn.ubuntu.com/4221-1/
Priorities: medium
Description:
It was discovered that libpcap did not properly validate PHB headers in some situations. An attacker could use this to cause a denial of service (memory exhaustion).
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15165
Title: USN-4214-2: RabbitMQ vulnerability
URL: https://usn.ubuntu.com/4214-2/
Priorities: medium
Description:
USN-4214-1 fixed a vulnerability in RabbitMQ. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.
Original advisory details:
It was discovered that RabbitMQ incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18609
Title: USN-4224-1: Django vulnerability
URL: https://usn.ubuntu.com/4224-1/
Priorities: high
Description:
Simon Charette discovered that the password reset functionality in Django used a Unicode case insensitive query to retrieve accounts associated with an email address. An attacker could possibly use this to obtain password reset tokens and hijack accounts.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19844
Title: USN-4223-1: OpenJDK vulnerabilities
URL: https://usn.ubuntu.com/4223-1/
Priorities: medium
Description:
Jan Jancar, Petr Svenda, and Vladimir Sedlacek discovered that a side- channel vulnerability existed in the ECDSA implementation in OpenJDK. An Attacker could use this to expose sensitive information. (CVE-2019-2894)
It was discovered that the Socket implementation in OpenJDK did not properly restrict the creation of subclasses with a custom…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2894
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2945
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2949
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2962
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2964
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2973
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2975
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2977
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2978
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2981
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2983
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2987
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2988
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2989
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2992
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2999
621.29
Available in VMware Tanzu Network
Release Date: December 10, 2019
BOSH Agent version: 2.268.7
USNs:
Title: USN-4211-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4211-1/
Priorities: medium,negligible
Description:
Zhipeng Xie discovered that an infinite loop could be triggered in the CFS Linux kernel process scheduler. A local attacker could possibly use this to cause a denial of service. (CVE-2018-20784)
Nicolas Waisman discovered that the WiFi driver stack in the Linux kernel did not properly validate SSID lengths. A physically proximate attacker could…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20784
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17075
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17133
Title: USN-4205-1: SQLite vulnerabilities
URL: https://usn.ubuntu.com/4205-1/
Priorities: low,medium
Description:
It was discovered that SQLite incorrectly handled certain schemas. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM. (CVE-2018-8740)
It was discovered that SQLite incorrectly handled certain schemas. An attacker could possibly use this issue to cause a denial of service. This issue…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-8740
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16168
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19242
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19244
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-5018
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-5827
Title: USN-4203-1: NSS vulnerability
URL: https://usn.ubuntu.com/4203-1/
Priorities: medium
Description:
It was discovered that NSS incorrectly handled certain memory operations. A remote attacker could use this issue to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11745
Title: USN-4213-1: Squid vulnerabilities
URL: https://usn.ubuntu.com/4213-1/
Priorities: medium,low
Description:
Jeriko One and Kristoffer Danielsson discovered that Squid incorrectly handled certain URN requests. A remote attacker could possibly use this issue to bypass access checks and access restricted servers. This issue was only addressed in Ubuntu 19.04 and Ubuntu 19.10. (CVE-2019-12523)
Jeriko One discovered that Squid incorrectly handed URN…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12523
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12526
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12854
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18676
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18677
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18678
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18679
Title: USN-4210-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4210-1/
Priorities: medium,negligible,low
Description:
It was discovered that a buffer overflow existed in the 802.11 Wi-Fi configuration interface for the Linux kernel when handling beacon settings. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2019-16746)
Nicolas Waisman discovered that the WiFi driver stack in the Linux…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16746
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17075
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17133
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19060
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19065
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19075
Title: USN-4204-1: psutil vulnerability
URL: https://usn.ubuntu.com/4204-1/
Priorities: medium
Description:
Riccardo Schirone discovered that psutil incorrectly handled certain reference counting operations. An attacker could use this issue to cause psutil to crash, resulting in a denial of service, or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18874
621.26
Release Date: November 26, 2019
BOSH Agent version: 2.268.7
USNs:
Title: USN-4198-1: DjVuLibre vulnerabilities
URL: https://usn.ubuntu.com/4198-1/
Priorities: low
Description:
It was discovered that DjVuLibre incorrectly handled certain memory operations. If a user or automated system were tricked into processing a specially crafted DjVu file, a remote attacker could cause applications to hang or crash, resulting in a denial of service, or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15142
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15143
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15144
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15145
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18804
621.23
Release Date: November 18, 2019
BOSH Agent version: 2.268.6
USNs:
Title: USN-4186-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4186-1/
Priorities: high,medium
Description:
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12207
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-0154
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-0155
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11135
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15098
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16746
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17052
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17053
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17054
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17055
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17056
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17666
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2215
Title: USN-4185-1: Linux kernel vulnerabilities
URL: https://usn.ubuntu.com/4185-1/
Priorities: high,medium
Description:
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12207
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-0154
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-0155
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11135
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15098
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17052
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17053
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17054
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17055
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17056
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17666
Title: USN-4190-1: libjpeg-turbo vulnerabilities
URL: https://usn.ubuntu.com/4190-1/
Priorities: low,medium
Description:
It was discovered that libjpeg-turbo incorrectly handled certain BMP images. An attacker could possibly use this issue to expose sensitive information. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-14498)
It was discovered that libjpeg-turbo incorrectly handled certain JPEG images. An attacker could possibly use this…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-14498
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-19664
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20330
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-2201
Title: USN-4185-3: Linux kernel vulnerability and regression
URL: https://usn.ubuntu.com/4185-3/
Priorities: high
Description:
USN-4185-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. Also, the update introduced a regression that broke KVM guests where extended page tables (EPT) are disabled or not supported. This update…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-0155
Title: USN-4186-3: Linux kernel vulnerability
URL: https://usn.ubuntu.com/4186-3/
Priorities: high
Description:
USN-4186-1 fixed vulnerabilities in the Linux kernel. It was discovered that the kernel fix for CVE-2019-0155 (i915 missing Blitter Command Streamer check) was incomplete on 64-bit Intel x86 systems. This update addresses the issue.
We apologize for the inconvenience.
Original advisory details:
Stephan van Schaik, Alyssa Milburn, Sebastian…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-0155
Title: USN-4182-1: Intel Microcode update
URL: https://usn.ubuntu.com/4182-1/
Priorities: high,medium
Description:
Stephan van Schaik, Alyssa Milburn, Sebastian Österlund, Pietro Frigo, Kaveh Razavi, Herbert Bos, Cristiano Giuffrida, Giorgi Maisuradze, Moritz Lipp, Michael Schwarz, Daniel Gruss, and Jo Van Bulck discovered that Intel processors using Transactional Synchronization Extensions (TSX) could expose memory contents previously stored in…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11135
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11139
Title: USN-4191-1: QEMU vulnerabilities
URL: https://usn.ubuntu.com/4191-1/
Priorities: low
Description:
It was discovered that the LSI SCSI adapter emulator implementation in QEMU did not properly validate executed scripts. A local attacker could use this to cause a denial of service. (CVE-2019-12068)
Sergej Schumilo, Cornelius Aschermann and Simon Wörner discovered that the qxl paravirtual graphics driver implementation in QEMU contained a…
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12068
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12155
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13164
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14378
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15890
Title: USN-4192-1: ImageMagick vulnerabilities
URL: https://usn.ubuntu.com/4192-1/
Priorities: low,negligible,medium
Description:
It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12974
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12975
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12976
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12977
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12978
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12979
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13135
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13137
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13295
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13297
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13300
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13301
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13304
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13305
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13306
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13307
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13308
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13309
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13310
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13311
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13391
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13454
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14981
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15139
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-15140
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16708
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16709
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16710
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16711
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-16713
621.12
Release Date: November 12, 2019
BOSH Agent version: 2.268.5
USNs:
Title: USN-4176-1: GNU cpio vulnerability
URL: https://usn.ubuntu.com/4176-1/
Priorities: medium
Description:
Thomas Habets discovered that GNU cpio incorrectly handled certain inputs. An attacker could possibly use this issue to access sensitive information.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14866
Title: USN-4174-1: HAproxy vulnerability
URL: https://usn.ubuntu.com/4174-1/
Priorities: medium
Description:
It was discovered that HAproxy incorrectly handled certain HTTP requests. An attacker could possibly use this issue to a privilege escalation (Request Smuggling).
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-18277
Title: USN-4175-1: Nokogiri vulnerability
URL: https://usn.ubuntu.com/4175-1/
Priorities: medium
Description:
It was discovered that Nokogiri incorrectly handled inputs. A remote attacker could possibly use this issue to execute arbitrary OS commands.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-5477
621.5
Release Date: October 31, 2019
New stemcell line!
* rev the stemcell_api_version to 3 for upcoming signed url feature - https://www.pivotaltracker.com/epic/show/4392899
* blacklist nouveau kernel module (#96)
—
BOSH Agent version: 2.268.3
456.x
This section includes release notes for the 456.x line of Linux stemcells used with Ops Manager.
456.267
Available in VMware Tanzu Network
Release Date: May 25, 2022
Metadata:
BOSH Agent Version: 2.234.63
USNs:
Title: USN-5428-1: libXrandr vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5428-1
Priorities: low
Description:
Tobias Stoeckmann discovered that libXrandr incorrectly handled certain
responses. An attacker could possibly use this issue to cause a denial
of service, or possibly execute arbitrary code.
(CVE-2016-7947, CVE-2016-7948)
CVEs:
- https://ubuntu.com/security/CVE-2016-7947
- https://ubuntu.com/security/CVE-2016-7948
- https://ubuntu.com/security/CVE-2016-7947
- https://ubuntu.com/security/CVE-2016-7948
Title: USN-5436-1: libXrender vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5436-1
Priorities: low
Description:
Tobias Stoeckmann discovered that libXrender incorrectly handled certain
responses. An attacker could possibly use this issue to cause a denial
of service, or possibly execute arbitrary code.
(CVE-2016-7949, CVE-2016-7950)
CVEs:
- https://ubuntu.com/security/CVE-2016-7949
- https://ubuntu.com/security/CVE-2016-7950
- https://ubuntu.com/security/CVE-2016-7950
- https://ubuntu.com/security/CVE-2016-7949
Title: USN-5432-1: libpng vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5432-1
Priorities: low
Description:
It was discovered that libpng incorrectly handled memory when parsing
certain PNG files. If a user or automated system were tricked into opening
a specially crafted PNG file, an attacker could use this issue to cause
libpng to crash, resulting in a denial of service, or possible execute
arbitrary code. (CVE-2017-12652)
Zhengxiong Luo discovered that libpng incorrectly handled memory when parsing
certain PNG files. If a user or automated system were tricked into opening
a specially crafted PNG file, an attacker could use this issue to cause
libpng to crash, resulting in a denial of service, or possible execute
arbitrary code. (CVE-2018-14048)
CVEs:
- https://ubuntu.com/security/CVE-2017-12652
- https://ubuntu.com/security/CVE-2018-14048
- https://ubuntu.com/security/CVE-2017-12652
- https://ubuntu.com/security/CVE-2018-14048
Title: USN-5425-1: PCRE vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5425-1
Priorities: low,negligible
Description:
Yunho Kim discovered that PCRE incorrectly handled memory when
handling certain regular expressions. An attacker could possibly use
this issue to cause applications using PCRE to expose sensitive
information. This issue only affects Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS, Ubuntu 21.10 and Ubuntu 22.04 LTS. (CVE-2019-20838)
It was discovered that PCRE incorrectly handled memory when
handling certain regular expressions. An attacker could possibly use
this issue to cause applications using PCRE to have unexpected
behavior. This issue only affects Ubuntu 14.04 ESM, Ubuntu 16.04 ESM,
Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-14155)
CVEs:
- https://ubuntu.com/security/CVE-2019-20838
- https://ubuntu.com/security/CVE-2020-14155
- https://ubuntu.com/security/CVE-2020-14155
- https://ubuntu.com/security/CVE-2019-20838
Title: USN-5421-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5421-1
Priorities: negligible,low,medium
Description:
It was discovered that LibTIFF incorrectly handled certain images.
An attacker could possibly use this issue to cause a crash,
resulting in a denial of service. This issue only affects
Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-35522)
Chintan Shah discovered that LibTIFF incorrectly handled memory when
handling certain images. An attacker could possibly use this issue to
cause a crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2022-0561, CVE-2022-0562, CVE-2022-0891)
It was discovered that LibTIFF incorrectly handled certain images.
An attacker could possibly use this issue to cause a crash,
resulting in a denial of service. This issue only affects
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2022-0865)
CVEs:
- https://ubuntu.com/security/CVE-2020-35522
- https://ubuntu.com/security/CVE-2022-0561
- https://ubuntu.com/security/CVE-2022-0562
- https://ubuntu.com/security/CVE-2022-0891
- https://ubuntu.com/security/CVE-2022-0865
- https://ubuntu.com/security/CVE-2022-0891
- https://ubuntu.com/security/CVE-2022-0562
- https://ubuntu.com/security/CVE-2022-0561
- https://ubuntu.com/security/CVE-2020-35522
- https://ubuntu.com/security/CVE-2022-0865
Title: USN-5423-2: ClamAV vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5423-2
Priorities: low,medium
Description:
USN-5423-1 fixed several vulnerabilities in ClamAV. This update provides
the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Michał Dardas discovered that ClamAV incorrectly handled parsing CHM files.
A remote attacker could possibly use this issue to cause ClamAV to stop
responding, resulting in a denial of service. (CVE-2022-20770)
Michał Dardas discovered that ClamAV incorrectly handled parsing TIFF
files. A remote attacker could possibly use this issue to cause ClamAV to
stop responding, resulting in a denial of service. (CVE-2022-20771)
Michał Dardas discovered that ClamAV incorrectly handled parsing HTML
files. A remote attacker could possibly use this issue to cause ClamAV to
consume resources, resulting in a denial of service. (CVE-2022-20785)
Michał Dardas discovered that ClamAV incorrectly handled loading the
signature database. A remote attacker could possibly use this issue to
cause ClamAV to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2022-20792)
Alexander Patrakov and Antoine Gatineau discovered that ClamAV incorrectly
handled the scan verdict cache check. A remote attacker could possibly use
this issue to cause ClamAV to crash, resulting in a denial of service, or
possibly execute arbitrary code.(CVE-2022-20796)
CVEs:
- https://ubuntu.com/security/CVE-2022-20770
- https://ubuntu.com/security/CVE-2022-20771
- https://ubuntu.com/security/CVE-2022-20785
- https://ubuntu.com/security/CVE-2022-20792
- https://ubuntu.com/security/CVE-2022-20796
- https://ubuntu.com/security/CVE-2022-20771
- https://ubuntu.com/security/CVE-2022-20796
- https://ubuntu.com/security/CVE-2022-20785
- https://ubuntu.com/security/CVE-2022-20792
- https://ubuntu.com/security/CVE-2022-20770
Title: USN-5424-2: OpenLDAP vulnerability
URL: https://ubuntu.com/security/notices/USN-5424-2
Priorities: medium
Description:
USN-5424-1 fixed a vulnerability in OpenLDAP. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that OpenLDAP incorrectly handled certain SQL statements
within LDAP queries in the experimental back-sql backend. A remote attacker
could possibly use this issue to perform an SQL injection attack and alter
the database.
CVEs:
- https://ubuntu.com/security/CVE-2022-29155
Title: USN-5443-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5443-1
Priorities: high,medium
Description:
Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of
the Linux kernel did not properly perform reference counting in some
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2022-29581)
Jann Horn discovered that the Linux kernel did not properly enforce seccomp
restrictions in some situations. A local attacker could use this to bypass
intended seccomp sandbox restrictions. (CVE-2022-30594)
CVEs:
- https://ubuntu.com/security/CVE-2022-29581
- https://ubuntu.com/security/CVE-2022-30594
- https://ubuntu.com/security/CVE-2022-29581
- https://ubuntu.com/security/CVE-2022-30594
456.265
Available in VMware Tanzu Network
Release Date: May 17, 2022
Metadata:
BOSH Agent Version: 2.234.62
USNs:
Title: USN-5398-1: Simple DirectMedia Layer vulnerability
URL: https://ubuntu.com/security/notices/USN-5398-1
Priorities:
Description:
It was discovered that SDL (Simple DirectMedia Layer) incorrectly handled
certain files. An attacker could possibly use this issue to cause a denial
of service, or possibly execute arbitrary code.
CVEs:
Title: USN-5407-1: Cairo vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5407-1
Priorities: low
Description:
Gustavo Grieco, Alberto Garcia, Francisco Oca, Suleman Ali, and others
discovered that Cairo incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2016-9082, CVE-2017-9814, CVE-2019-6462)
Stephan Bergmann discovered that Cairo incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service,
or possibly execute arbitrary code.
(CVE-2020-35492)
CVEs:
- https://ubuntu.com/security/CVE-2016-9082
- https://ubuntu.com/security/CVE-2017-9814
- https://ubuntu.com/security/CVE-2019-6462
- https://ubuntu.com/security/CVE-2020-35492
- https://ubuntu.com/security/CVE-2017-9814
- https://ubuntu.com/security/CVE-2020-35492
- https://ubuntu.com/security/CVE-2019-6462
- https://ubuntu.com/security/CVE-2016-9082
Title: USN-5389-1: Libcroco vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5389-1
Priorities: low
Description:
It was discovered that Libcroco was incorrectly accessing data structures when
reading bytes from memory, which could cause a heap buffer overflow. An attacker
could possibly use this issue to cause a denial of service. (CVE-2017-7960)
It was discovered that Libcroco was incorrectly handling invalid UTF-8 values
when processing CSS files. An attacker could possibly use this issue to cause
a denial of service. (CVE-2017-8834, CVE-2017-8871)
It was discovered that Libcroco was incorrectly implementing recursion in one
of its parsing functions, which could cause an infinite recursion loop and a
stack overflow due to stack consumption. An attacker could possibly use this
issue to cause a denial of service. (CVE-2020-12825)
CVEs:
- https://ubuntu.com/security/CVE-2017-7960
- https://ubuntu.com/security/CVE-2017-8834
- https://ubuntu.com/security/CVE-2017-8871
- https://ubuntu.com/security/CVE-2020-12825
- https://ubuntu.com/security/CVE-2020-12825
- https://ubuntu.com/security/CVE-2017-8834
- https://ubuntu.com/security/CVE-2017-8871
- https://ubuntu.com/security/CVE-2017-7960
Title: USN-5405-1: jbig2dec vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5405-1
Priorities: low
Description:
It was discovered that jbig2dec incorrectly handled memory when parsing
invalid files. An attacker could use this issue to cause jbig2dec to crash,
leading to a denial of service. (CVE-2017-9216)
It was discovered that jbig2dec incorrectly handled memory when processing
untrusted input. An attacker could use this issue to cause a denial of service,
or possibly execute arbitrary code. (CVE-2020-12268)
CVEs:
- https://ubuntu.com/security/CVE-2017-9216
- https://ubuntu.com/security/CVE-2020-12268
- https://ubuntu.com/security/CVE-2017-9216
- https://ubuntu.com/security/CVE-2020-12268
Title: USN-5259-3: Cron regression
URL: https://ubuntu.com/security/notices/USN-5259-3
Priorities: low
Description:
USN-5259-1 and USN-5259-2 fixed vulnerabilities in Cron. Unfortunately
that update was incomplete and could introduce a regression. This update
fixes the problem.
We apologize for the inconvenience.
Original advisory details:
It was discovered that the postinst maintainer script in Cron unsafely
handled file permissions during package install or update operations.
An attacker could possibly use this issue to perform a privilege
escalation attack. (CVE-2017-9525)
Florian Weimer discovered that Cron incorrectly handled certain memory
operations during crontab file creation. An attacker could possibly use
this issue to cause a denial of service. (CVE-2019-9704)
It was discovered that Cron incorrectly handled user input during crontab
file creation. An attacker could possibly use this issue to cause a denial
of service. (CVE-2019-9705)
It was discovered that Cron contained a use-after-free vulnerability in
its force_rescan_user function. An attacker could possibly use this issue
to cause a denial of service. (CVE-2019-9706)
CVEs:
- https://ubuntu.com/security/CVE-2017-9525
- https://ubuntu.com/security/CVE-2019-9704
- https://ubuntu.com/security/CVE-2019-9705
- https://ubuntu.com/security/CVE-2019-9706
- https://ubuntu.com/security/CVE-2017-9525
Title: USN-5413-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5413-1
Priorities: low,medium
Description:
Jeremy Cline discovered a use-after-free in the nouveau graphics driver of
the Linux kernel during device removal. A privileged or physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2020-27820)
It was discovered that a race condition existed in the network scheduling
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-39713)
It was discovered that the Parallel NFS (pNFS) implementation in the Linux
kernel did not properly perform bounds checking in some situations. An
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2021-4157)
It was discovered that the ST21NFCA NFC driver in the Linux kernel did not
properly validate the size of certain data in EVT_TRANSACTION events. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-26490)
It was discovered that the Xilinx USB2 device gadget driver in the Linux
kernel did not properly validate endpoint indices from the host. A
physically proximate attacker could possibly use this to cause a denial of
service (system crash). (CVE-2022-27223)
It was discovered that the EMS CAN/USB interface implementation in the
Linux kernel contained a double-free vulnerability when handling certain
error conditions. A local attacker could use this to cause a denial of
service (memory exhaustion). (CVE-2022-28390)
CVEs:
- https://ubuntu.com/security/CVE-2020-27820
- https://ubuntu.com/security/CVE-2021-39713
- https://ubuntu.com/security/CVE-2021-4157
- https://ubuntu.com/security/CVE-2022-26490
- https://ubuntu.com/security/CVE-2022-27223
- https://ubuntu.com/security/CVE-2022-28390
- https://ubuntu.com/security/CVE-2021-4157
- https://ubuntu.com/security/CVE-2022-26490
- https://ubuntu.com/security/CVE-2022-28390
- https://ubuntu.com/security/CVE-2021-39713
- https://ubuntu.com/security/CVE-2022-27223
- https://ubuntu.com/security/CVE-2020-27820
Title: USN-5179-2: BusyBox vulnerability
URL: https://ubuntu.com/security/notices/USN-5179-2
Priorities: low
Description:
USN-5179-1 fixed vulnerabilities in BusyBox. This update provides the
corresponding updates for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that BusyBox incorrectly handled certain malformed gzip
archives. If a user or automated system were tricked into processing a
specially crafted gzip archive, a remote attacker could use this issue to
cause BusyBox to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2021-28831)
CVEs:
- https://ubuntu.com/security/CVE-2021-28831
- https://ubuntu.com/security/CVE-2021-28831
Title: USN-5392-1: Mutt vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5392-1
Priorities: low,medium
Description:
It was discovered that Mutt incorrectly handled certain requests.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 20.04 LTS. (CVE-2021-32055)
It was discovered that Mutt incorrectly handled certain input.
An attacker could possibly use this issue to cause a crash,
or expose sensitive information. (CVE-2022-1328)
CVEs:
- https://ubuntu.com/security/CVE-2021-32055
- https://ubuntu.com/security/CVE-2022-1328
- https://ubuntu.com/security/CVE-2022-1328
- https://ubuntu.com/security/CVE-2021-32055
Title: USN-5391-1: libsepol vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5391-1
Priorities: low
Description:
Nicolas Iooss discovered that libsepol incorrectly handled memory
when handling policies. An attacker could possibly use this issue
to cause a crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2021-36084)
It was discovered that libsepol incorrectly handled memory when
handling policies. An attacker could possibly use this issue to cause
a crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2021-36085)
It was discovered that libsepol incorrectly handled memory when
handling policies. An attacker could possibly use this issue to cause
a crash, resulting in a denial of service, or possibly execute
arbitrary code. This issue only affects Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS and Ubuntu 21.10. (CVE-2021-36086)
It was discovered that libsepol incorrectly validated certain data,
leading to a heap overflow. An attacker could possibly use this issue
to cause a crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2021-36087)
CVEs:
- https://ubuntu.com/security/CVE-2021-36084
- https://ubuntu.com/security/CVE-2021-36085
- https://ubuntu.com/security/CVE-2021-36086
- https://ubuntu.com/security/CVE-2021-36087
- https://ubuntu.com/security/CVE-2021-36086
- https://ubuntu.com/security/CVE-2021-36085
- https://ubuntu.com/security/CVE-2021-36084
- https://ubuntu.com/security/CVE-2021-36087
Title: USN-5409-1: libsndfile vulnerability
URL: https://ubuntu.com/security/notices/USN-5409-1
Priorities: low
Description:
It was discovered that libsndfile was incorrectly performing memory
management operations and incorrectly using buffers when executing
its FLAC codec. If a user or automated system were tricked into
processing a specially crafted sound file, an attacker could
possibly use this issue to cause a denial of service or obtain
sensitive information.
CVEs:
- https://ubuntu.com/security/CVE-2021-4156
Title: USN-5385-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5385-1
Priorities: medium,low,negligible
Description:
Brendan Dolan-Gavitt discovered that the aQuantia AQtion Ethernet device
driver in the Linux kernel did not properly validate meta-data coming from
the device. A local attacker who can control an emulated device can use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-43975)
It was discovered that the UDF file system implementation in the Linux
kernel could attempt to dereference a null pointer in some situations. An
attacker could use this to construct a malicious UDF image that, when
mounted and operated on, could cause a denial of service (system crash).
(CVE-2022-0617)
Lyu Tao discovered that the NFS implementation in the Linux kernel did not
properly handle requests to open a directory on a regular file. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2022-24448)
It was discovered that the YAM AX.25 device driver in the Linux kernel did
not properly deallocate memory in some error conditions. A local privileged
attacker could use this to cause a denial of service (kernel memory
exhaustion). (CVE-2022-24959)
CVEs:
- https://ubuntu.com/security/CVE-2021-43975
- https://ubuntu.com/security/CVE-2022-0617
- https://ubuntu.com/security/CVE-2022-24448
- https://ubuntu.com/security/CVE-2022-24959
- https://ubuntu.com/security/CVE-2022-24448
- https://ubuntu.com/security/CVE-2022-24959
- https://ubuntu.com/security/CVE-2021-43975
- https://ubuntu.com/security/CVE-2022-0617
Title: USN-5400-2: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5400-2
Priorities: medium
Description:
USN-5400-1 fixed several vulnerabilities in MySQL. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated in Ubuntu 16.04 ESM to MySQL 5.7.38.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-38.html
https://www.oracle.com/security-alerts/cpuapr2022.html
CVEs:
- https://ubuntu.com/security/CVE-2022-21417
- https://ubuntu.com/security/CVE-2022-21451
- https://ubuntu.com/security/CVE-2022-21460
- https://ubuntu.com/security/CVE-2022-21444
- https://ubuntu.com/security/CVE-2022-21454
- https://ubuntu.com/security/CVE-2022-21427
Title: USN-5354-2: Twisted vulnerability
URL: https://ubuntu.com/security/notices/USN-5354-2
Priorities: medium
Description:
USN-5354-1 fixed vulnerabilities in Twisted. This update provides the
corresponding updates for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM and
Ubuntu 22.04 LTS.
Original advisory details:
It was discovered that Twisted incorrectly processed SSH handshake data on
connection establishments. A remote attacker could use this issue to cause
Twisted to crash, resulting in a denial of service. (CVE-2022-21716)
CVEs:
- https://ubuntu.com/security/CVE-2022-21716
- https://ubuntu.com/security/CVE-2022-21716
456.261
Available in VMware Tanzu Network
Release Date: April 21, 2022
Notice:
The kernel patches included in 456.252 are now in the main kernel repository and have been included in this release.
Metadata:
BOSH Agent Version: 2.234.58
USNs:
Title: USN-5371-1: nginx vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5371-1
Priorities: medium,low
Description:
It was discovered that nginx Lua module mishandled certain inputs.
An attacker could possibly use this issue to perform an HTTP Request
Smuggling attack. This issue only affects Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-11724)
It was discovered that nginx Lua module mishandled certain inputs.
An attacker could possibly use this issue to disclose sensitive
information. This issue only affects Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-36309)
It was discovered that nginx mishandled the use of
compatible certificates among multiple encryption protocols.
If a remote attacker were able to intercept the communication,
this issue could be used to redirect traffic between subdomains.
(CVE-2021-3618)
CVEs:
- https://ubuntu.com/security/CVE-2020-11724
- https://ubuntu.com/security/CVE-2020-36309
- https://ubuntu.com/security/CVE-2021-3618
- https://ubuntu.com/security/CVE-2020-36309
- https://ubuntu.com/security/CVE-2021-3618
- https://ubuntu.com/security/CVE-2020-11724
Title: USN-5373-2: Django vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5373-2
Priorities: high,medium
Description:
USN-5373-1 fixed several vulnerabilities in Django. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Django incorrectly handled certain certain column
aliases in the QuerySet.annotate(), aggregate(), and extra() methods. A
remote attacker could possibly use this issue to perform an SQL injection
attack. (CVE-2022-28346)
It was discovered that the Django URLValidator function incorrectly handled
newlines and tabs. A remote attacker could possibly use this issue to
perform a header injection attack. (CVE-2021-32052)
CVEs:
- https://ubuntu.com/security/CVE-2022-28346
- https://ubuntu.com/security/CVE-2021-32052
- https://ubuntu.com/security/CVE-2021-32052
- https://ubuntu.com/security/CVE-2022-28346
456.252
Available in VMware Tanzu Network
Release Date: March 23, 2022
Notice:
This stemcell contains a patched version of the kernel to address the issues found in 456.244. We have tested this patched kernel against the problems seen in 456.244 and no longer see the problem. We will release another stemcell in mid-April when that kernel patch makes it into the main kernel repository.
Metadata:
BOSH Agent Version: 2.234.54
USNs:
Title: USN-5322-1: Subversion vulnerability
URL: https://ubuntu.com/security/notices/USN-5322-1
Priorities: medium
Description:
Thomas Akesson discovered that Subversion incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
CVEs:
- https://ubuntu.com/security/CVE-2020-17525
Title: USN-5328-2: OpenSSL vulnerability
URL: https://ubuntu.com/security/notices/USN-5328-2
Priorities: high
Description:
USN-5328-1 fixed a vulnerability in OpenSSL. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Tavis Ormandy discovered that OpenSSL incorrectly parsed certain
certificates. A remote attacker could possibly use this issue to cause
OpenSSH to stop responding, resulting in a denial of service.
CVEs:
- https://ubuntu.com/security/CVE-2022-0778
Title: USN-5320-1: Expat vulnerabilities and regression
URL: https://ubuntu.com/security/notices/USN-5320-1
Priorities: high,medium
Description:
USN-5288-1 fixed several vulnerabilities in Expat. For CVE-2022-25236 it
caused a regression and an additional patch was required. This update address
this regression and several other vulnerabilities.
It was discovered that Expat incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2022-25313)
It was discovered that Expat incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash
or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2022-25314)
It was discovered that Expat incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. (CVE-2022-25315)
Original advisory details:
It was discovered that Expat incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code. (CVE-2022-25236)
CVEs:
- https://ubuntu.com/security/CVE-2022-25236
- https://ubuntu.com/security/CVE-2022-25313
- https://ubuntu.com/security/CVE-2022-25314
- https://ubuntu.com/security/CVE-2022-25315
- https://ubuntu.com/security/CVE-2022-25236
- https://ubuntu.com/security/CVE-2022-25314
- https://ubuntu.com/security/CVE-2022-25315
- https://ubuntu.com/security/CVE-2022-25313
Title: USN-5334-1: man-db vulnerability
URL: https://ubuntu.com/security/notices/USN-5334-1
Priorities: low
Description:
It was discovered that man-db incorrectly handled permission changing
operations in its daily cron job, and was therefore affected by a race
condition. An attacker could possibly use this issue to escalate privileges
and execute arbitrary code.
CVEs:
- https://ubuntu.com/security/CVE-2015-1336
Title: USN-5331-1: tcpdump vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5331-1
Priorities: low
Description:
It was discovered that tcpdump incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service,
or possibly execute arbitrary code. (CVE-2018-16301)
It was discovered that tcpdump incorrectly handled certain captured data.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2020-8037)
CVEs:
- https://ubuntu.com/security/CVE-2018-16301
- https://ubuntu.com/security/CVE-2020-8037
- https://ubuntu.com/security/CVE-2018-16301
- https://ubuntu.com/security/CVE-2020-8037
Title: USN-5325-1: Zsh vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5325-1
Priorities: low
Description:
Sam Foxman discovered that Zsh incorrectly handled certain inputs.
An attacker could possibly use this issue to regain dropped privileges.
(CVE-2019-20044)
It was discovered that Zsh incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2021-45444)
CVEs:
- https://ubuntu.com/security/CVE-2019-20044
- https://ubuntu.com/security/CVE-2021-45444
- https://ubuntu.com/security/CVE-2021-45444
- https://ubuntu.com/security/CVE-2019-20044
Title: USN-5329-1: tar vulnerability
URL: https://ubuntu.com/security/notices/USN-5329-1
Priorities: low
Description:
It was discovered that tar incorrectly handled certain files.
An attacker could possibly use this issue to cause tar to crash,
resulting in a denial of service.
CVEs:
- https://ubuntu.com/security/CVE-2021-20193
Title: USN-5332-2: Bind vulnerability
URL: https://ubuntu.com/security/notices/USN-5332-2
Priorities: medium
Description:
USN-5332-1 fixed a vulnerability in Bind. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Xiang Li, Baojun Liu, Chaoyi Lu, and Changgen Zou discovered that Bind
incorrectly handled certain bogus NS records when using forwarders. A
remote attacker could possibly use this issue to manipulate cache results.
(CVE-2021-25220)
CVEs:
- https://ubuntu.com/security/CVE-2021-25220
- https://ubuntu.com/security/CVE-2021-25220
Title: USN-5343-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5343-1
Priorities: high,low,medium,negligible
Description:
Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the
Linux kernel did not properly restrict access to the cgroups v1
release_agent feature. A local attacker could use this to gain
administrative privileges. (CVE-2022-0492)
It was discovered that the aufs file system in the Linux kernel did not
properly restrict mount namespaces, when mounted with the non-default
allow_userns option set. A local attacker could use this to gain
administrative privileges. (CVE-2016-2853)
It was discovered that the aufs file system in the Linux kernel did not
properly maintain POSIX ACL xattr data, when mounted with the non-default
allow_userns option. A local attacker could possibly use this to gain
elevated privileges. (CVE-2016-2854)
It was discovered that the f2fs file system in the Linux kernel did not
properly validate metadata in some situations. An attacker could use this
to construct a malicious f2fs image that, when mounted and operated on,
could cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2019-19449)
It was discovered that the XFS file system implementation in the Linux
kernel did not properly validate meta data in some circumstances. An
attacker could use this to construct a malicious XFS image that, when
mounted, could cause a denial of service. (CVE-2020-12655)
Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the
Linux kernel contained a reference counting error. A local attacker could
use this to cause a denial of service (system crash). (CVE-2020-25670)
Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the
Linux kernel did not properly deallocate memory in certain error
situations. A local attacker could use this to cause a denial of service
(memory exhaustion). (CVE-2020-25671, CVE-2020-25672)
Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the
Linux kernel did not properly handle error conditions in some situations,
leading to an infinite loop. A local attacker could use this to cause a
denial of service. (CVE-2020-25673)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation
incorrectly handled EAPOL frames from unauthenticated senders. A physically
proximate attacker could inject malicious packets to cause a denial of
service (system crash). (CVE-2020-26139)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could
reassemble mixed encrypted and plaintext fragments. A physically proximate
attacker could possibly use this issue to inject packets or exfiltrate
selected fragments. (CVE-2020-26147)
It was discovered that the BR/EDR pin-code pairing procedure in the Linux
kernel was vulnerable to an impersonation attack. A physically proximate
attacker could possibly use this to pair to a device without knowledge of
the pin-code. (CVE-2020-26555)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly perform access control. An authenticated attacker could possibly
use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129)
It was discovered that the FUSE user space file system implementation in
the Linux kernel did not properly handle bad inodes in some situations. A
local attacker could possibly use this to cause a denial of service.
(CVE-2020-36322)
It was discovered that the Infiniband RDMA userspace connection manager
implementation in the Linux kernel contained a race condition leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possible execute arbitrary code.
(CVE-2020-36385)
It was discovered that the DRM subsystem in the Linux kernel contained
double-free vulnerabilities. A privileged attacker could possibly use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2021-20292)
It was discovered that a race condition existed in the timer implementation
in the Linux kernel. A privileged attacker could use this to cause a denial
of service. (CVE-2021-20317)
Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the
nfc implementation in the Linux kernel. A privileged local attacker could
use this issue to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-23134)
It was discovered that the Xen paravirtualization backend in the Linux
kernel did not properly deallocate memory in some situations. A local
attacker could use this to cause a denial of service (memory exhaustion).
(CVE-2021-28688)
It was discovered that the RPA PCI Hotplug driver implementation in the
Linux kernel did not properly handle device name writes via sysfs, leading
to a buffer overflow. A privileged attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2021-28972)
It was discovered that a race condition existed in the netfilter subsystem
of the Linux kernel when replacing tables. A local attacker could use this
to cause a denial of service (system crash). (CVE-2021-29650)
It was discovered that a race condition in the kernel Bluetooth subsystem
could lead to use-after-free of slab objects. An attacker could use this
issue to possibly execute arbitrary code. (CVE-2021-32399)
It was discovered that the CIPSO implementation in the Linux kernel did not
properly perform reference counting in some situations, leading to use-
after-free vulnerabilities. An attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-33033)
It was discovered that a use-after-free existed in the Bluetooth HCI driver
of the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-33034)
Asaf Modelevsky discovered that the Intel® Ethernet ixgbe driver for the
Linux kernel did not properly validate large MTU requests from Virtual
Function (VF) devices. A local attacker could possibly use this to cause a
denial of service. (CVE-2021-33098)
Norbert Slusarek discovered that the CAN broadcast manger (bcm) protocol
implementation in the Linux kernel did not properly initialize memory in
some situations. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2021-34693)
马哲宇 discovered that the IEEE 1394 (Firewire) nosy packet sniffer driver in
the Linux kernel did not properly perform reference counting in some
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-3483)
It was discovered that an out-of-bounds (OOB) memory access flaw existed in
the f2fs module of the Linux kernel. A local attacker could use this issue
to cause a denial of service (system crash). (CVE-2021-3506)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle HCI device initialization failure, leading to a double-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2021-3564)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle HCI device detach events, leading to a use-after-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2021-3573)
Murray McAllister discovered that the joystick device interface in the
Linux kernel did not properly validate data passed via an ioctl(). A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code on systems with a joystick device
registered. (CVE-2021-3612)
It was discovered that the tracing subsystem in the Linux kernel did not
properly keep track of per-cpu ring buffer state. A privileged attacker
could use this to cause a denial of service. (CVE-2021-3679)
It was discovered that the Virtio console implementation in the Linux
kernel did not properly validate input lengths in some situations. A local
attacker could possibly use this to cause a denial of service (system
crash). (CVE-2021-38160)
It was discovered that the KVM hypervisor implementation in the Linux
kernel did not properly compute the access permissions for shadow pages in
some situations. A local attacker could use this to cause a denial of
service. (CVE-2021-38198)
It was discovered that the MAX-3421 host USB device driver in the Linux
kernel did not properly handle device removal events. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2021-38204)
It was discovered that the NFC implementation in the Linux kernel did not
properly handle failed connect events leading to a NULL pointer
dereference. A local attacker could use this to cause a denial of service.
(CVE-2021-38208)
It was discovered that the configfs interface for USB gadgets in the Linux
kernel contained a race condition. A local attacker could possibly use this
to expose sensitive information (kernel memory). (CVE-2021-39648)
It was discovered that the ext4 file system in the Linux kernel contained a
race condition when writing xattrs to an inode. A local attacker could use
this to cause a denial of service or possibly gain administrative
privileges. (CVE-2021-40490)
It was discovered that the 6pack network protocol driver in the Linux
kernel did not properly perform validation checks. A privileged attacker
could use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2021-42008)
It was discovered that the ISDN CAPI implementation in the Linux kernel
contained a race condition in certain situations that could trigger an
array out-of-bounds bug. A privileged local attacker could possibly use
this to cause a denial of service or execute arbitrary code.
(CVE-2021-43389)
It was discovered that the Phone Network protocol (PhoNet) implementation
in the Linux kernel did not properly perform reference counting in some
error conditions. A local attacker could possibly use this to cause a
denial of service (memory exhaustion). (CVE-2021-45095)
Wenqing Liu discovered that the f2fs file system in the Linux kernel did
not properly validate the last xattr entry in an inode. An attacker could
use this to construct a malicious f2fs image that, when mounted and
operated on, could cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-45469)
Amit Klein discovered that the IPv6 implementation in the Linux kernel
could disclose internal state in some situations. An attacker could
possibly use this to expose sensitive information. (CVE-2021-45485)
It was discovered that the per cpu memory allocator in the Linux kernel
could report kernel pointers via dmesg. An attacker could use this to
expose sensitive information or in conjunction with another kernel
vulnerability. (CVE-2018-5995)
CVEs:
- https://ubuntu.com/security/CVE-2022-0492
- https://ubuntu.com/security/CVE-2016-2853
- https://ubuntu.com/security/CVE-2016-2854
- https://ubuntu.com/security/CVE-2019-19449
- https://ubuntu.com/security/CVE-2020-12655
- https://ubuntu.com/security/CVE-2020-25670
- https://ubuntu.com/security/CVE-2020-25671
- https://ubuntu.com/security/CVE-2020-25672
- https://ubuntu.com/security/CVE-2020-25673
- https://ubuntu.com/security/CVE-2020-26139
- https://ubuntu.com/security/CVE-2020-26147
- https://ubuntu.com/security/CVE-2020-26555
- https://ubuntu.com/security/CVE-2020-26558
- https://ubuntu.com/security/CVE-2021-0129
- https://ubuntu.com/security/CVE-2020-36322
- https://ubuntu.com/security/CVE-2020-36385
- https://ubuntu.com/security/CVE-2021-20292
- https://ubuntu.com/security/CVE-2021-20317
- https://ubuntu.com/security/CVE-2021-23134
- https://ubuntu.com/security/CVE-2021-28688
- https://ubuntu.com/security/CVE-2021-28972
- https://ubuntu.com/security/CVE-2021-29650
- https://ubuntu.com/security/CVE-2021-32399
- https://ubuntu.com/security/CVE-2021-33033
- https://ubuntu.com/security/CVE-2021-33034
- https://ubuntu.com/security/CVE-2021-33098
- https://ubuntu.com/security/CVE-2021-34693
- https://ubuntu.com/security/CVE-2021-3483
- https://ubuntu.com/security/CVE-2021-3506
- https://ubuntu.com/security/CVE-2021-3564
- https://ubuntu.com/security/CVE-2021-3573
- https://ubuntu.com/security/CVE-2021-3612
- https://ubuntu.com/security/CVE-2021-3679
- https://ubuntu.com/security/CVE-2021-38160
- https://ubuntu.com/security/CVE-2021-38198
- https://ubuntu.com/security/CVE-2021-38204
- https://ubuntu.com/security/CVE-2021-38208
- https://ubuntu.com/security/CVE-2021-39648
- https://ubuntu.com/security/CVE-2021-40490
- https://ubuntu.com/security/CVE-2021-42008
- https://ubuntu.com/security/CVE-2021-43389
- https://ubuntu.com/security/CVE-2021-45095
- https://ubuntu.com/security/CVE-2021-45469
- https://ubuntu.com/security/CVE-2021-45485
- https://ubuntu.com/security/CVE-2018-5995
- https://ubuntu.com/security/CVE-2020-25673
- https://ubuntu.com/security/CVE-2021-3564
- https://ubuntu.com/security/CVE-2021-0129
- https://ubuntu.com/security/CVE-2021-20317
- https://ubuntu.com/security/CVE-2020-26558
- https://ubuntu.com/security/CVE-2020-36385
- https://ubuntu.com/security/CVE-2021-39648
- https://ubuntu.com/security/CVE-2022-0492
- https://ubuntu.com/security/CVE-2021-20292
- https://ubuntu.com/security/CVE-2020-25671
- https://ubuntu.com/security/CVE-2020-12655
- https://ubuntu.com/security/CVE-2021-34693
- https://ubuntu.com/security/CVE-2020-26147
- https://ubuntu.com/security/CVE-2018-5995
- https://ubuntu.com/security/CVE-2021-33034
- https://ubuntu.com/security/CVE-2020-25670
- https://ubuntu.com/security/CVE-2021-38198
- https://ubuntu.com/security/CVE-2021-40490
- https://ubuntu.com/security/CVE-2021-33033
- https://ubuntu.com/security/CVE-2021-43389
- https://ubuntu.com/security/CVE-2021-3612
- https://ubuntu.com/security/CVE-2021-38160
- https://ubuntu.com/security/CVE-2020-26139
- https://ubuntu.com/security/CVE-2016-2853
- https://ubuntu.com/security/CVE-2021-38204
- https://ubuntu.com/security/CVE-2021-33098
- https://ubuntu.com/security/CVE-2021-3573
- https://ubuntu.com/security/CVE-2021-45469
- https://ubuntu.com/security/CVE-2021-28688
- https://ubuntu.com/security/CVE-2021-38208
- https://ubuntu.com/security/CVE-2021-42008
- https://ubuntu.com/security/CVE-2020-25672
- https://ubuntu.com/security/CVE-2016-2854
- https://ubuntu.com/security/CVE-2021-45095
- https://ubuntu.com/security/CVE-2021-3679
- https://ubuntu.com/security/CVE-2020-36322
- https://ubuntu.com/security/CVE-2019-19449
- https://ubuntu.com/security/CVE-2021-45485
- https://ubuntu.com/security/CVE-2020-26555
- https://ubuntu.com/security/CVE-2021-28972
- https://ubuntu.com/security/CVE-2021-23134
- https://ubuntu.com/security/CVE-2021-32399
- https://ubuntu.com/security/CVE-2021-3506
- https://ubuntu.com/security/CVE-2021-3483
- https://ubuntu.com/security/CVE-2021-29650
Title: USN-5339-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5339-1
Priorities: high,medium,low
Description:
Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the
Linux kernel did not properly restrict access to the cgroups v1
release_agent feature. A local attacker could use this to gain
administrative privileges. (CVE-2022-0492)
It was discovered that an out-of-bounds (OOB) memory access flaw existed in
the f2fs module of the Linux kernel. A local attacker could use this issue
to cause a denial of service (system crash). (CVE-2021-3506)
Brendan Dolan-Gavitt discovered that the Marvell WiFi-Ex USB device driver
in the Linux kernel did not properly handle some error conditions. A
physically proximate attacker could use this to cause a denial of service
(system crash). (CVE-2021-43976)
It was discovered that the ARM Trusted Execution Environment (TEE)
subsystem in the Linux kernel contained a race condition leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service or possibly execute arbitrary code. (CVE-2021-44733)
It was discovered that the Phone Network protocol (PhoNet) implementation
in the Linux kernel did not properly perform reference counting in some
error conditions. A local attacker could possibly use this to cause a
denial of service (memory exhaustion). (CVE-2021-45095)
Samuel Page discovered that the Transparent Inter-Process Communication
(TIPC) protocol implementation in the Linux kernel contained a stack-based
buffer overflow. A remote attacker could use this to cause a denial of
service (system crash) for systems that have a TIPC bearer configured.
(CVE-2022-0435)
CVEs:
- https://ubuntu.com/security/CVE-2022-0492
- https://ubuntu.com/security/CVE-2021-3506
- https://ubuntu.com/security/CVE-2021-43976
- https://ubuntu.com/security/CVE-2021-44733
- https://ubuntu.com/security/CVE-2021-45095
- https://ubuntu.com/security/CVE-2022-0435
- https://ubuntu.com/security/CVE-2022-0435
- https://ubuntu.com/security/CVE-2022-0492
- https://ubuntu.com/security/CVE-2021-43976
- https://ubuntu.com/security/CVE-2021-3506
- https://ubuntu.com/security/CVE-2021-44733
- https://ubuntu.com/security/CVE-2021-45095
456.244
Release Date: March 09, 2022
Known Iissues
- There are currently reported issues with this stemcell and TAS Diego Cells. We have removed this stemcell until we can resolve the issue. If you need access, please contact support.
#### Metadata:
BOSH Agent Version: 2.234.51
#### USNs:
Title: USN-5300-1: PHP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5300-1
Priorities: low,medium
Description:
It was discovered that PHP incorrectly handled certain scripts.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2015-9253, CVE-2017-8923, CVE-2017-9118, CVE-2017-9120)
It was discovered that PHP incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service,
or possibly obtain sensitive information. (CVE-2017-9119)
It was discovered that PHP incorrectly handled certain scripts with XML
parsing functions.
An attacker could possibly use this issue to obtain sensitive information.
(CVE-2021-21707)
CVEs:
- https://ubuntu.com/security/CVE-2015-9253
- https://ubuntu.com/security/CVE-2017-8923
- https://ubuntu.com/security/CVE-2017-9118
- https://ubuntu.com/security/CVE-2017-9120
- https://ubuntu.com/security/CVE-2017-9119
- https://ubuntu.com/security/CVE-2021-21707
- https://ubuntu.com/security/CVE-2017-8923
- https://ubuntu.com/security/CVE-2017-9118
- https://ubuntu.com/security/CVE-2017-9120
- https://ubuntu.com/security/CVE-2015-9253
- https://ubuntu.com/security/CVE-2017-9119
- https://ubuntu.com/security/CVE-2021-21707
Title: USN-5299-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5299-1
Priorities: medium,low
Description:
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could
reassemble mixed encrypted and plaintext fragments. A physically proximate
attacker could possibly use this issue to inject packets or exfiltrate
selected fragments. (CVE-2020-26147)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly perform access control. An authenticated attacker could possibly
use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129)
It was discovered that the RPA PCI Hotplug driver implementation in the
Linux kernel did not properly handle device name writes via sysfs, leading
to a buffer overflow. A privileged attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2021-28972)
It was discovered that a use-after-free existed in the Bluetooth HCI driver
of the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-33034)
Norbert Slusarek discovered that the CAN broadcast manger (bcm) protocol
implementation in the Linux kernel did not properly initialize memory in
some situations. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2021-34693)
马哲宇 discovered that the IEEE 1394 (Firewire) nosy packet sniffer driver in
the Linux kernel did not properly perform reference counting in some
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-3483)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle HCI device initialization failure, leading to a double-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2021-3564)
Murray McAllister discovered that the joystick device interface in the
Linux kernel did not properly validate data passed via an ioctl(). A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code on systems with a joystick device
registered. (CVE-2021-3612)
It was discovered that the tracing subsystem in the Linux kernel did not
properly keep track of per-cpu ring buffer state. A privileged attacker
could use this to cause a denial of service. (CVE-2021-3679)
It was discovered that the MAX-3421 host USB device driver in the Linux
kernel did not properly handle device removal events. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2021-38204)
It was discovered that the 6pack network protocol driver in the Linux
kernel did not properly perform validation checks. A privileged attacker
could use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2021-42008)
Amit Klein discovered that the IPv6 implementation in the Linux kernel
could disclose internal state in some situations. An attacker could
possibly use this to expose sensitive information. (CVE-2021-45485)
CVEs: - https://ubuntu.com/security/CVE-2020-26147
- https://ubuntu.com/security/CVE-2020-26558
- https://ubuntu.com/security/CVE-2021-0129
- https://ubuntu.com/security/CVE-2021-28972
- https://ubuntu.com/security/CVE-2021-33034
- https://ubuntu.com/security/CVE-2021-34693
- https://ubuntu.com/security/CVE-2021-3483
- https://ubuntu.com/security/CVE-2021-3564
- https://ubuntu.com/security/CVE-2021-3612
- https://ubuntu.com/security/CVE-2021-3679
- https://ubuntu.com/security/CVE-2021-38204
- https://ubuntu.com/security/CVE-2021-42008
- https://ubuntu.com/security/CVE-2021-45485
- https://ubuntu.com/security/CVE-2020-26558
- https://ubuntu.com/security/CVE-2021-3564
- https://ubuntu.com/security/CVE-2021-34693
- https://ubuntu.com/security/CVE-2021-3483
- https://ubuntu.com/security/CVE-2020-26147
- https://ubuntu.com/security/CVE-2021-28972
- https://ubuntu.com/security/CVE-2021-33034
- https://ubuntu.com/security/CVE-2021-42008
- https://ubuntu.com/security/CVE-2021-45485
- https://ubuntu.com/security/CVE-2021-38204
- https://ubuntu.com/security/CVE-2021-0129
- https://ubuntu.com/security/CVE-2021-3679
- https://ubuntu.com/security/CVE-2021-3612
Title: USN-5298-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5298-1
Priorities: medium,low
Description:
It was discovered that the Packet network protocol implementation in the
Linux kernel contained a double-free vulnerability. A local attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2021-22600)
Jürgen Groß discovered that the Xen subsystem within the Linux kernel did
not adequately limit the number of events driver domains (unprivileged PV
backends) could send to other guest VMs. An attacker in a driver domain
could use this to cause a denial of service in other guest VMs.
(CVE-2021-28711, CVE-2021-28712, CVE-2021-28713)
Jürgen Groß discovered that the Xen network backend driver in the Linux
kernel did not adequately limit the amount of queued packets when a guest
did not process them. An attacker in a guest VM can use this to cause a
denial of service (excessive kernel memory consumption) in the network
backend domain. (CVE-2021-28714, CVE-2021-28715)
Szymon Heidrich discovered that the USB Gadget subsystem in the Linux
kernel did not properly restrict the size of control requests for certain
gadget types, leading to possible out of bounds reads or writes. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2021-39685)
Jann Horn discovered a race condition in the Unix domain socket
implementation in the Linux kernel that could result in a read-after-free.
A local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-4083)
Kirill Tkhai discovered that the XFS file system implementation in the
Linux kernel did not calculate size correctly when pre-allocating space in
some situations. A local attacker could use this to expose sensitive
information. (CVE-2021-4155)
Lin Ma discovered that the NFC Controller Interface (NCI) implementation in
the Linux kernel contained a race condition, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-4202)
Sushma Venkatesh Reddy discovered that the Intel i915 graphics driver in
the Linux kernel did not perform a GPU TLB flush in some situations. A
local attacker could use this to cause a denial of service or possibly
execute arbitrary code. (CVE-2022-0330)
It was discovered that the VMware Virtual GPU driver in the Linux kernel
did not properly handle certain failure conditions, leading to a stale
entry in the file descriptor table. A local attacker could use this to
expose sensitive information or possibly gain administrative privileges.
(CVE-2022-22942)
CVEs: - https://ubuntu.com/security/CVE-2021-22600
- https://ubuntu.com/security/CVE-2021-28711
- https://ubuntu.com/security/CVE-2021-28712
- https://ubuntu.com/security/CVE-2021-28713
- https://ubuntu.com/security/CVE-2021-28714
- https://ubuntu.com/security/CVE-2021-28715
- https://ubuntu.com/security/CVE-2021-39685
- https://ubuntu.com/security/CVE-2021-4083
- https://ubuntu.com/security/CVE-2021-4155
- https://ubuntu.com/security/CVE-2021-4202
- https://ubuntu.com/security/CVE-2022-0330
- https://ubuntu.com/security/CVE-2022-22942
- https://ubuntu.com/security/CVE-2021-39685
- https://ubuntu.com/security/CVE-2021-28715
- https://ubuntu.com/security/CVE-2021-28711
- https://ubuntu.com/security/CVE-2021-4083
- https://ubuntu.com/security/CVE-2021-28713
- https://ubuntu.com/security/CVE-2022-0330
- https://ubuntu.com/security/CVE-2021-28712
- https://ubuntu.com/security/CVE-2021-28714
- https://ubuntu.com/security/CVE-2021-22600
- https://ubuntu.com/security/CVE-2022-22942
- https://ubuntu.com/security/CVE-2021-4155
- https://ubuntu.com/security/CVE-2021-4202
Title: USN-5292-4: snapd regression
URL: https://ubuntu.com/security/notices/USN-5292-4
Priorities: medium,high
Description:
USN-5292-1 fixed a vulnerability in snapd. Unfortunately that update introduced
a regression that could break the fish shell. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
James Troup discovered that snap did not properly manage the permissions for
the snap directories. A local attacker could possibly use this issue to expose
sensitive information. (CVE-2021-3155)
Ian Johnson discovered that snapd did not properly validate content interfaces
and layout paths. A local attacker could possibly use this issue to inject
arbitrary AppArmor policy rules, resulting in a bypass of intended access
restrictions. (CVE-2021-4120)
The Qualys Research Team discovered that snapd did not properly validate the
location of the snap-confine binary. A local attacker could possibly use this
issue to execute other arbitrary binaries and escalate privileges.
(CVE-2021-44730)
The Qualys Research Team discovered that a race condition existed in the snapd
snap-confine binary when preparing a private mount namespace for a snap. A
local attacker could possibly use this issue to escalate privileges and
execute arbitrary code. (CVE-2021-44731)
CVEs: - https://ubuntu.com/security/CVE-2021-3155
- https://ubuntu.com/security/CVE-2021-4120
- https://ubuntu.com/security/CVE-2021-44730
- https://ubuntu.com/security/CVE-2021-44731
Title: USN-5310-2: GNU C Library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5310-2
Priorities: medium,low
Description:
USN-5310-1 fixed several vulnerabilities in GNU. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that the GNU C library getcwd function incorrectly
handled buffers. An attacker could use this issue to cause the GNU C
Library to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2021-3999)
It was discovered that the GNU C Library sunrpc module incorrectly handled
buffer lengths. An attacker could possibly use this issue to cause the GNU
C Library to crash, resulting in a denial of service. (CVE-2022-23218,
CVE-2022-23219)
CVEs: - https://ubuntu.com/security/CVE-2021-3999
- https://ubuntu.com/security/CVE-2022-23218
- https://ubuntu.com/security/CVE-2022-23219
- https://ubuntu.com/security/CVE-2022-23218
- https://ubuntu.com/security/CVE-2021-3999
- https://ubuntu.com/security/CVE-2022-23219
Title: USN-5319-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5319-1
Priorities: high
Description:
Enrico Barberis, Pietro Frigo, Marius Muench, Herbert Bos, and Cristiano
Giuffrida discovered that hardware mitigations added by Intel to their
processors to address Spectre-BTI were insufficient. A local attacker could
potentially use this to expose sensitive information.
CVEs: - https://ubuntu.com/security/CVE-2022-0001
- https://ubuntu.com/security/CVE-2022-0002
Title: USN-5301-2: Cyrus SASL vulnerability
URL: https://ubuntu.com/security/notices/USN-5301-2
Priorities: high
Description:
USN-5301-1 fixed a vulnerability in Cyrus. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that the Cyrus SASL SQL plugin incorrectly handled SQL
input. A remote attacker could use this issue to execute arbitrary SQL
commands.
CVEs: - https://ubuntu.com/security/CVE-2022-24407
- https://ubuntu.com/security/CVE-2015-9253
456.239
Available in VMware Tanzu Network
Release Date: February 21, 2022
Metadata:
BOSH Agent Version: 2.234.49
USNs:
Title: USN-5264-1: Graphviz vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5264-1
Priorities: low,medium
Description:
It was discovered that graphviz contains null pointer dereference
vulnerabilities. Exploitation via a specially crafted input file
can cause a denial of service.
(CVE-2018-10196, CVE-2019-11023)
It was discovered that graphviz contains a buffer overflow
vulnerability. Exploitation via a specially crafted input file can cause
a denial of service or possibly allow for arbitrary code execution.
(CVE-2020-18032)
CVEs:
- https://ubuntu.com/security/CVE-2018-10196
- https://ubuntu.com/security/CVE-2019-11023
- https://ubuntu.com/security/CVE-2020-18032
- https://ubuntu.com/security/CVE-2018-10196
- https://ubuntu.com/security/CVE-2020-18032
- https://ubuntu.com/security/CVE-2019-11023
Title: USN-5262-1: GPT fdisk vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5262-1
Priorities: low
Description:
The potential for an out of bounds write due to a missing bounds
check was discovered to impact the sgdisk utility of GPT fdisk.
Exploitation requires the use of a maliciously formatted storage
device and could cause sgdisk to crash as well as possibly
allow for local privilege escalation.
CVEs:
- https://ubuntu.com/security/CVE-2020-0256
- https://ubuntu.com/security/CVE-2021-0308
Title: USN-5280-1: Speex vulnerability
URL: https://ubuntu.com/security/notices/USN-5280-1
Priorities: medium
Description:
It was discovered that Speex incorrectly handled certain WAV files.
An attacker could possibly use this issue to cause a denial of service.
CVEs:
- https://ubuntu.com/security/CVE-2020-23903
Title: USN-5292-3: snapd vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5292-3
Priorities: medium,high
Description:
USN-5292-1 fixed several vulnerabilities in snapd. This update provides the
corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
James Troup discovered that snap did not properly manage the permissions for
the snap directories. A local attacker could possibly use this issue to expose
sensitive information. (CVE-2021-3155)
Ian Johnson discovered that snapd did not properly validate content interfaces
and layout paths. A local attacker could possibly use this issue to inject
arbitrary AppArmor policy rules, resulting in a bypass of intended access
restrictions. (CVE-2021-4120)
The Qualys Research Team discovered that snapd did not properly validate the
location of the snap-confine binary. A local attacker could possibly use this
issue to execute other arbitrary binaries and escalate privileges.
(CVE-2021-44730)
The Qualys Research Team discovered that a race condition existed in the snapd
snap-confine binary when preparing a private mount namespace for a snap. A
local attacker could possibly use this issue to escalate privileges and
execute arbitrary code. (CVE-2021-44731)
CVEs:
- https://ubuntu.com/security/CVE-2021-3155
- https://ubuntu.com/security/CVE-2021-4120
- https://ubuntu.com/security/CVE-2021-44730
- https://ubuntu.com/security/CVE-2021-44731
- https://ubuntu.com/security/CVE-2021-3155
- https://ubuntu.com/security/CVE-2021-4120
- https://ubuntu.com/security/CVE-2021-44730
- https://ubuntu.com/security/CVE-2021-44731
Title: USN-5275-1: BlueZ vulnerability
URL: https://ubuntu.com/security/notices/USN-5275-1
Priorities: medium
Description:
Ziming Zhang discovered that BlueZ incorrectly handled memory write operations
in its gatt server. A remote attacker could possibly use this to cause BlueZ to
crash leading to a denial of service, or potentially remotely execute code.
(CVE-2022-0204)
CVEs:
- https://ubuntu.com/security/CVE-2022-0204
- https://ubuntu.com/security/CVE-2022-0204
Title: USN-5269-2: Django vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5269-2
Priorities: medium
Description:
USN-5269-1 fixed several vulnerabilities in Django. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Keryn Knight discovered that Django incorrectly handled certain template
tags. A remote attacker could possibly use this issue to perform a
cross-site scripting attack. (CVE-2022-22818)
Alan Ryan discovered that Django incorrectly handled file uploads. A remote
attacker could possibly use this issue to cause Django to hang, resulting
in a denial of service. (CVE-2022-23833)
CVEs:
- https://ubuntu.com/security/CVE-2022-22818
- https://ubuntu.com/security/CVE-2022-23833
- https://ubuntu.com/security/CVE-2022-22818
- https://ubuntu.com/security/CVE-2022-23833
456.236
Available in VMware Tanzu Network
Release Date: February 10, 2022
Metadata:
BOSH Agent Version: 2.234.47
USNs:
Title: USN-5254-1: shadow vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5254-1
Priorities: low
Description:
It was discovered that shadow incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
expose sensitive information. This issue only affected
Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. (CVE-2017-12424)
It was discovered that shadow incorrectly handled certain inputs.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2018-7169)
CVEs:
- https://ubuntu.com/security/CVE-2017-12424
- https://ubuntu.com/security/CVE-2018-7169
- https://ubuntu.com/security/CVE-2018-7169
- https://ubuntu.com/security/CVE-2017-12424
Title: USN-5259-1: Cron vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5259-1
Priorities: low
Description:
It was discovered that the postinst maintainer script in Cron unsafely
handled file permissions during package install or update operations.
An attacker could possibly use this issue to perform a privilege
escalation attack. (CVE-2017-9525)
Florian Weimer discovered that Cron incorrectly handled certain memory
operations during crontab file creation. An attacker could possibly use
this issue to cause a denial of service. (CVE-2019-9704)
It was discovered that Cron incorrectly handled user input during crontab
file creation. An attacker could possibly use this issue to cause a denial
of service. (CVE-2019-9705)
It was discovered that Cron contained a use-after-free vulnerability in
its force_rescan_user function. An attacker could possibly use this issue
to cause a denial of service. (CVE-2019-9706)
CVEs:
- https://ubuntu.com/security/CVE-2017-9525
- https://ubuntu.com/security/CVE-2019-9704
- https://ubuntu.com/security/CVE-2019-9705
- https://ubuntu.com/security/CVE-2019-9706
- https://ubuntu.com/security/CVE-2019-9704
- https://ubuntu.com/security/CVE-2019-9705
- https://ubuntu.com/security/CVE-2019-9706
- https://ubuntu.com/security/CVE-2017-9525
Title: USN-5234-1: Byobu vulnerability
URL: https://ubuntu.com/security/notices/USN-5234-1
Priorities: low
Description:
Sander Bos discovered that Byobu incorrectly handled certain Apport data.
An attacker could possibly use this issue to expose sensitive information.
CVEs:
- https://ubuntu.com/security/CVE-2019-7306
Title: USN-5244-1: DBus vulnerability
URL: https://ubuntu.com/security/notices/USN-5244-1
Priorities: low
Description:
Daniel Onaca discovered that DBus contained a use-after-free vulnerability,
caused by the incorrect handling of usernames sharing the same UID. An
attacker could possibly use this issue to cause DBus to crash, resulting
in a denial of service.
CVEs:
- https://ubuntu.com/security/CVE-2020-35512
Title: USN-5268-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5268-1
Priorities: medium
Description:
Keyu Man discovered that the ICMP implementation in the Linux kernel did
not properly handle received ICMP error packets. A remote attacker could
use this to facilitate attacks on UDP based services that depend on source
port randomization. (CVE-2021-20322)
It was discovered that the Bluetooth subsystem in the Linux kernel
contained a use-after-free vulnerability. A local attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2021-3640)
Likang Luo discovered that a race condition existed in the Bluetooth
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2021-3752)
Luo Likang discovered that the FireDTV Firewire driver in the Linux kernel
did not properly perform bounds checking in some situations. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2021-42739)
CVEs:
- https://ubuntu.com/security/CVE-2021-20322
- https://ubuntu.com/security/CVE-2021-3640
- https://ubuntu.com/security/CVE-2021-3752
- https://ubuntu.com/security/CVE-2021-42739
- https://ubuntu.com/security/CVE-2021-3752
- https://ubuntu.com/security/CVE-2021-20322
- https://ubuntu.com/security/CVE-2021-3640
- https://ubuntu.com/security/CVE-2021-42739
Title: USN-5021-2: curl vulnerability
URL: https://ubuntu.com/security/notices/USN-5021-2
Priorities: low,medium
Description:
USN-5021-1 fixed vulnerabilities in curl. This update provides
the corresponding updates for Ubuntu 16.04 ESM.
Original advisory details:
Harry Sintonen and Tomas Hoger discovered that curl incorrectly handled
TELNET connections when the -t option was used on the command line.
Uninitialized data possibly containing sensitive information could be sent
to the remote server, contrary to expectations. (CVE-2021-22898,
CVE-2021-22925)
CVEs:
- https://ubuntu.com/security/CVE-2021-22898
- https://ubuntu.com/security/CVE-2021-22925
- https://ubuntu.com/security/CVE-2021-22898
- https://ubuntu.com/security/CVE-2021-22925
Title: USN-5064-2: GNU cpio vulnerability
URL: https://ubuntu.com/security/notices/USN-5064-2
Priorities: medium
Description:
USN-5064-1 fixed vulnerabilities in GNU cpio. This update provides
the corresponding updates for Ubuntu 16.04 ESM.
Original advisory details:
Maverick Chung and Qiaoyi Fang discovered that cpio incorrectly handled
certain pattern files. A remote attacker could use this issue to cause cpio
to crash, resulting in a denial of service, or possibly execute arbitrary
code.
CVEs:
- https://ubuntu.com/security/CVE-2021-38185
Title: USN-5193-2: X.Org X Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5193-2
Priorities: medium
Description:
USN-5193-1 fixed several vulnerabilities in X.Org. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain inputs. An attacker could use this issue to cause the server to
crash, resulting in a denial of service, or possibly execute arbitrary
code and escalate privileges.
CVEs:
- https://ubuntu.com/security/CVE-2021-4009
- https://ubuntu.com/security/CVE-2021-4008
- https://ubuntu.com/security/CVE-2021-4011
Title: USN-5252-2: PolicyKit vulnerability
URL: https://ubuntu.com/security/notices/USN-5252-2
Priorities: high
Description:
USN-5252-1 fixed a vulnerability in policykit-1. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that the PolicyKit pkexec tool incorrectly handled
command-line arguments. A local attacker could use this issue to escalate
privileges to an administrator.
CVEs:
- https://ubuntu.com/security/CVE-2021-4034
Title: USN-5235-1: Ruby vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5235-1
Priorities: medium
Description:
It was discovered that Ruby incorrectly handled certain HTML files.
An attacker could possibly use this issue to cause a crash. This
issue only affected Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10.
(CVE-2021-41816)
It was discovered that Ruby incorrectly handled certain regular expressions.
An attacker could possibly use this issue to cause a regular expression
denial of service. (CVE-2021-41817)
It was discovered that Ruby incorrectly handled certain cookie names.
An attacker could possibly use this issue to access or expose
sensitive information. (CVE-2021-41819)
CVEs:
- https://ubuntu.com/security/CVE-2021-41816
- https://ubuntu.com/security/CVE-2021-41817
- https://ubuntu.com/security/CVE-2021-41819
- https://ubuntu.com/security/CVE-2021-41816
- https://ubuntu.com/security/CVE-2021-41819
- https://ubuntu.com/security/CVE-2021-41817
Title: USN-5260-3: Samba vulnerability
URL: https://ubuntu.com/security/notices/USN-5260-3
Priorities: high
Description:
USN-5260-1 fixed a vulnerability in Samba. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Orange Tsai discovered that the Samba vfs_fruit module incorrectly handled
certain memory operations. A remote attacker could use this issue to cause
Samba to crash, resulting in a denial of service, or possibly execute
arbitrary code as root. (CVE-2021-44142)
CVEs:
- https://ubuntu.com/security/CVE-2021-44142
- https://ubuntu.com/security/CVE-2021-44142
Title: USN-5250-2: strongSwan vulnerability
URL: https://ubuntu.com/security/notices/USN-5250-2
Priorities: medium
Description:
USN-5250-1 fixed a vulnerability in strongSwan. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Zhuowei Zhang discovered that stringSwan incorrectly handled EAP
authentication. A remote attacker could use this issue to cause strongSwan
to crash, resulting in a denial of service, or possibly bypass client and
server authentication.
CVEs:
- https://ubuntu.com/security/CVE-2021-45079
Title: USN-5243-2: AIDE vulnerability
URL: https://ubuntu.com/security/notices/USN-5243-2
Priorities: medium
Description:
USN-5243-1 fixed a vulnerability in aide. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
David Bouman discovered that AIDE incorrectly handled base64 operations. A
local attacker could use this issue to cause AIDE to crash, resulting in a
denial of service, or possibly execute arbitrary code.
CVEs:
- https://ubuntu.com/security/CVE-2021-45417
Title: USN-5233-2: ClamAV vulnerability
URL: https://ubuntu.com/security/notices/USN-5233-2
Priorities: medium
Description:
USN-5233-1 fixed a vulnerability in ClamAV. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that ClamAV incorrectly handled memory when the
CL_SCAN_GENERAL_COLLECT_METADATA scan option was enabled. A remote attacker
could possibly use this issue to cause ClamAV to crash, resulting in a
denial of service.
CVEs:
- https://ubuntu.com/security/CVE-2022-20698
Title: USN-5270-2: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5270-2
Priorities: medium
Description:
USN-5270-1 fixed several vulnerabilities in MySQL. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 5.7.37 in Ubuntu 16.04 ESM.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-37.html
https://www.oracle.com/security-alerts/cpujan2022.html
CVEs:
- https://ubuntu.com/security/CVE-2022-21304
- https://ubuntu.com/security/CVE-2022-21344
- https://ubuntu.com/security/CVE-2022-21367
- https://ubuntu.com/security/CVE-2022-21303
- https://ubuntu.com/security/CVE-2022-21270
- https://ubuntu.com/security/CVE-2022-21245
456.227
Available in VMware Tanzu Network
Release Date: January 18, 2022
Fixes
Fixes an issue that caused the bosh-agent to continually fail to start when either the cgroup v1 memory controller or the cgroup v2 controller was mounted in more than one location on the file system.
Metadata:
BOSH Agent Version: 2.234.42
USNs:
Title: USN-5225-1: lxml vulnerability
URL: https://ubuntu.com/security/notices/USN-5225-1
Priorities: medium
Description:
It was discovered that lxml incorrectly handled certain XML and HTML files.
An attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://ubuntu.com/security/CVE-2021-43818
Title: USN-5212-2: Apache HTTP Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5212-2
Priorities: medium
Description:
USN-5212-1 fixed several vulnerabilities in Apache. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that the Apache HTTP Server incorrectly handled certain
forward proxy requests. A remote attacker could use this issue to cause
the server to crash, resulting in a denial of service, or possibly perform
a Server Side Request Forgery attack. (CVE-2021-44224)
It was discovered that the Apache HTTP Server Lua module incorrectly
handled memory in the multipart parser. A remote attacker could use this
issue to cause the server to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2021-44790)
CVEs:
- https://ubuntu.com/security/CVE-2021-44224
- https://ubuntu.com/security/CVE-2021-44790
- https://ubuntu.com/security/CVE-2021-44790
- https://ubuntu.com/security/CVE-2021-44224
456.224
Available in VMware Tanzu Network
Release Date: January 07, 2022
Metadata:
BOSH Agent Version: 2.234.39
USNs:
Title: LSN-0083-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0083-1
Priorities: medium,high
Description:
The BPF subsystem in the Linux kernel before 4.17 mishandles
situations with a long jump over an instruction sequence where inner
instructions require substantial expansions into multiple BPF instructions,
leading to an overflow. This affects kernel/bpf/core.c and
net/core/filter.c.(CVE-2018-25020)
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD
processors in the Linux kernel did not properly prevent a guest VM from
enabling AVIC in nested guest VMs. An attacker in a guest VM could use this
to write to portions of the host’s physical memory.(CVE-2021-3653)
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages.(CVE-2021-4002)
Andy Nguyen discovered that the netfilter subsystem in the Linux kernel
contained an out-of-bounds write in its setsockopt() implementation. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.(CVE-2021-22555)
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code.(CVE-2021-33909)
CVEs:
- https://ubuntu.com/security/CVE-2018-25020
- https://ubuntu.com/security/CVE-2021-3653
- https://ubuntu.com/security/CVE-2021-4002
- https://ubuntu.com/security/CVE-2021-22555
- https://ubuntu.com/security/CVE-2021-33909
- https://ubuntu.com/security/CVE-2021-33909
- https://ubuntu.com/security/CVE-2018-25020
- https://ubuntu.com/security/CVE-2021-4002
- https://ubuntu.com/security/CVE-2021-22555
- https://ubuntu.com/security/CVE-2021-3653
Title: USN-5211-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5211-1
Priorities: high
Description:
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages.
CVEs:
- https://ubuntu.com/security/CVE-2021-4002
Title: USN-5209-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5209-1
Priorities: high,low,medium
Description:
Nadav Amit discovered that the hugetlb implementation in the Linux kernel
did not perform TLB flushes under certain conditions. A local attacker
could use this to leak or alter data from other processes that use huge
pages. (CVE-2021-4002)
It was discovered that a race condition existed in the timer implementation
in the Linux kernel. A privileged attacker could use this cause a denial of
service. (CVE-2021-20317)
It was discovered that a race condition existed in the overlay file system
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (system crash). (CVE-2021-20321)
It was discovered that the NFC subsystem in the Linux kernel contained a
use-after-free vulnerability in its NFC Controller Interface (NCI)
implementation. A local attacker could possibly use this to cause a denial
of service (system crash) or execute arbitrary code. (CVE-2021-3760)
It was discovered that an integer overflow could be triggered in the eBPF
implementation in the Linux kernel when preallocating objects for stack
maps. A privileged local attacker could use this to cause a denial of
service or possibly execute arbitrary code. (CVE-2021-41864)
It was discovered that the ISDN CAPI implementation in the Linux kernel
contained a race condition in certain situations that could trigger an
array out-of-bounds bug. A privileged local attacker could possibly use
this to cause a denial of service or execute arbitrary code.
(CVE-2021-43389)
CVEs:
- https://ubuntu.com/security/CVE-2021-4002
- https://ubuntu.com/security/CVE-2021-20317
- https://ubuntu.com/security/CVE-2021-20321
- https://ubuntu.com/security/CVE-2021-3760
- https://ubuntu.com/security/CVE-2021-41864
- https://ubuntu.com/security/CVE-2021-43389
- https://ubuntu.com/security/CVE-2021-4002
- https://ubuntu.com/security/CVE-2021-43389
- https://ubuntu.com/security/CVE-2021-20321
- https://ubuntu.com/security/CVE-2021-3760
- https://ubuntu.com/security/CVE-2021-41864
- https://ubuntu.com/security/CVE-2021-20317
456.220
Available in VMware Tanzu Network
Release Date: December 17, 2021
Fixes
- This release reverts the NATS firewall enhancement added in 456.213. Changes associated with this feature caused VMs to report a networking failed state and prevented monit firewall rules from being applied. The NATS firewall enhancement will be reintroduced in a future release.
#### Metadata:
BOSH Agent Version: 2.234.37
#### USNs:
Title: USN-5202-1: OpenJDK vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5202-1
Priorities: medium
Description:
Varnavas Papaioannou discovered that the FTP client implementation in
OpenJDK accepted alternate server IP addresses when connecting with FTP
passive mode. An attacker controlling an FTP server that an application
connects to could possibly use this to expose sensitive information
(rudimentary port scans). This issue only affected Ubuntu 16.04 ESM,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-2341)
Markus Loewe discovered that OpenJDK did not properly handle JAR files
containing multiple manifest files. An attacker could possibly use
this to bypass JAR signature verification. This issue only affected
Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu
21.04. (CVE-2021-2369)
Huixin Ma discovered that the Hotspot VM in OpenJDK did not properly
perform range check elimination in some situations. An attacker could
possibly use this to construct a Java class that could bypass Java
sandbox restrictions. This issue only affected Ubuntu 16.04 ESM,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. (CVE-2021-2388)
Asaf Greenholts discovered that OpenJDK preferred certain weak ciphers by
default. An attacker could possibly use this to expose sensitive
information. (CVE-2021-35550)
It was discovered that the Rich Text Format (RTF) Parser in OpenJDK did not
properly restrict the amount of memory allocated in some situations. An
attacker could use this to specially craft an RTF file that caused a denial
of service. (CVE-2021-35556)
It was discovered that the Rich Text Format (RTF) Reader in OpenJDK did not
properly restrict the amount of memory allocated in some situations. An
attacker could use this to specially craft an RTF file that caused a denial
of service. (CVE-2021-35559)
Markus Loewe discovered that the HashMap and HashSet implementations in
OpenJDK did not properly validate load factors during deserialization. An
attacker could use this to cause a denial of service (excessive memory
consumption). (CVE-2021-35561)
It was discovered that the Keytool component in OpenJDK did not properly
handle certificates with validity ending dates in the far future. An
attacker could use this to specially craft a certificate that when imported
could corrupt a keystore. (CVE-2021-35564)
Tristen Hayfield discovered that the HTTP server implementation in OpenJDK
did not properly handle TLS session close in some situations. A remote
attacker could possibly use this to cause a denial of service (application
infinite loop). (CVE-2021-35565)
Chuck Hunley discovered that the Kerberos implementation in OpenJDK did not
correctly report subject principals when using Kerberos Constrained
Delegation. An attacker could possibly use this to cause incorrect Kerberos
tickets to be used. (CVE-2021-35567)
it was discovered that the TLS implementation in OpenJDK did not properly
handle TLS handshakes in certain situations where a Java application is
acting as a TLS server. A remote attacker could possibly use this to cause
a denial of service (application crash). (CVE-2021-35578)
it was discovered that OpenJDK did not properly restrict the amount of
memory allocated when processing BMP images. An attacker could use this to
specially craft a BMP image file that could cause a denial of service.
(CVE-2021-35586)
It was discovered that the HotSpot VM in OpenJDK 8 did not properly perform
validation of inner class index values in some situations. An attacker
could use this to specially craft a class file that when loaded could cause
a denial of service (Java VM crash). (CVE-2021-35588)
Artem Smotrakov discovered that the TLS implementation in OpenJDK used non-
constant time comparisons during TLS handshakes. A remote attacker could
use this to expose sensitive information. (CVE-2021-35603)
CVEs:
- https://ubuntu.com/security/CVE-2021-2341
- https://ubuntu.com/security/CVE-2021-2369
- https://ubuntu.com/security/CVE-2021-2388
- https://ubuntu.com/security/CVE-2021-35550
- https://ubuntu.com/security/CVE-2021-35556
- https://ubuntu.com/security/CVE-2021-35559
- https://ubuntu.com/security/CVE-2021-35561
- https://ubuntu.com/security/CVE-2021-35564
- https://ubuntu.com/security/CVE-2021-35565
- https://ubuntu.com/security/CVE-2021-35567
- https://ubuntu.com/security/CVE-2021-35578
- https://ubuntu.com/security/CVE-2021-35586
- https://ubuntu.com/security/CVE-2021-35588
- https://ubuntu.com/security/CVE-2021-35603
- https://ubuntu.com/security/CVE-2021-35556
- https://ubuntu.com/security/CVE-2021-35561
- https://ubuntu.com/security/CVE-2021-35588
- https://ubuntu.com/security/CVE-2021-35578
- https://ubuntu.com/security/CVE-2021-2341
- https://ubuntu.com/security/CVE-2021-35564
- https://ubuntu.com/security/CVE-2021-35603
- https://ubuntu.com/security/CVE-2021-35559
- https://ubuntu.com/security/CVE-2021-35586
- https://ubuntu.com/security/CVE-2021-35550
- https://ubuntu.com/security/CVE-2021-35567
- https://ubuntu.com/security/CVE-2021-2369
- https://ubuntu.com/security/CVE-2021-35565
- https://ubuntu.com/security/CVE-2021-2388
Title: USN-5189-1: GLib vulnerability
URL: https://ubuntu.com/security/notices/USN-5189-1
Priorities: medium
Description:
It was discovered that GLib incorrectly handled certain environment variables.
An attacker could possibly use this issue to escalate privileges.
CVEs: - https://ubuntu.com/security/CVE-2021-3800
Title: USN-5168-4: NSS regression
URL: https://ubuntu.com/security/notices/USN-5168-4
Priorities: high
Description:
USN-5168-3 fixed a vulnerability in NSS. Unfortunately that update introduced
a regression that could break SSL connections. This update fixes the problem.
We apologize for the inconvenience.
Original advisory details:
Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS
signatures. A remote attacker could use this issue to cause NSS to crash,
resulting in a denial of service, or possibly execute arbitrary code.
CVEs: - https://ubuntu.com/security/CVE-2021-43527
Title: USN-5192-2: Apache Log4j 2 vulnerability
URL: https://ubuntu.com/security/notices/USN-5192-2
Priorities: high
Description:
USN-5192-1 fixed a vulnerability in Apache Log4j 2. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run
programs via a special crafted input. An attacker could use this vulnerability
to cause a denial of service or possibly execute arbitrary code.
CVEs: - https://ubuntu.com/security/CVE-2021-44228
- https://ubuntu.com/security/CVE-2021-2341
456.213
Available in VMware Tanzu Network
Release Date: December 06, 2021
Enhancements
- Added firewall rules to restrict access to the NATS message bus except by the bosh agent. This provides an additional layer of security so even if an attacker is able to gain access to the NATS credentials, they would be unable to use those from a workload on a Bosh deployed VM. If you are attempting to debug NATS connectivity problems by directly connecting to the Bosh NATS server, you will need additional access; instructions can be found here.
#### Known Issue:
Errors are present in the networking service post-start scripts for all BOSH-managed VMs which:
- Causes networking service to report a failed state
- Incorrectly allows external connections to the monit service
- Incorrectly allows external connections to the NATS service
#### Metadata:
BOSH Agent Version: 2.234.35
#### USNs:
Title: USN-5147-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5147-1
Priorities: low,medium
Description:
It was discovered that Vim incorrectly handled permissions on the .swp
file. A local attacker could possibly use this issue to obtain sensitive
information. This issue only affected Ubuntu 14.04 ESM. (CVE-2017-17087)
It was discovered that Vim incorrectly handled restricted mode. A local
attacker could possibly use this issue to bypass restricted mode and
execute arbitrary commands. Note: This update only makes executing shell
commands more difficult. Restricted mode should not be considered a
complete security measure. This issue only affected Ubuntu 14.04 ESM.
(CVE-2019-20807)
Brian Carpenter discovered that vim incorrectly handled memory
when opening certain files. If a user was tricked into opening
a specially crafted file, a remote attacker could crash the
application, leading to a denial of service, or possible execute
arbitrary code with user privileges. This issue only affected
Ubuntu 20.04 LTS, Ubuntu 21.04 and Ubuntu 21.10. (CVE-2021-3872)
It was discovered that vim incorrectly handled memory when
opening certain files. If a user was tricked into opening
a specially crafted file, a remote attacker could crash the
application, leading to a denial of service, or possible execute
arbitrary code with user privileges. (CVE-2021-3903)
It was discovered that vim incorrectly handled memory when
opening certain files. If a user was tricked into opening
a specially crafted file, a remote attacker could crash the
application, leading to a denial of service, or possible execute
arbitrary code with user privileges. (CVE-2021-3927)
It was discovered that vim incorrectly handled memory when
opening certain files. If a user was tricked into opening
a specially crafted file, a remote attacker could crash the
application, leading to a denial of service, or possible execute
arbitrary code with user privileges. (CVE-2021-3928)
CVEs:
- https://ubuntu.com/security/CVE-2017-17087
- https://ubuntu.com/security/CVE-2019-20807
- https://ubuntu.com/security/CVE-2021-3872
- https://ubuntu.com/security/CVE-2021-3903
- https://ubuntu.com/security/CVE-2021-3927
- https://ubuntu.com/security/CVE-2021-3928
- https://ubuntu.com/security/CVE-2021-3928
- https://ubuntu.com/security/CVE-2021-3927
- https://ubuntu.com/security/CVE-2017-17087
- https://ubuntu.com/security/CVE-2019-20807
- https://ubuntu.com/security/CVE-2021-3903
- https://ubuntu.com/security/CVE-2021-3872
Title: USN-5158-1: ImageMagick vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5158-1
Priorities: low
Description:
It was discovered that ImageMagick incorrectly handled certain values
when processing visual effects based image files. By tricking a user into
opening a specially crafted image file, an attacker could crash the
application causing a denial of service. (CVE-2021-20244)
It was discovered that ImageMagick incorrectly handled certain values
when performing resampling operations. By tricking a user into opening
a specially crafted image file, an attacker could crash the application
causing a denial of service. (CVE-2021-20246)
It was discovered that ImageMagick incorrectly handled certain values
when processing visual effects based image files. By tricking a user into
opening a specially crafted image file, an attacker could crash the
application causing a denial of service (CVE-2021-20309)
It was discovered that ImageMagick incorrectly handled certain values
when processing thumbnail image data. By tricking a user into opening
a specially crafted image file, an attacker could crash the application
causing a denial of service. (CVE-2021-20312)
It was discovered that ImageMagick incorrectly handled memory cleanup
when performing certain cryptographic operations. Under certain conditions
sensitive cryptographic information could be disclosed. (CVE-2021-20313)
CVEs: - https://ubuntu.com/security/CVE-2021-20244
- https://ubuntu.com/security/CVE-2021-20246
- https://ubuntu.com/security/CVE-2021-20309
- https://ubuntu.com/security/CVE-2021-20312
- https://ubuntu.com/security/CVE-2021-20313
- https://ubuntu.com/security/CVE-2021-20244
- https://ubuntu.com/security/CVE-2021-20246
- https://ubuntu.com/security/CVE-2021-20309
- https://ubuntu.com/security/CVE-2021-20312
- https://ubuntu.com/security/CVE-2021-20313
Title: USN-5144-1: OpenEXR vulnerability
URL: https://ubuntu.com/security/notices/USN-5144-1
Priorities: medium
Description:
It was discovered that OpenEXR incorrectly handled certain EXR
image files. An attacker could possibly use this issue to cause a crash
or execute arbitrary code.
CVEs: - https://ubuntu.com/security/CVE-2021-3933
Title: USN-5150-1: OpenEXR vulnerability
URL: https://ubuntu.com/security/notices/USN-5150-1
Priorities: medium
Description:
It was discovered that OpenEXR incorrectly handled certain EXR image files.
An attacker could possibly use this issue to cause a crash.
CVEs: - https://ubuntu.com/security/CVE-2021-3941
Title: USN-5168-3: NSS vulnerability
URL: https://ubuntu.com/security/notices/USN-5168-3
Priorities: high
Description:
USN-5168-1 fixed a vulnerability in NSS. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Tavis Ormandy discovered that NSS incorrectly handled verifying DSA/RSA-PSS
signatures. A remote attacker could use this issue to cause NSS to crash,
resulting in a denial of service, or possibly execute arbitrary code.
CVEs: - https://ubuntu.com/security/CVE-2021-43527
- https://ubuntu.com/security/CVE-2017-17087
456.207
Available in VMware Tanzu Network
Release Date: November 11, 2021
Metadata:
BOSH Agent Version: 2.234.31
USNs:
Title: USN-5114-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5114-1
Priorities: medium,low
Description:
It was discovered that a race condition existed in the Atheros Ath9k WiFi
driver in the Linux kernel. An attacker could possibly use this to expose
sensitive information (WiFi network traffic). (CVE-2020-3702)
It was discovered that the KVM hypervisor implementation in the Linux
kernel did not properly compute the access permissions for shadow pages in
some situations. A local attacker could use this to cause a denial of
service. (CVE-2021-38198)
It was discovered that the ext4 file system in the Linux kernel contained a
race condition when writing xattrs to an inode. A local attacker could use
this to cause a denial of service or possibly gain administrative
privileges. (CVE-2021-40490)
It was discovered that the 6pack network protocol driver in the Linux
kernel did not properly perform validation checks. A privileged attacker
could use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2021-42008)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-3702
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-40490
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-38198
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-42008
Title: USN-5119-1: libcaca vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5119-1
Priorities: medium
Description:
It was discovered that libcaca incorrectly handled certain images. An attacker
could possibly use this issue to cause a crash. (CVE-2021-30498, CVE-2021-30499)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-30498
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-30499
Title: USN-5136-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5136-1
Priorities: low,medium
Description:
It was discovered that the f2fs file system in the Linux kernel did not
properly validate metadata in some situations. An attacker could use this
to construct a malicious f2fs image that, when mounted and operated on,
could cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2019-19449)
It was discovered that the FUSE user space file system implementation in
the Linux kernel did not properly handle bad inodes in some situations. A
local attacker could possibly use this to cause a denial of service.
(CVE-2020-36322)
It was discovered that the Infiniband RDMA userspace connection manager
implementation in the Linux kernel contained a race condition leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possible execute arbitrary code.
(CVE-2020-36385)
Ilja Van Sprundel discovered that the SCTP implementation in the Linux
kernel did not properly perform size validations on incoming packets in
some situations. An attacker could possibly use this to expose sensitive
information (kernel memory). (CVE-2021-3655)
It was discovered that the Qualcomm IPC Router protocol implementation in
the Linux kernel did not properly validate metadata in some situations. A
local attacker could use this to cause a denial of service (system crash)
or expose sensitive information. (CVE-2021-3743)
It was discovered that the virtual terminal (vt) device implementation in
the Linux kernel contained a race condition in its ioctl handling that led
to an out-of-bounds read vulnerability. A local attacker could possibly use
this to expose sensitive information. (CVE-2021-3753)
It was discovered that the Linux kernel did not properly account for the
memory usage of certain IPC objects. A local attacker could use this to
cause a denial of service (memory exhaustion). (CVE-2021-3759)
Michael Wakabayashi discovered that the NFSv4 client implementation in the
Linux kernel did not properly order connection setup operations. An
attacker controlling a remote NFS server could use this to cause a denial
of service on the client. (CVE-2021-38199)
It was discovered that the Aspeed Low Pin Count (LPC) Bus Controller
implementation in the Linux kernel did not properly perform boundary checks
in some situations, allowing out-of-bounds write access. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. In Ubuntu, this issue only affected systems running
armhf kernels. (CVE-2021-42252)
CVEs:
- https://ubuntu.com/security/CVE-2019-19449
- https://ubuntu.com/security/CVE-2020-36322
- https://ubuntu.com/security/CVE-2020-36385
- https://ubuntu.com/security/CVE-2021-3655
- https://ubuntu.com/security/CVE-2021-3743
- https://ubuntu.com/security/CVE-2021-3753
- https://ubuntu.com/security/CVE-2021-3759
- https://ubuntu.com/security/CVE-2021-38199
- https://ubuntu.com/security/CVE-2021-42252
- https://ubuntu.com/security/CVE-2021-38199
- https://ubuntu.com/security/CVE-2020-36322
- https://ubuntu.com/security/CVE-2021-3759
- https://ubuntu.com/security/CVE-2021-3753
- https://ubuntu.com/security/CVE-2020-36385
- https://ubuntu.com/security/CVE-2019-19449
- https://ubuntu.com/security/CVE-2021-3743
- https://ubuntu.com/security/CVE-2021-42252
- https://ubuntu.com/security/CVE-2021-3655
Title: USN-5133-1: ICU vulnerability
URL: https://ubuntu.com/security/notices/USN-5133-1
Priorities: low
Description:
It was discovered that ICU contains a use after free issue.
An attacker could use this issue to cause a denial of service with crafted input.
CVEs:
- https://ubuntu.com/security/CVE-2020-21913
Title: LSN-0082-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0082-1
Priorities: medium,high
Description:
Jann Horn discovered that the tty subsystem of the Linux kernel did not use
consistent locking in some situations, leading to a read-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information (kernel memory).(CVE-2020-29660)
Jann Horn discovered a race condition in the tty subsystem of the Linux
kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after-
free vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code.(CVE-2020-29661)
De4dCr0w of 360 Alpha Lab discovered that the BPF verifier in the Linux
kernel did not properly handle mod32 destination register truncation when
the source register was known to be 0. A local attacker could use this to
expose sensitive information (kernel memory) or possibly execute arbitrary
code.(CVE-2021-3444)
kernel: use-after-free in route4_change() in
net/sched/cls_route.c(CVE-2021-3715)
CVEs:
- https://ubuntu.com/security/CVE-2020-29660
- https://ubuntu.com/security/CVE-2020-29661
- https://ubuntu.com/security/CVE-2021-3444
- https://ubuntu.com/security/CVE-2021-3715
- https://ubuntu.com/security/CVE-2020-29660
- https://ubuntu.com/security/CVE-2020-29661
- https://ubuntu.com/security/CVE-2021-3715
- https://ubuntu.com/security/CVE-2021-3444
Title: USN-5125-1: PHP vulnerability
URL: https://ubuntu.com/security/notices/USN-5125-1
Priorities: high
Description:
It was discovered that PHP-FPM in PHP incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code.
CVEs:
- https://ubuntu.com/security/CVE-2021-21703
Title: USN-5126-2: Bind vulnerability
URL: https://ubuntu.com/security/notices/USN-5126-2
Priorities: medium
Description:
USN-5126-1 fixed a vulnerability in Bind. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Kishore Kumar Kothapalli discovered that Bind incorrectly handled the lame
cache when processing responses. A remote attacker could possibly use this
issue to cause Bind to consume resources, resulting in a denial of service.
CVEs:
- https://ubuntu.com/security/CVE-2021-25219
Title: USN-5123-2: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5123-2
Priorities: medium
Description:
USN-5123-1 fixed several vulnerabilities in MySQL. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 8.0.27 in Ubuntu 20.04 LTS, Ubuntu 21.04, and
Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.36.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-36.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-27.html
https://www.oracle.com/security-alerts/cpuoct2021.html
CVEs:
- https://ubuntu.com/security/CVE-2021-35624
- https://ubuntu.com/security/CVE-2021-35604
456.202
Available in VMware Tanzu Network
Release Date: October 25, 2021
Metadata:
BOSH Agent Version: 2.234.25
Bosh-agent is now build with Go 1.17
USNs:
Title: USN-5109-1: nginx vulnerability
URL: https://ubuntu.com/security/notices/USN-5109-1
Priorities: medium
Description:
It was discovered that nginx incorrectly handled files with
certain modification dates. A remote attacker could possibly
use this issue to cause a denial of service or other unspecified
impact.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-20005
Title: USN-5022-3: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5022-3
Priorities: medium
Description:
USN-5022-1 fixed several vulnerabilities in MySQL. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to MySQL 5.7.35 on Ubuntu 16.04 ESM.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-35.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-26.html
https://www.oracle.com/security-alerts/cpujul2021.html
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2179
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2162
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2389
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2390
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2194
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2146
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2372
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2342
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2169
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2171
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2180
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2154
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2166
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2226
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2307
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2385
Title: USN-5103-1: docker.io vulnerability
URL: https://ubuntu.com/security/notices/USN-5103-1
Priorities: medium
Description:
Lei Wang and Ruizhi Xiao discovered that the Moby Docker engine in
Docker incorrectly allowed the docker cp command to make permissions
changes in the host filesystem in some situations. A local attacker
could possibly use to this to expose sensitive information or gain
administrative privileges.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-41089
Title: USN-5111-2: strongSwan vulnerability
URL: https://ubuntu.com/security/notices/USN-5111-2
Priorities: medium
Description:
USN-5111-1 fixed a vulnerability in strongSwan. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that strongSwan incorrectly handled replacing
certificates in the cache. A remote attacker could use this issue to cause
strongSwan to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2021-41991)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-41991
Title: USN-5121-1: Mailman vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5121-1
Priorities: high
Description:
Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman
did not properly associate cross-site request forgery (CSRF) tokens
to specific accounts. A remote attacker could use this to perform a
CSRF attack to gain access to another account. (CVE-2021-42097)
Andre Protas, Richard Cloke, and Andy Nuttall discovered that Mailman’s
cross-site request forgery (CSRF) tokens for the options page are
derived from the admin password. A remote attacker could possibly use
this to assist in performing a brute force attack against the admin
password. (CVE-2021-42096)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-42096
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-42097
456.194
Available in VMware Tanzu Network
Release Date: October 01, 2021
Fixes
Fixes an issue that caused frequent udev events and high CPU usage on Azure VMs.
Metadata:
BOSH Agent Version: 2.234.20
456.188
Available in VMware Tanzu Network
Release Date: September 16, 2021
Fixes
- Fixes an issue introduced in v456.186 that caused persistent disks to frequently fail to mount.
#### Metadata:
BOSH Agent Version: 2.234.18
#### USNs:
Title: USN-5077-2: Apport vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5077-2
Priorities: medium
Description:
USN-5077-1 fixed several vulnerabilities in Apport. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Maik Münch and Stephen Röttger discovered that Apport incorrectly handled
certain information gathering operations. A local attacker could use this
issue to gain read access to arbitrary files, possibly containing sensitive
information.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3709
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3710
Title: USN-5076-1: Git vulnerability
URL: https://ubuntu.com/security/notices/USN-5076-1
Priorities: medium
Description:
It was discovered that Git allowed newline characters in
certain repository paths. An attacker could potentially use this issue to perform
cross-protocol requests.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-40330
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3709
456.186
Available in VMware Tanzu Network
Release Date: September 14, 2021
Fixes
- Updates the
/var/vcap/bosh/bin/monitwrapper script to refer tomonit-actualby absolute path, rather than relative path. This allows folks who reset or clear thePATHenvironment variable to actually be able to use themonitCLI. Prior to this fix, folks who cleared theirPATHenvironment variable would see an error like:/var/vcap/bosh/bin/monit: line 9: exec: monit-actual: not found. - Fixes the “incorrect used memory reporting” issue introduced in stemcell version
456.176. The Bosh Agent will now report the correct amount of memory used by all processes in the VM that it manages, rather than just the processes in its cgroup.
#### Known issues - We’ve seen failures with this version of the stemcell in vSphere when attempting to attach a persistent disk to a running VM. We are currently planning to address this issue with an update to the vSphere CPI. It should be fixed in vSphere CPI release >= v69. We have pulled the vSphere version of this stemcell.
NOTE: This is resolved in stemcell version v456.188.
#### Metadata:
BOSH Agent Version: 2.234.18
#### USNs:
Title: USN-5066-2: PySAML2 vulnerability
URL: https://ubuntu.com/security/notices/USN-5066-2
Priorities: medium
Description:
USN-5066-1 fixed a vulnerability in PySAML2. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Brian Wolff discovered that PySAML2 incorrectly validated cryptographic
signatures. A remote attacker could possibly use this issue to alter SAML
documents.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-21239
Title: USN-5073-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5073-1
Priorities: medium,low,high
Description:
Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor
implementation for AMD processors in the Linux kernel allowed a guest VM to
disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a
guest VM could use this to read or write portions of the host’s physical
memory. (CVE-2021-3656)
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD
processors in the Linux kernel did not properly prevent a guest VM from
enabling AVIC in nested guest VMs. An attacker in a guest VM could use this
to write to portions of the host’s physical memory. (CVE-2021-3653)
Norbert Slusarek discovered that the CAN broadcast manger (bcm) protocol
implementation in the Linux kernel did not properly initialize memory in
some situations. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2021-34693)
Murray McAllister discovered that the joystick device interface in the
Linux kernel did not properly validate data passed via an ioctl(). A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code on systems with a joystick device
registered. (CVE-2021-3612)
It was discovered that the Virtio console implementation in the Linux
kernel did not properly validate input lengths in some situations. A local
attacker could possibly use this to cause a denial of service (system
crash). (CVE-2021-38160)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3612
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-34693
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-38160
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3656
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3653
Title: USN-5062-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5062-1
Priorities: high
Description:
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD
processors in the Linux kernel did not properly prevent a guest VM from
enabling AVIC in nested guest VMs. An attacker in a guest VM could use this
to write to portions of the host’s physical memory.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3653
Title: LSN-0081-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0081-1
Priorities: high
Description:
Maxim Levitsky discovered that the KVM hypervisor implementation for AMD
processors in the Linux kernel did not properly prevent a guest VM from
enabling AVIC in nested guest VMs. An attacker in a guest VM could use this
to write to portions of the host’s physical memory.(CVE-2021-3653)
Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor
implementation for AMD processors in the Linux kernel allowed a guest VM to
disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a
guest VM could use this to read or write portions of the host’s physical
memory.(CVE-2021-3656)
Andy Nguyen discovered that the netfilter subsystem in the Linux kernel
contained an out-of-bounds write in its setsockopt() implementation. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.(CVE-2021-22555)
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code.(CVE-2021-33909)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3653
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22555
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3656
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33909
Title: USN-5051-2: OpenSSL vulnerability
URL: https://ubuntu.com/security/notices/USN-5051-2
Priorities: medium
Description:
USN-5051-1 fixed a vulnerability in OpenSSL. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Ingo Schwarze discovered that OpenSSL incorrectly handled certain ASN.1
strings. A remote attacker could use this issue to cause OpenSSL to crash,
resulting in a denial of service, or possibly obtain sensitive information.
(CVE-2021-3712)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3712
Title: USN-5055-1: GNOME grilo vulnerability
URL: https://ubuntu.com/security/notices/USN-5055-1
Priorities: medium
Description:
Michael Catanzaro discovered that grilo incorrectly handled certain TLS
certificate verification. An attacker could possibly use this issue to
MITM attacks.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-39365
Title: USN-5068-1: GD library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5068-1
Priorities: medium,low
Description:
It was discovered that GD Graphics Library incorrectly handled certain GD and GD2 files.
An attacker could possibly use this issue to cause a crash or expose sensitive information.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 ESM, and Ubuntu 14.04 ESM.
(CVE-2017-6363)
It was discovered that GD Graphics Library incorrectly handled certain TGA files.
An attacker could possibly use this issue to cause a denial of service or
expose sensitive information. (CVE-2021-381)
It was discovered that GD Graphics Library incorrectly handled certain files.
An attacker could possibly use this issue to cause a crash.
(CVE-2021-40145)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-40145
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-38115
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6363
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-21239
456.176
Available in VMware Tanzu Network
Release Date: August 30, 2021
Enhancements
- Added firewall rules to restrict Monit API access to the Monit CLI and BOSH Agent. To see how to grant your program access to the Monit API, examine the new
monitwrapper script, found at/var/vcap/bosh/bin/monit.
#### Known issues - The memory used by the VM that a Bosh Agent manages is incorrectly reported. The Agent will report very significantly smaller amounts of memory used by the VM than are actually used. This means that the “memory used” information in the output of
bosh vms --vitalsand related commands is incorrect. For now, avoid using this stemcell version, if you rely on the VM memory usage information reported by the Bosh Agent, Director, or theboshCLI.
NOTE: This issue has been resolved in Stemcell version 456.186.
#### Metadata:
BOSH Agent Version: 2.234.14
#### USNs:
Title: USN-5039-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5039-1
Priorities: high
Description:
Andy Nguyen discovered that the netfilter subsystem in the Linux kernel
contained an out-of-bounds write in its setsockopt() implementation. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22555
Title: LSN-0080-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0080-1
Priorities: high
Description:
Andy Nguyen discovered that the netfilter subsystem in the Linux kernel
contained an out-of-bounds write in its setsockopt() implementation. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.(CVE-2021-22555)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22555
Title: USN-5025-2: libsndfile vulnerability
URL: https://ubuntu.com/security/notices/USN-5025-2
Priorities: medium
Description:
USN-5025-1 fixed a vulnerability in libsndfile. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libsndfile incorrectly handled certain malformed
files. A remote attacker could use this issue to cause libsndfile to crash,
resulting in a denial of service, or possibly execute arbitrary code.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3246
Title: USN-5027-2: PEAR vulnerability
URL: https://ubuntu.com/security/notices/USN-5027-2
Priorities: medium
Description:
USN-5027-1 fixed a vulnerability in PEAR. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that PEAR incorrectly handled symbolic links in archives.
A remote attacker could possibly use this issue to execute arbitrary code.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32610
Title: USN-5044-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5044-1
Priorities: medium
Description:
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle HCI device initialization failure, leading to a double-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2021-3564)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly handle HCI device detach events, leading to a use-after-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2021-3573)
It was discovered that the NFC implementation in the Linux kernel did not
properly handle failed connect events leading to a NULL pointer
dereference. A local attacker could use this to cause a denial of service.
(CVE-2021-3587)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3573
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3587
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3564
Title: USN-5034-2: c-ares vulnerability
URL: https://ubuntu.com/security/notices/USN-5034-2
Priorities: medium
Description:
USN-5034-1 fixed a vulnerability in c-ares. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Philipp Jeitner and Haya Shulman discovered that c-ares incorrectly
validated certain hostnames returned by DNS servers. A remote attacker
could possibly use this issue to perform Domain Hijacking attacks.
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3672
Title: USN-5026-2: QPDF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5026-2
Priorities: medium,low
Description:
USN-5026-1 fixed several vulnerabilities in QPDF. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that QPDF incorrectly handled certain malformed PDF
files. A remote attacker could use this issue to cause QPDF to consume
resources, resulting in a denial of service. (CVE-2018-18020)
It was discovered that QPDF incorrectly handled certain malformed PDF
files. A remote attacker could use this issue to cause QPDF to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2021-36978)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-36978
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18020
Title: USN-5043-1: Exiv2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5043-1
Priorities: medium
Description:
It was discovered that Exiv2 incorrectly handled certain image files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-32815, CVE-2021-34334, CVE-2021-37620, CVE-2021-37622)
It was discovered that Exiv2 incorrectly handled certain image files.
An attacker could possibly use this issue to cause a denial of service.
These issues only affected Ubuntu 20.04 LTS and Ubuntu 21.04.
(CVE-2021-34335, CVE-2021-37615, CVE-2021-37616, CVE-2021-37618,
CVE-2021-37619, CVE-2021-37621, CVE-2021-37623)
CVEs: - https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37622
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32815
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37623
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37621
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37620
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37618
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-34335
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37615
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37619
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-37616
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-34334
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22555
456.171
Available in VMware Tanzu Network
Release Date: July 26, 2021
Metadata:
BOSH Agent Version: 2.234.12
USNs:
Title: USN-4336-2: GNU binutils vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4336-2
Priorities: low,medium
Description:
USN-4336-1 fixed several vulnerabilities in GNU binutils. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that GNU binutils contained a large number of security
issues. If a user or automated system were tricked into processing a
specially-crafted file, a remote attacker could cause GNU binutils to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-19932
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9074
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18309
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12451
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16828
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7302
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9751
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17080
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12700
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14130
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18483
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7568
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14128
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9749
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12458
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9070
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9755
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10534
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9746
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-12972
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7300
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-9138
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7299
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-4488
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15020
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9742
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17125
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14939
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14250
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14129
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12967
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17124
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12934
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7210
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8395
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7227
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12459
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9754
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20002
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-4489
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9073
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-8945
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12448
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-4491
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-17794
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-13710
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14333
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15021
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14940
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14930
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7225
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7223
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12452
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6965
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18701
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15024
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10372
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18484
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16832
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9748
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15225
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7569
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16831
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-17358
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-6543
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7224
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-4493
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17121
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9041
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9071
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-19931
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9756
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18700
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10373
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17451
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12697
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18606
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12641
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-17123
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-4492
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16826
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9753
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-6323
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8394
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-16827
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12450
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-6131
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14529
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9038
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-2226
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9747
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-4490
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12456
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20671
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-10535
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-4487
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15939
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7643
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-13033
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9039
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15022
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8393
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-20623
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9744
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7642
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9752
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12698
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-12699
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15996
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9044
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-6759
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9745
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-7208
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6969
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12449
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14932
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7614
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12454
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-1000876
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8396
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8397
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12455
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9954
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-17360
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14444
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9075
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-17985
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8398
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18607
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8421
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-17450
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12799
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15938
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7301
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9750
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7226
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15025
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18605
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9042
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12457
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-12453
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-17359
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9040
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7209
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-9077
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-6966
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-14938
Title: USN-5020-1: Ruby vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5020-1
Priorities: medium,low
Description:
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2021-31799)
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to conduct
port scans and service banner extractions. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04. (CVE-2021-31810)
It was discovered that Ruby incorrectly handled certain inputs.
An attacker could possibly use this issue to perform
man-in-the-middle attackers to bypass the TLS protection.
(CVE-2021-32066)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-31799
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32066
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-31810
Title: LSN-0079-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0079-1
Priorities: high
Description:
It was discovered that the eBPF implementation in the Linux kernel did not
properly track bounds information for 32 bit registers when performing div
and mod operations. A local attacker could use this to possibly execute
arbitrary code.(CVE-2021-3600)
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code.(CVE-2021-33909)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3600
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33909
456.169
Available in VMware Tanzu Network
Release Date: July 21, 2021
Metadata:
BOSH Agent Version: 2.234.11
USNs:
Title: USN-5013-2: systemd vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5013-2
Priorities: low,high
Description:
USN-5013-1 fixed several vulnerabilities in systemd. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that systemd incorrectly handled certain mount paths. A
local attacker could possibly use this issue to cause systemd to crash,
resulting in a denial of service. (CVE-2021-33910)
Mitchell Frank discovered that systemd incorrectly handled DHCP FORCERENEW
packets. A remote attacker could possibly use this issue to reconfigure
servers. (CVE-2020-13529)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-13529
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33910
Title: USN-5018-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5018-1
Priorities: medium,high
Description:
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code. (CVE-2021-33909)
Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel
did not properly enforce limits for pointer operations. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-33200)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did
not properly clear received fragments from memory in some situations. A
physically proximate attacker could possibly use this issue to inject
packets or expose sensitive information. (CVE-2020-24586)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation
incorrectly handled encrypted fragments. A physically proximate attacker
could possibly use this issue to decrypt fragments. (CVE-2020-24587)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation
incorrectly handled EAPOL frames from unauthenticated senders. A physically
proximate attacker could inject malicious packets to cause a denial of
service (system crash). (CVE-2020-26139)
Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation could
reassemble mixed encrypted and plaintext fragments. A physically proximate
attacker could possibly use this issue to inject packets or exfiltrate
selected fragments. (CVE-2020-26147)
It was discovered that the bluetooth subsystem in the Linux kernel did not
properly perform access control. An authenticated attacker could possibly
use this to expose sensitive information. (CVE-2020-26558, CVE-2021-0129)
Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the
nfc implementation in the Linux kernel. A privileged local attacker could
use this issue to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-23134)
Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel
did not properly prevent speculative loads in certain situations. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2021-31829)
It was discovered that a race condition in the kernel Bluetooth subsystem
could lead to use-after-free of slab objects. An attacker could use this
issue to possibly execute arbitrary code. (CVE-2021-32399)
It was discovered that a use-after-free existed in the Bluetooth HCI driver
of the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-33034)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-0129
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24586
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33909
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23134
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33200
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33034
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26139
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26147
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24587
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-31829
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26558
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32399
Title: USN-5014-1: Linux kernel vulnerability
URL: https://ubuntu.com/security/notices/USN-5014-1
Priorities: high
Description:
It was discovered that the virtual file system implementation in the Linux
kernel contained an unsigned to signed integer conversion error. A local
attacker could use this to cause a denial of service (system crash) or
execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33909
456.168
Available in VMware Tanzu Network
Release Date: July 19, 2021
Metadata:
BOSH Agent Version: 2.234.11
USNs:
Title: LSN-0078-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0078-1
Priorities: high
Description:
Norbert Slusarek discovered a race condition in the CAN BCM networking
protocol of the Linux kernel leading to multiple use-after-free
vulnerabilities. A local attacker could use this issue to execute arbitrary
code.(CVE-2021-3609)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3609
456.167
Available in VMware Tanzu Network
Release Date: July 15, 2021
Metadata:
BOSH Agent Version: 2.234.11
USNs:
Title: USN-5006-2: PHP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5006-2
Priorities: low,medium
Description:
USN-5006-1 fixed several vulnerabilities in PHP. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that PHP incorrectly handled certain PHAR files. A remote
attacker could possibly use this issue to cause PHP to crash, resulting in
a denial of service, or possibly obtain sensitive information. (CVE-2020-7068)
It was discovered that PHP incorrectly handled parsing URLs with passwords.
A remote attacker could possibly use this issue to cause PHP to mis-parse
the URL and produce wrong data. (CVE-2020-7071)
It was discovered that PHP incorrectly handled certain malformed XML data
when being parsed by the SOAP extension. A remote attacker could possibly
use this issue to cause PHP to crash, resulting in a denial of service.
(CVE-2021-21702)
It was discovered that PHP incorrectly handled the pdo_firebase module. A
remote attacker could possibly use this issue to cause PHP to crash,
resulting in a denial of service. (CVE-2021-21704)
It was discovered that PHP incorrectly handled the FILTER_VALIDATE_URL
check. A remote attacker could possibly use this issue to perform a server-
side request forgery attack. (CVE-2021-21705)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-21702
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-7071
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-21705
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-7068
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-21704
Title: USN-5004-1: RabbitMQ vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5004-1
Priorities: medium,low
Description:
It was discovered that RabbitMQ incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service. This
issue only affected Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2019-11287)
Jonathan Knudsen discovered RabbitMQ incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-22116)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22116
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-11287
Title: USN-5008-2: Avahi vulnerability
URL: https://ubuntu.com/security/notices/USN-5008-2
Priorities: medium
Description:
USN-5008-1 fixed a vulnerability in avahi. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Thomas Kremer discovered that Avahi incorrectly handled termination signals
on the Unix socket. A local attacker could possibly use this issue to cause
Avahi to hang, resulting in a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3468
Title: USN-5005-1: DjVuLibre vulnerability
URL: https://ubuntu.com/security/notices/USN-5005-1
Priorities: medium
Description:
It was discovered that DjVuLibre incorrectly handled certain djvu files.
An attacker could possibly use this issue to execute arbitrary code or
cause a crash.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3630
456.166
Available in VMware Tanzu Network
Release Date: June 23, 2021
Metadata:
BOSH Agent Version: 2.234.11
USNs:
Title: USN-4986-2: rpcbind vulnerability
URL: https://ubuntu.com/security/notices/USN-4986-2
Priorities: low
Description:
USN-4986-1 fixed a vulnerability in rpcbind. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that rpcbind incorrectly handled certain large data
sizes. A remote attacker could use this issue to cause rpcbind to consume
resources, leading to a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8779
Title: USN-4989-2: BlueZ vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4989-2
Priorities: medium,low
Description:
USN-4989-1 fixed several vulnerabilities in BlueZ. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that BlueZ incorrectly checked certain permissions when
pairing. A local attacker could possibly use this issue to impersonate
devices. (CVE-2020-26558)
Jay LV discovered that BlueZ incorrectly handled redundant disconnect MGMT
events. A local attacker could use this issue to cause BlueZ to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-27153)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-26558
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27153
Title: USN-4971-2: libwebp vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4971-2
Priorities: medium
Description:
USN-4971-1 fixed several vulnerabilities in libwebp. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libwebp incorrectly handled certain malformed
images. If a user or automated system were tricked into opening a specially
crafted image file, a remote attacker could use this issue to cause libwebp
to crash, resulting in a denial of service, or possibly execute arbitrary
code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36331
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-25014
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36328
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-25012
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-25009
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-25013
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-25011
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-25010
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36330
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36329
Title: USN-5003-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5003-1
Priorities: medium,high
Description:
Norbert Slusarek discovered a race condition in the CAN BCM networking
protocol of the Linux kernel leading to multiple use-after-free
vulnerabilities. A local attacker could use this issue to execute arbitrary
code. (CVE-2021-3609)
It was discovered that the eBPF implementation in the Linux kernel did not
properly track bounds information for 32 bit registers when performing div
and mod operations. A local attacker could use this to possibly execute
arbitrary code. (CVE-2021-3600)
Or Cohen discovered that the SCTP implementation in the Linux kernel
contained a race condition in some situations, leading to a use-after-free
condition. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2021-23133)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23133
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3609
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3600
Title: USN-4994-2: Apache HTTP Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4994-2
Priorities: medium,low
Description:
USN-4994-1 fixed several vulnerabilities in Apache. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Antonio Morales discovered that the Apache mod_auth_digest module
incorrectly handled certain Digest nonces. A remote attacker could possibly
use this issue to cause Apache to crash, resulting in a denial of service.
(CVE-2020-35452)
Antonio Morales discovered that the Apache mod_session module incorrectly
handled certain Cookie headers. A remote attacker could possibly use this
issue to cause Apache to crash, resulting in a denial of service.
(CVE-2021-26690)
Christophe Jaillet discovered that the Apache mod_session module
incorrectly handled certain SessionHeader values. A remote attacker could
use this issue to cause Apache to crash, resulting in a denial of service,
or possibly execute arbitrary code. (CVE-2021-26691)
Christoph Anton Mitterer discovered that the new MergeSlashes configuration
option resulted in unexpected behaviour in certain situations.
(CVE-2021-30641)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-26691
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-35452
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-30641
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-26690
Title: USN-4991-1: libxml2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4991-1
Priorities: medium,low
Description:
Yunho Kim discovered that libxml2 incorrectly handled certain error
conditions. A remote attacker could exploit this with a crafted XML file to
cause a denial of service, or possibly cause libxml2 to expose sensitive
information. This issue only affected Ubuntu 14.04 ESM, and Ubuntu 16.04
ESM. (CVE-2017-8872)
Zhipeng Xie discovered that libxml2 incorrectly handled certain XML
schemas. A remote attacker could possibly use this issue to cause a denial
of service. This issue only affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM,
and Ubuntu 18.04 LTS. (CVE-2019-20388)
It was discovered that libxml2 incorrectly handled invalid UTF-8 input. A
remote attacker could possibly exploit this with a crafted XML file to
cause libxml2 to crash, resulting in a denial of service. This issue only
affected Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04
LTS and Ubuntu 20.10. (CVE-2020-24977)
It was discovered that libxml2 incorrectly handled invalid UTF-8 input. A
remote attacker could possibly exploit this with a crafted XML file to
cause libxml2 to crash, resulting in a denial of service. (CVE-2021-3517)
It was discovered that libxml2 did not properly handle certain crafted XML
files. A local attacker could exploit this with a crafted input to cause
libxml2 to crash, resulting in a denial of service, or possibly execute
arbitrary code. (CVE-2021-3516, CVE-2021-3518)
It was discovered that libxml2 incorrectly handled error states. A remote
attacker could exploit this with a crafted XML file to cause libxml2 to
crash, resulting in a denial of service. (CVE-2021-3537)
Sebastian Pipping discovered that libxml2 did not properly handle certain
crafted XML files. A remote attacker could exploit this with a crafted XML
file to cause libxml2 to crash, resulting in a denial of service. This
issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10, and Ubuntu 21.04.
(CVE-2021-3541)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3516
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-8872
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24977
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3541
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3537
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3517
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3518
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-20388
Title: USN-4996-2: OpenEXR vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4996-2
Priorities: medium,low
Description:
USN-4996-1 fixed several vulnerabilities in OpenEXR. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that OpenEXR incorrectly handled certain malformed EXR
image files. If a user were tricked into opening a crafted EXR image file,
a remote attacker could cause a denial of service, or possibly execute
arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3605
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-26260
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-20296
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23215
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3598
456.165
Available in VMware Tanzu Network
Release Date: June 09, 2021
Metadata:
BOSH Agent Version: 2.234.11
USNs:
Title: USN-4985-1: Intel Microcode vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4985-1
Priorities: medium,high
Description:
It was discovered that some Intel processors may not properly invalidate
cache entries used by Intel Virtualization Technology for Directed I/O
(VT-d). This may allow a local user to perform a privilege escalation
attack. (CVE-2021-24489)
Joseph Nuzman discovered that some Intel processors may not properly apply
EIBRS mitigations (originally developed for CVE-2017-5715) and hence may
allow unauthorized memory reads via sidechannel attacks. A local attacker
could use this to expose sensitive information, including kernel
memory. (CVE-2020-24511)
Travis Downs discovered that some Intel processors did not properly flush
cache-lines for trivial-data values. This may allow an unauthorized user to
infer the presence of these trivial-data-cache-lines via timing sidechannel
attacks. A local attacker could use this to expose sensitive
information. (CVE-2020-24512)
It was discovered that certain Intel Atom processors could expose memory
contents stored in microarchitectural buffers. A local attacker could use
this to expose sensitive information. (CVE-2020-24513)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24512
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-24489
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24513
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24511
Title: USN-4967-2: nginx vulnerability
URL: https://ubuntu.com/security/notices/USN-4967-2
Priorities: medium
Description:
USN-4967-1 fixed a vulnerability in nginx. This update provides
the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Luis Merino, Markus Vervier, and Eric Sesterhenn discovered that nginx
incorrectly handled responses to the DNS resolver. A remote attacker could
use this issue to cause nginx to crash, resulting in a denial of service,
or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23017
Title: USN-4969-2: DHCP vulnerability
URL: https://ubuntu.com/security/notices/USN-4969-2
Priorities: medium
Description:
USN-4969-1 fixed a vulnerability in DHCP. This update provides
the corresponding update for Ubuntu 14.04 ESM and 16.04 ESM.
Original advisory details:
Jon Franklin and Pawel Wieczorkiewicz discovered that DHCP incorrectly
handled lease file parsing. A remote attacker could possibly use this issue
to cause DHCP to crash, resulting in a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25217
Title: USN-4966-2: libx11 vulnerability
URL: https://ubuntu.com/security/notices/USN-4966-2
Priorities: medium
Description:
USN-4966-1 fixed a vulnerability in libx11. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libx11 incorrectly validated certain parameter
lengths. A remote attacker could possibly use this issue to trick libx11
into emitting extra X protocol requests.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-31535
Title: USN-4979-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4979-1
Priorities: medium,low
Description:
Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the
Linux kernel contained a reference counting error. A local attacker could
use this to cause a denial of service (system crash). (CVE-2020-25670)
Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the
Linux kernel did not properly deallocate memory in certain error
situations. A local attacker could use this to cause a denial of service
(memory exhaustion). (CVE-2020-25671, CVE-2020-25672)
Kiyin (尹亮) discovered that the NFC LLCP protocol implementation in the
Linux kernel did not properly handle error conditions in some situations,
leading to an infinite loop. A local attacker could use this to cause a
denial of service. (CVE-2020-25673)
It was discovered that the Realtek RTL8188EU Wireless device driver in the
Linux kernel did not properly validate ssid lengths in some situations. An
attacker could use this to cause a denial of service (system crash).
(CVE-2021-28660)
Zygo Blaxell discovered that the btrfs file system implementation in the
Linux kernel contained a race condition during certain cloning operations.
A local attacker could possibly use this to cause a denial of service
(system crash). (CVE-2021-28964)
Vince Weaver discovered that the perf subsystem in the Linux kernel did not
properly handle certain PEBS records properly for some Intel Haswell
processors. A local attacker could use this to cause a denial of service
(system crash). (CVE-2021-28971)
It was discovered that the RPA PCI Hotplug driver implementation in the
Linux kernel did not properly handle device name writes via sysfs, leading
to a buffer overflow. A privileged attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2021-28972)
It was discovered that the Qualcomm IPC router implementation in the Linux
kernel did not properly initialize memory passed to user space. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2021-29647)
Dan Carpenter discovered that the block device manager (dm) implementation
in the Linux kernel contained a buffer overflow in the ioctl for listing
devices. A privileged local attacker could use this to cause a denial of
service (system crash). (CVE-2021-31916)
It was discovered that the CIPSO implementation in the Linux kernel did not
properly perform reference counting in some situations, leading to use-
after-free vulnerabilities. An attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-33033)
Wolfgang Frisch discovered that the ext4 file system implementation in the
Linux kernel contained an integer overflow when handling metadata inode
extents. An attacker could use this to construct a malicious ext4 file
system image that, when mounted, could cause a denial of service (system
crash). (CVE-2021-3428)
马哲宇 discovered that the IEEE 1394 (Firewire) nosy packet sniffer driver in
the Linux kernel did not properly perform reference counting in some
situations, leading to a use-after-free vulnerability. A local attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2021-3483)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-31916
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3428
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25670
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25673
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25672
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28660
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28971
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28964
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29647
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3483
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33033
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25671
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28972
Title: USN-4975-2: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-4975-2
Priorities: low
Description:
USN-4975-1 fixed a vulnerability in Django. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
Rasmus Lerchedahl Petersen and Rasmus Wriedt Larsen discovered that Django
incorrectly handled path sanitation in admindocs. A remote attacker could
possibly use this issue to determine the existence of arbitrary files and
in certain configurations obtain their contents. (CVE-2021-33203)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-33203
456.164
Available in VMware Tanzu Network
Release Date: May 26, 2021
Metadata:
BOSH Agent Version: 2.234.11
USNs:
Title: USN-4954-1: GNU C Library vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4954-1
Priorities: negligible,low
Description:
Jason Royes and Samuel Dytrych discovered that the memcpy()
implementation for 32 bit ARM processors in the GNU C Library contained
an integer underflow vulnerability. An attacker could possibly use
this to cause a denial of service (application crash) or execute
arbitrary code. (CVE-2020-6096)
It was discovered that the POSIX regex implementation in the GNU C
Library did not properly parse alternatives. An attacker could use this
to cause a denial of service. (CVE-2009-5155)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2009-5155
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-6096
Title: USN-4934-2: Exim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4934-2
Priorities: medium
Description:
USN-4934-1 fixed several vulnerabilities in Exim. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
CVE-2020-28026 only affected Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Exim contained multiple security issues. An attacker
could use these issues to cause a denial of service, execute arbitrary
code remotely, obtain sensitive information, or escalate local privileges.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28011
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28009
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27216
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28022
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28025
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28026
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28024
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28014
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28007
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28016
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28020
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28013
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28008
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28015
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28017
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28012
Title: USN-4953-1: AWStats vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4953-1
Priorities: low,medium
Description:
Sean Boran discovered that AWStats incorrectly filtered certain parameters.
A remote attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-29600)
It was discovered that AWStats incorrectly filtered certain parameters. A
remote attacker could possibly use this issue to access sensitive
information. (CVE-2020-35176)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-35176
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-1000501
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29600
Title: USN-4962-1: Babel vulnerability
URL: https://ubuntu.com/security/notices/USN-4962-1
Priorities: medium
Description:
It was discovered that Babel incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-20095
Title: USN-4930-1: Samba vulnerability
URL: https://ubuntu.com/security/notices/USN-4930-1
Priorities: medium
Description:
Peter Eriksson discovered that Samba incorrectly handled certain negative
idmap cache entries. This issue could result in certain users gaining
unauthorized access to files, contrary to expected behaviour.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-20254
Title: USN-4946-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4946-1
Priorities: low,medium
Description:
It was discovered that the DRM subsystem in the Linux kernel contained
double-free vulnerabilities. A privileged attacker could possibly use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2021-20292)
Olivier Benjamin, Norbert Manthey, Martin Mazein, and Jan H. Schönherr
discovered that the Xen paravirtualization backend in the Linux kernel did
not properly propagate errors to frontend drivers in some situations. An
attacker in a guest VM could possibly use this to cause a denial of service
(host domain crash). (CVE-2021-26930)
Jan Beulich discovered that multiple Xen backends in the Linux kernel did
not properly handle certain error conditions under paravirtualization. An
attacker in a guest VM could possibly use this to cause a denial of service
(host domain crash). (CVE-2021-26931)
Jan Beulich discovered that the Xen netback backend in the Linux kernel did
not properly handle certain error conditions under paravirtualization. An
attacker in a guest VM could possibly use this to cause a denial of service
(host domain crash). (CVE-2021-28038)
It was discovered that the Xen paravirtualization backend in the Linux
kernel did not properly deallocate memory in some situations. A local
attacker could use this to cause a denial of service (memory exhaustion).
(CVE-2021-28688)
It was discovered that the Freescale Gianfar Ethernet driver for the Linux
kernel did not properly handle receive queue overrun when jumbo frames were
enabled in some situations. An attacker could use this to cause a denial of
service (system crash). (CVE-2021-29264)
It was discovered that the USB/IP driver in the Linux kernel contained race
conditions during the update of local and shared status. An attacker could
use this to cause a denial of service (system crash). (CVE-2021-29265)
It was discovered that a race condition existed in the netfilter subsystem
of the Linux kernel when replacing tables. A local attacker could use this
to cause a denial of service (system crash). (CVE-2021-29650)
Arnd Bergmann discovered that the video4linux subsystem in the Linux kernel
did not properly deallocate memory in some situations. A local attacker
could use this to cause a denial of service (memory exhaustion).
(CVE-2021-30002)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-20292
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-26930
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29264
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29265
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29650
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28688
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-26931
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28038
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-30002
Title: USN-4941-1: Exiv2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4941-1
Priorities: medium
Description:
It was discovered that Exiv2 incorrectly handled certain images.
An attacker could possibly use this issue to execute arbitrary code or cause
a crash. (CVE-2021-29457)
It was discovered that Exiv2 incorrectly handled certain images.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-29458, CVE-2021-29470)
It was discovered that Exiv2 incorrectly handled certain images.
An attacker could possibly use this issue to execute arbitrary code or
cause a crash. (CVE-2021-3482)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29458
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3482
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29470
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29457
Title: USN-4964-1: Exiv2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4964-1
Priorities: low,medium
Description:
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04.
(CVE-2021-29463)
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04.
(CVE-2021-29464)
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2021-29473, CVE-2021-32617)
It was discovered that Exiv2 incorrectly handled certain files.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 20.04 LTS, Ubuntu 20.10 and Ubuntu 21.04.
(CVE-2021-29623)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29464
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29463
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32617
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29623
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29473
Title: USN-4932-2: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-4932-2
Priorities: medium
Description:
USN-4932-1 fixed a vulnerability in Django. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that Django incorrectly handled certain
filenames. A remote attacker could possibly use this issue to create or
overwrite files in unexpected directories.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-31542
Title: USN-4957-2: DjVuLibre vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4957-2
Priorities: medium,low
Description:
USN-4957-1 fixed several vulnerabilities in DjVuLibre. This update provides
the corresponding update for Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that DjVuLibre incorrectly handled certain memory
operations. If a user or automated system were tricked into processing a
specially crafted DjVu file, a remote attacker could cause applications
to hang or crash, resulting in a denial of service, or possibly execute
arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32491
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32492
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32493
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32490
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3500
Title: USN-4965-2: Apport vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4965-2
Priorities: medium
Description:
USN-4965-1 fixed several vulnerabilities in Apport. This update provides
the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
Maik Münch discovered that Apport incorrectly handled certain information
gathering operations. A local attacker could use these issues to read and
write arbitrary files as an administrator, and possibly escalate
privileges.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32549
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32555
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32551
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32548
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32550
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32554
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32553
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32557
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32552
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32547
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-32556
456.160
Available in VMware Tanzu Network
Release Date: April 30, 2021
Metadata:
BOSH Agent Version: 2.234.11
USNs:
Title: USN-4924-1: Dnsmasq vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4924-1
Priorities: low
Description:
It was discovered that Dnsmasq incorrectly handled certain wildcard
synthesized NSEC records. A remote attacker could possibly use this issue
to prove the non-existence of hostnames that actually exist.
(CVE-2017-15107)
It was discovered that Dnsmasq incorrectly handled certain large DNS
packets. A remote attacker could possibly use this issue to cause Dnsmasq
to crash, resulting in a denial of service. (CVE-2019-14513)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14513
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15107
Title: USN-4919-1: OpenSLP vulnerability
URL: https://ubuntu.com/security/notices/USN-4919-1
Priorities: medium
Description:
It was discovered that OpenSLP did not properly validate URLs. A remote
attacker could use this issue to cause OpenSLP to crash or possibly execute
arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-5544
Title: USN-4927-1: File Roller vulnerability
URL: https://ubuntu.com/security/notices/USN-4927-1
Priorities: medium
Description:
It was discovered that File Roller incorrectly handled symlinks.
An attacker could possibly use this issue to expose sensitive information.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36314
Title: USN-4918-1: ClamAV vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4918-1
Priorities: medium
Description:
It was discovered that ClamAV incorrectly handled parsing Excel documents.
A remote attacker could possibly use this issue to cause ClamAV to hang,
resulting in a denial of service. (CVE-2021-1252)
It was discovered that ClamAV incorrectly handled parsing PDF documents. A
remote attacker could possibly use this issue to cause ClamAV to crash,
resulting in a denial of service. (CVE-2021-1404)
It was discovered that ClamAV incorrectly handled parsing email. A remote
attacker could possibly use this issue to cause ClamAV to crash, resulting
in a denial of service. (CVE-2021-1405)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-1405
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-1404
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-1252
Title: USN-4892-1: OpenJDK vulnerability
URL: https://ubuntu.com/security/notices/USN-4892-1
Priorities: medium
Description:
It was discovered that OpenJDK incorrectly verified Jar signatures. An
attacker could possibly use this issue to bypass intended security
restrictions when using Jar files signed with a disabled algorithm.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2163
Title: USN-4913-1: Underscore vulnerability
URL: https://ubuntu.com/security/notices/USN-4913-1
Priorities: medium
Description:
It was discovered that Underscore incorrectly handled certain inputs.
An attacker could possibly use this issue to inject arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23358
Title: USN-4926-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4926-1
Priorities: medium
Description:
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, spoof the
browser UI, bypass security restrictions, trick the user into disclosing
confidential information, or execute arbitrary code. (CVE-2021-23994,
CVE-2021-23996, CVE-2021-23997, CVE-2021-23998, CVE-2021-23999,
CVE-2021-24000, CVE-2021-24001, CVE-2021-29945, CVE-2021-29946,
CVE-2021-29947)
A use-after-free was discovered when Responsive Design Mode was
enabled. If a user were tricked into opening a specially crafted
website with Responsive Design Mode enabled, an attacker could
potentially exploit this to cause a denial of service, or execute
arbitrary code. (CVE-2021-23995)
It was discovered that Firefox mishandled ftp URLs with encoded newline
characters. If a user were tricked into clicking on a specially crafted
link, an attacker could potentially exploit this to send arbitrary
FTP commands. (CVE-2021-24002)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-24000
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23996
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23997
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23995
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29946
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23999
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23994
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23998
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29945
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-24001
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-24002
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29947
Title: USN-4922-1: Ruby vulnerability
URL: https://ubuntu.com/security/notices/USN-4922-1
Priorities: medium
Description:
Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly
parsed and serialized XML documents. A remote attacker could possibly use
this issue to perform an XML round-trip attack.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28965
Title: USN-4921-1: libcaca vulnerability
URL: https://ubuntu.com/security/notices/USN-4921-1
Priorities: medium
Description:
It was discovered that libcaca incorrectly handled certain images.
An attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3410
Title: USN-4916-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4916-1
Priorities: high
Description:
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges. (CVE-2021-3493)
Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux
kernel did not properly validate computation of branch displacements in
some situations. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-29154)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3493
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29154
Title: USN-4928-1: GStreamer Good Plugins vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4928-1
Priorities: medium
Description:
It was discovered that GStreamer Good Plugins incorrectly handled certain files.
An attacker could possibly use this issue to cause access sensitive information
or cause a crash. (CVE-2021-3497)
It was discovered that GStreamer Good Plugins incorrectly handled certain files.
An attacker could possibly use this issue to execute arbitrary code or cause
a crash. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu
20.10. (CVE-2021-3498)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3498
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3497
456.158
Available in VMware Tanzu Network
Release Date: April 19, 2021
Metadata:
BOSH Agent Version: 2.234.11
USNs:
Title: USN-4899-1: SpamAssassin vulnerability
URL: https://ubuntu.com/security/notices/USN-4899-1
Priorities: medium
Description:
Damian Lukowski discovered that SpamAssassin incorrectly handled certain CF
files. If a user or automated system were tricked into using a specially-
crafted CF file, a remote attacker could possibly run arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-1946
Title: USN-4895-1: Squid vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4895-1
Priorities: medium,low
Description:
Alex Rousskov and Amit Klein discovered that Squid incorrectly handled
certain Content-Length headers. A remote attacker could possibly use this
issue to perform an HTTP request smuggling attack, resulting in cache
poisoning. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-15049)
Jianjun Chen discovered that Squid incorrectly validated certain input. A
remote attacker could use this issue to perform HTTP Request Smuggling and
possibly access services forbidden by the security controls.
(CVE-2020-25097)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25097
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-15049
Title: USN-4561-2: Rack vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4561-2
Priorities: low,medium
Description:
USN-4561-1 fixed vulnerabilities in Rack. This update provides the
corresponding update for Ubuntu 16.04 LTS, Ubuntu 20.04 LTS and Ubuntu 20.10.
Original advisory details:
It was discovered that Rack incorrectly handled certain paths. An attacker
could possibly use this issue to obtain sensitive information. This issue
only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2020-8161)
It was discovered that Rack incorrectly validated cookies. An attacker
could possibly use this issue to forge a secure cookie. (CVE-2020-8184)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8161
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8184
Title: USN-4885-1: Pygments vulnerability
URL: https://ubuntu.com/security/notices/USN-4885-1
Priorities: medium
Description:
It was discovered that Pygments incorrectly handled parsing SML files. If a
user or automated system were tricked into parsing a specially crafted SML
file, a remote attacker could cause Pygments to hang, resulting in a denial
of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-20270
Title: USN-4898-1: curl vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4898-1
Priorities: medium
Description:
Viktor Szakats discovered that curl did not strip off user credentials
from referrer header fields. A remote attacker could possibly use this
issue to obtain sensitive information. (CVE-2021-22876)
Mingtao Yang discovered that curl incorrectly handled session tickets when
using an HTTPS proxy. A remote attacker in control of an HTTPS proxy could
use this issue to bypass certificate checks and intercept communications.
This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10.
(CVE-2021-22890)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22890
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-22876
Title: USN-4893-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4893-1
Priorities: medium,low
Description:
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information, or execute arbitrary code. (CVE-2021-23981, CVE-2021-23982,
CVE-2021-23983, CVE-2021-23987, CVE-2021-23988)
It was discovered that extensions could open popup windows with control
of the window title in some circumstances. If a user were tricked into
installing a specially crafted extension, an attacker could potentially
exploit this to spook a website and trick the user into providing
credentials. (CVE-2021-23984)
It was discovered that the DevTools remote debugging feature could be
enabled without an indication to the user. If a local attacker could
modify the browser configuration, a remote attacker could potentially
exploit this to obtain sensitive information. (CVE-2021-23985)
It was discovered that extensions could read the response of cross
origin requests in some circumstances. If a user were tricked into
installing a specially crafted extension, an attacker could potentially
exploit this to obtain sensitive information. (CVE-2021-23986)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23987
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23986
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23985
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23988
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23984
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23981
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23982
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23983
Title: USN-4897-1: Pygments vulnerability
URL: https://ubuntu.com/security/notices/USN-4897-1
Priorities: medium
Description:
Ben Caller discovered that Pygments incorrectly handled parsing certain
files. If a user or automated system were tricked into parsing a specially
crafted file, a remote attacker could cause Pygments to hang or consume
resources, resulting in a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27291
Title: USN-4883-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4883-1
Priorities: high,medium
Description:
Adam Nichols discovered that heap overflows existed in the iSCSI subsystem
in the Linux kernel. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-27365)
Adam Nichols discovered that the iSCSI subsystem in the Linux kernel did
not properly restrict access to iSCSI transport handles. A local attacker
could use this to cause a denial of service or expose sensitive information
(kernel pointer addresses). (CVE-2021-27363)
Adam Nichols discovered that an out-of-bounds read existed in the iSCSI
subsystem in the Linux kernel. A local attacker could use this to cause a
denial of service (system crash) or expose sensitive information (kernel
memory). (CVE-2021-27364)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27365
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27363
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27364
Title: USN-4902-1: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-4902-1
Priorities: low
Description:
Dennis Brinkrolf discovered that Django incorrectly handled certain
filenames. A remote attacker could possibly use this issue to create or
overwrite files in unexpected directories.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28658
Title: USN-4896-1: lxml vulnerability
URL: https://ubuntu.com/security/notices/USN-4896-1
Priorities: medium
Description:
It was discovered that lxml incorrectly handled certain HTML attributes. A
remote attacker could possibly use this issue to perform cross-site
scripting (XSS) attacks.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-28957
Title: USN-4905-1: X.Org X Server vulnerability
URL: https://ubuntu.com/security/notices/USN-4905-1
Priorities: medium
Description:
Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled
certain lengths of XInput extension ChangeFeedbackControl requests. An
attacker could use this issue to cause the server to crash, resulting in a
denial of service, or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3472
Title: USN-4900-1: OpenEXR vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4900-1
Priorities: medium,low
Description:
It was discovered that OpenEXR incorrectly handled certain malformed EXR
image files. If a user were tricked into opening a crafted EXR image file,
a remote attacker could cause a denial of service, or possibly execute
arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3476
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3475
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3474
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3477
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3478
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3479
Title: USN-4916-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4916-1
Priorities: high
Description:
It was discovered that the overlayfs implementation in the Linux kernel did
not properly validate the application of file system capabilities with
respect to user namespaces. A local attacker could use this to gain
elevated privileges. (CVE-2021-3493)
Piotr Krysiuk discovered that the BPF JIT compiler for x86 in the Linux
kernel did not properly validate computation of branch displacements in
some situations. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2021-29154)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3493
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-29154
456.154
Available in VMware Tanzu Network
Release Date: March 25, 2021
Metadata:
BOSH Agent Version: 2.234.11
USNs:
Title: USN-4888-1: ldb vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4888-1
Priorities: high
Description:
Douglas Bagnall discovered that ldb, when used with Samba, incorrectly
handled certain LDAP attributes. A remote attacker could possibly use this
issue to cause the LDAP server to crash, resulting in a denial of service.
(CVE-2021-20277)
Douglas Bagnall discovered that ldb, when used with Samba, incorrectly
handled certain DN strings. A remote attacker could use this issue to
cause the LDAP server to crash, resulting in a denial of service, or
possibly execute arbitrary code. (CVE-2020-27840)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-20277
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27840
Title: USN-4890-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4890-1
Priorities: high
Description:
Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not
properly compute a speculative execution limit on pointer arithmetic in
some situations. A local attacker could use this to expose sensitive
information (kernel memory). (CVE-2020-27171)
Piotr Krysiuk discovered that the BPF subsystem in the Linux kernel did not
properly apply speculative execution limits on some pointer types. A local
attacker could use this to expose sensitive information (kernel memory).
(CVE-2020-27170)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27170
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27171
456.152
Available in VMware Tanzu Network
Release Date: March 22, 2021
Metadata:
BOSH Agent Version: 2.234.11
USNs:
Title: USN-4758-1: Go vulnerability
URL: https://ubuntu.com/security/notices/USN-4758-1
Priorities: low
Description:
It was discovered that Go applications incorrectly handled uploaded content. If
a user were tricked into visiting a malicious page, a remote attacker could
exploit this with a crafted file to conduct cross-site scripting (XSS) attacks.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-24553
Title: USN-4761-1: Git vulnerability
URL: https://ubuntu.com/security/notices/USN-4761-1
Priorities: medium
Description:
Matheus Tavares discovered that Git incorrectly handled delay-capable
clean/smudge filters when being used on case-insensitive filesystems. A
remote attacker could possibly use this issue to execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-21300
Title: USN-4759-1: GLib vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4759-1
Priorities: medium
Description:
Krzesimir Nowak discovered that GLib incorrectly handled certain large
buffers. A remote attacker could use this issue to cause applications
linked to GLib to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2021-27218)
Kevin Backhouse discovered that GLib incorrectly handled certain memory
allocations. A remote attacker could use this issue to cause applications
linked to GLib to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2021-27219)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27218
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27219
Title: USN-4763-1: Pillow vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4763-1
Priorities: medium
Description:
It was discovered that Pillow incorrectly handled certain Tiff image files.
If a user or automated system were tricked into opening a specially-crafted
Tiff file, a remote attacker could cause Pillow to crash, resulting in a
denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 20.04 LTS and Ubuntu 20.10. (CVE-2021-25289,
CVE-2021-25291)
It was discovered that Pillow incorrectly handled certain Tiff image files.
If a user or automated system were tricked into opening a specially-crafted
Tiff file, a remote attacker could cause Pillow to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2021-25290)
It was discovered that Pillow incorrectly handled certain PDF files. If a
user or automated system were tricked into opening a specially-crafted
PDF file, a remote attacker could cause Pillow to hang, resulting in a
denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04
LTS, and Ubuntu 20.10. (CVE-2021-25292)
It was discovered that Pillow incorrectly handled certain SGI image files.
If a user or automated system were tricked into opening a specially-crafted
SGI file, a remote attacker could possibly cause Pillow to crash,
resulting in a denial of service. This issue only affected Ubuntu 18.04
LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-25293)
Jiayi Lin, Luke Shaffer, Xinran Xie, and Akshay Ajayan discovered that
Pillow incorrectly handled certain BLP files. If a user or automated system
were tricked into opening a specially-crafted BLP file, a remote attacker
could possibly cause Pillow to consume resources, resulting in a denial of
service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and
Ubuntu 20.10. (CVE-2021-27921)
Jiayi Lin, Luke Shaffer, Xinran Xie, and Akshay Ajayan discovered that
Pillow incorrectly handled certain ICNS files. If a user or automated
system were tricked into opening a specially-crafted ICNS file, a remote
attacker could possibly cause Pillow to consume resources, resulting in a
denial of service. (CVE-2021-27922)
Jiayi Lin, Luke Shaffer, Xinran Xie, and Akshay Ajayan discovered that
Pillow incorrectly handled certain ICO files. If a user or automated
system were tricked into opening a specially-crafted ICO file, a remote
attacker could possibly cause Pillow to consume resources, resulting in a
denial of service. (CVE-2021-27922)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27922
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25291
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27921
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25293
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27923
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25290
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25292
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25289
456.150
Available in VMware Tanzu Network
Release Date: March 15, 2021
Metadata:
BOSH Agent Version: 2.234.10
USNs:
Title: USN-4755-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4755-1
Priorities: medium
Description:
It was discovered that LibTIFF incorrectly handled certain malformed
images. If a user or automated system were tricked into opening a specially
crafted image, a remote attacker could crash the application, leading to a
denial of service, or possibly execute arbitrary code with user privileges.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-35524
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-35523
Title: USN-4756-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4756-1
Priorities: medium,low
Description:
Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information, conduct cross-site scripting (XSS) attacks, bypass HTTP auth
phishing warnings, or execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23971
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23973
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23970
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23972
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23969
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23968
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23974
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23975
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23978
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23979
Title: USN-4757-1: wpa_supplicant and hostapd vulnerability
URL: https://ubuntu.com/security/notices/USN-4757-1
Priorities: medium
Description:
It was discovered that wpa_supplicant did not properly handle P2P
(Wi-Fi Direct) provision discovery requests in some situations. A
physically proximate attacker could use this to cause a denial of service
or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27803
Title: USN-4754-4: Python 2.7 vulnerability
URL: https://ubuntu.com/security/notices/USN-4754-4
Priorities: medium
Description:
USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a
subsequent update removed the fix for CVE-2021-3177. This update reinstates
the security fix for CVE-2021-3177.
We apologize for the inconvenience.
Original advisory details:
It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code
or cause a denial of service. (CVE-2020-27619, CVE-2021-3177)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3177
456.146
Available in VMware Tanzu Network
Release Date: March 05, 2021
Fixes Issues:
GCP rsyslog behavior is fixed - cf ssh and rsyslog should be working as expected
Important Notice:
As of this release, on all IAASs, rsyslog will not start until /var/log is mounted. When used with a Bosh Agent, /var/log will automatically be mounted, and no further action is required.
If you use this stemcell without a Bosh Agent and do not mount /var/log, then you need to do one of these two actions:
* Remove the ExecStartPre= line from /etc/systemd/system/rsyslog.service
* Blank out the contents of /usr/local/bin/wait_for_var_log_to_be_mounted
Either action will cause rsyslog to no longer wait for /var/log to be mounted before starting.
Metadata:
BOSH Agent Version: 2.234.9
USNs:
Title: USN-4754-1: Python vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4754-1
Priorities: medium,low
Description:
It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code
or cause a denial of service. (CVE-2020-27619, CVE-2021-3177)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3177
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27619
456.145
Available in VMware Tanzu Network
Release Date: March 01, 2021
Known Issues:
This version of the stemcell has the following issues when used on GCP:
* Attempts to use cf ssh timeout.
* The iptables-logger job fails to deploy
This is because rsyslog is started before /var/log is mounted. This causes it to log to the root filesystem rather than the mounted persistent disk.
This issue is fixed in stemcell version 456.146.
Metadata:
BOSH Agent Version: 2.234.9
USNs:
Title: USN-4741-1: Jackson vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4741-1
Priorities: medium
Description:
It was discovered that Jackson Databind incorrectly handled
deserialization. An attacker could possibly use this issue to execute
arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-15095
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-7525
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-10172
Title: USN-4749-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4749-1
Priorities: medium,low
Description:
Bodong Zhao discovered a use-after-free in the Sun keyboard driver
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
(CVE-2020-25669)
It was discovered that the jfs file system implementation in the Linux
kernel contained an out-of-bounds read vulnerability. A local attacker
could use this to possibly cause a denial of service (system crash).
(CVE-2020-27815)
Shisong Qin and Bodong Zhao discovered that Speakup screen reader driver in
the Linux kernel did not correctly handle setting line discipline in some
situations. A local attacker could use this to cause a denial of service
(system crash). (CVE-2020-27830, CVE-2020-28941)
It was discovered that the memory management subsystem in the Linux kernel
did not properly handle copy-on-write operations in some situations. A
local attacker could possibly use this to gain unintended write access to
read-only memory pages. (CVE-2020-29374)
Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event
processing backend in the Linux kernel did not properly limit the number of
events queued. An attacker in a guest VM could use this to cause a denial
of service in the host OS. (CVE-2020-29568)
Olivier Benjamin and Pawel Wieczorkiewicz discovered a race condition the
Xen paravirt block backend in the Linux kernel, leading to a use-after-free
vulnerability. An attacker in a guest VM could use this to cause a denial
of service in the host OS. (CVE-2020-29569)
Jann Horn discovered that the tty subsystem of the Linux kernel did not use
consistent locking in some situations, leading to a read-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information (kernel memory).
(CVE-2020-29660)
Jann Horn discovered a race condition in the tty subsystem of the Linux
kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after-
free vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2020-29661)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27815
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29660
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27830
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29568
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29374
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29569
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29661
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25669
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28941
Title: USN-4748-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4748-1
Priorities: medium,low
Description:
It was discovered that the jfs file system implementation in the Linux
kernel contained an out-of-bounds read vulnerability. A local attacker
could use this to possibly cause a denial of service (system crash).
(CVE-2020-27815)
It was discovered that the memory management subsystem in the Linux kernel
did not properly handle copy-on-write operations in some situations. A
local attacker could possibly use this to gain unintended write access to
read-only memory pages. (CVE-2020-29374)
Michael Kurth and Pawel Wieczorkiewicz discovered that the Xen event
processing backend in the Linux kernel did not properly limit the number of
events queued. An attacker in a guest VM could use this to cause a denial
of service in the host OS. (CVE-2020-29568)
Jann Horn discovered that the tty subsystem of the Linux kernel did not use
consistent locking in some situations, leading to a read-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information (kernel memory).
(CVE-2020-29660)
Jann Horn discovered a race condition in the tty subsystem of the Linux
kernel in the locking for the TIOCSPGRP ioctl(), leading to a use-after-
free vulnerability. A local attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2020-29661)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29660
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29374
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29661
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-29568
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27815
Title: USN-4747-1: GNU Screen vulnerability
URL: https://ubuntu.com/security/notices/USN-4747-1
Priorities: medium
Description:
Felix Weinmann discovered that GNU Screen incorrectly handled certain
character sequences. A remote attacker could use this issue to cause GNU
Screen to crash, resulting in a denial of service, or possibly execute
arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-26937
Title: USN-4746-1: xterm vulnerability
URL: https://ubuntu.com/security/notices/USN-4746-1
Priorities: medium
Description:
Tavis Ormandy discovered that xterm incorrectly handled certain character
sequences. A remote attacker could use this issue to cause xterm to crash,
resulting in a denial of service, or possibly execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-27135
Known Issues: When used on GCP, rsyslog is started before /var/log is mounted. This causes it to log to the root filesystem rather than the mounted persistent disk.
456.144
Available in VMware Tanzu Network
Release Date: February 24, 2021
Known Issues:
This version of the stemcell has the following issues when used on GCP:
* Attempts to use cf ssh timeout.
* The iptables-logger job fails to deploy
This is because rsyslog is started before /var/log is mounted. This causes it to log to the root filesystem rather than the mounted persistent disk.
This issue is fixed in stemcell version 456.146.
Metadata:
BOSH Agent Version: 2.234.9
USNs:
Title: USN-4728-1: snapd vulnerability
URL: https://ubuntu.com/security/notices/USN-4728-1
Priorities: high
Description:
Gilad Reti discovered that snapd did not correctly specify cgroup
delegation when generating systemd service units for various container
management snaps. This could allow a local attacker to escalate privileges
via access to arbitrary devices of the container host from within a
compromised or malicious container.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27352
Title: USN-4718-1: fastd vulnerability
URL: https://ubuntu.com/security/notices/USN-4718-1
Priorities: medium
Description:
It was discovered that fastd incorrectly handled certain packets.
An attacker could possibly use this issue to cause a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27638
Title: USN-4729-1: Open vSwitch vulnerability
URL: https://ubuntu.com/security/notices/USN-4729-1
Priorities: medium
Description:
Joakim Hindersson discovered that Open vSwitch incorrectly parsed certain
network packets. A remote attacker could use this issue to cause a denial
of service, or possibly alter packet classification.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-35498
Title: USN-4724-1: OpenLDAP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4724-1
Priorities: medium
Description:
It was discovered that OpenLDAP incorrectly handled Certificate Exact
Assertion processing. A remote attacker could possibly use this issue to
cause OpenLDAP to crash, resulting in a denial of service. (CVE-2020-36221)
It was discovered that OpenLDAP incorrectly handled saslAuthzTo processing.
A remote attacker could use this issue to cause OpenLDAP to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2020-36222, CVE-2020-36224, CVE-2020-36225, CVE-2020-36226)
It was discovered that OpenLDAP incorrectly handled Return Filter control
handling. A remote attacker could use this issue to cause OpenLDAP to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2020-36223)
It was discovered that OpenLDAP incorrectly handled certain cancel
operations. A remote attacker could possibly use this issue to cause
OpenLDAP to crash, resulting in a denial of service. (CVE-2020-36227)
It was discovered that OpenLDAP incorrectly handled Certificate List
Extract Assertion processing. A remote attacker could possibly use this
issue to cause OpenLDAP to crash, resulting in a denial of service.
(CVE-2020-36228)
It was discovered that OpenLDAP incorrectly handled X.509 DN parsing. A
remote attacker could possibly use this issue to cause OpenLDAP to crash,
resulting in a denial of service. (CVE-2020-36229, CVE-2020-36230)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36223
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36226
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36227
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36230
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36221
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36229
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36224
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36225
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36228
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-36222
Title: USN-4737-1: Bind vulnerability
URL: https://ubuntu.com/security/notices/USN-4737-1
Priorities: medium
Description:
It was discovered that Bind incorrectly handled GSSAPI security policy
negotiation. A remote attacker could use this issue to cause Bind to crash,
resulting in a denial of service, or possibly execute arbitrary code. In
the default installation, attackers would be isolated by the Bind AppArmor
profile.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-8625
Title: USN-4734-1: wpa_supplicant and hostapd vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4734-1
Priorities: high,medium
Description:
It was discovered that wpa_supplicant did not properly handle P2P
(Wi-Fi Direct) group information in some situations, leading to a
heap overflow. A physically proximate attacker could use this to cause a
denial of service or possibly execute arbitrary code. (CVE-2021-0326)
It was discovered that hostapd did not properly handle UPnP subscribe
messages in some circumstances. An attacker could use this to cause a
denial of service. (CVE-2020-12695)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-0326
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-12695
Title: USN-4720-1: Apport vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4720-1
Priorities: medium
Description:
Itai Greenhut discovered that Apport incorrectly parsed certain files in
the /proc filesystem. A local attacker could use this issue to escalate
privileges and run arbitrary code. (CVE-2021-25682, CVE-2021-25683)
Itai Greenhut discovered that Apport incorrectly handled opening certain
special files. A local attacker could possibly use this issue to cause
Apport to hang, resulting in a denial of service. (CVE-2021-25684)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25683
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25682
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-25684
Known Issues: When used on GCP, rsyslog is started before /var/log is mounted. This causes it to log to the root filesystem rather than the mounted persistent disk.
456.137
Available in VMware Tanzu Network
Release Date: February 03, 2021
Metadata:
BOSH Agent Version: 2.234.8
USNs:
Title: USN-4708-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4708-1
Priorities: medium,low
Description:
Wen Xu discovered that the XFS filesystem implementation in the Linux
kernel did not properly track inode validations. An attacker could use this
to construct a malicious XFS image that, when mounted, could cause a denial
of service (system crash). (CVE-2018-13093)
It was discovered that the btrfs file system implementation in the Linux
kernel did not properly validate file system metadata in some situations.
An attacker could use this to construct a malicious btrfs image that, when
mounted, could cause a denial of service (system crash). (CVE-2019-19813,
CVE-2019-19816)
Bodong Zhao discovered a use-after-free in the Sun keyboard driver
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
(CVE-2020-25669)
Daniel Axtens discovered that PowerPC RTAS implementation in the Linux
kernel did not properly restrict memory accesses in some situations. A
privileged local attacker could use this to arbitrarily modify kernel
memory, potentially bypassing kernel lockdown restrictions.
(CVE-2020-27777)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27777
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-13093
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19816
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25669
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19813
Title: USN-4709-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4709-1
Priorities: high,low
Description:
It was discovered that the LIO SCSI target implementation in the Linux
kernel performed insufficient identifier checking in certain XCOPY
requests. An attacker with access to at least one LUN in a multiple
backstore environment could use this to expose sensitive information or
modify data. (CVE-2020-28374)
Wen Xu discovered that the XFS filesystem implementation in the Linux
kernel did not properly track inode validations. An attacker could use this
to construct a malicious XFS image that, when mounted, could cause a denial
of service (system crash). (CVE-2018-13093)
It was discovered that the btrfs file system implementation in the Linux
kernel did not properly validate file system metadata in some situations.
An attacker could use this to construct a malicious btrfs image that, when
mounted, could cause a denial of service (system crash). (CVE-2019-19813,
CVE-2019-19816)
Bodong Zhao discovered a use-after-free in the Sun keyboard driver
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service or possibly execute arbitrary code.
(CVE-2020-25669)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28374
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19816
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25669
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-19813
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-13093
Title: USN-4711-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4711-1
Priorities: high,medium
Description:
It was discovered that the LIO SCSI target implementation in the Linux
kernel performed insufficient identifier checking in certain XCOPY
requests. An attacker with access to at least one LUN in a multiple
backstore environment could use this to expose sensitive information or
modify data. (CVE-2020-28374)
Kiyin (尹亮) discovered that the perf subsystem in the Linux kernel did
not properly deallocate memory in some situations. A privileged attacker
could use this to cause a denial of service (kernel memory exhaustion).
(CVE-2020-25704)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-28374
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-25704
Title: USN-4716-1: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4716-1
Priorities: medium
Description:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.
MySQL has been updated to 8.0.23 in Ubuntu 20.04 LTS and Ubuntu 20.10.
Ubuntu 16.04 LTS and Ubuntu 18.04 LTS have been updated to MySQL 5.7.33.
In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.
Please see the following for more information:
https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-33.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-23.html
https://www.oracle.com/security-alerts/cpujan2021.html
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2088
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2076
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2022
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2061
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2081
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2065
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2070
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2002
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2072
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2122
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2046
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2048
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2038
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2031
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2056
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2087
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2010
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2036
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2060
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2021
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2024
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2014
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2032
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2058
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-2011
Title: USN-4717-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4717-1
Priorities: medium
Description:
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information, conduct clickjacking attacks, or execute arbitrary code.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23954
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23964
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23958
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23960
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23963
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23955
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23961
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23962
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23953
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23956
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-23965
Title: USN-4703-1: Mutt vulnerability
URL: https://ubuntu.com/security/notices/USN-4703-1
Priorities: medium
Description:
It was discovered that Mutt incorrectly handled certain email messages.
An attacker could possibly use this issue to cause a denial of service.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3181
Title: USN-4715-1: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-4715-1
Priorities: medium
Description:
Wang Baohua discovered that Django incorrectly extracted archive files. A
remote attacker could possibly use this issue to extract files outside of
their expected location.
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2021-3281
456.135
Available in VMware Tanzu Network
Release Date: January 27, 2021
Metadata:
BOSH Agent Version: 2.234.7
USNs:
USN: 4705-1
URL: https://ubuntu.com/security/notices/USN-4705-1
USN: 4704-1
URL: https://ubuntu.com/security/notices/USN-4704-1
USN: 4703-1
URL: https://ubuntu.com/security/notices/USN-4703-1
USN: 4702-1
URL: https://ubuntu.com/security/notices/USN-4702-1
USN: 4700-1
URL: https://ubuntu.com/security/notices/USN-4700-1
USN: 4699-1
URL: https://ubuntu.com/security/notices/USN-4699-1
USN: 4698-1
URL: https://ubuntu.com/security/notices/USN-4698-1
USN: 4697-1
URL: https://ubuntu.com/security/notices/USN-4697-1
USN: 4696-1
URL: https://ubuntu.com/security/notices/USN-4696-1
USN: 4695-1
URL: https://ubuntu.com/security/notices/USN-4695-1
USN: 4694-1
URL: https://ubuntu.com/security/notices/USN-4694-1
456.133
Available in VMware Tanzu Network
Release Date: January 15, 2021
Metadata:
BOSH Agent Version: 2.234.7
USNs:
Title: USN-4688-1: JasPer vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4688-1
Priorities: negligible,low,medium
Description:
It was discovered that Jasper incorrectly certain files.
An attacker could possibly use this issue to cause a crash.
(CVE-2018-18873)
It was discovered that Jasper incorrectly handled certain files.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2018-19542)
It was discovered that Jasper incorrectly handled certain JPC encoders.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2020-27828)
It was discovered that Jasper incorrectly handled certain images.
An attacker could possibly use this issue to expose sensitive information
or cause a crash.
(CVE-2017-9782)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2017-9782
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18873
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-19542
- https://people.canonical.com/~ubuntu-security/cve/CVE-2020-27828
Title: USN-4672-1: unzip vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4672-1
Priorities: low,negligible
Description:
Rene Freingruber discovered that unzip incorrectly handled certain
specially crafted password protected ZIP archives. If a user or automated
system using unzip were tricked into opening a specially crafted zip file,
an attacker could exploit this to cause a crash, resulting in a denial of
service. (CVE-2018-1000035)
Antonio Carista discovered that unzip incorrectly handled certain
specially crafted ZIP archives. If a user or automated system using unzip
were tricked into opening a specially crafted zip file, an attacker could
exploit this to cause a crash, resulting in a denial of service. This
issue only affected Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
(CVE-2018-18384)
It was discovered that unzip incorrectly handled certain specially crafted
ZIP archives. If a user or automated system using unzip were tricked into
opening a specially crafted zip file, an attacker could exploit this to
cause resource consumption, resulting in a denial of service.
(CVE-2019-13232)
Martin Carpenter discovered that unzip incorrectly handled certain
specially crafted ZIP archives. If a user or automated system using unzip
were tricked into opening a specially crafted zip file, an attacker could
exploit this to cause a crash, resulting in a denial of service. This
issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04
LTS. (CVE-2014-9913)
Alexis Vanden Eijnde discovered that unzip incorrectly handled certain
specially crafted ZIP archives. If a user or automated system using unzip
were tricked into opening a specially crafted zip file, an attacker could
exploit this to cause a crash, resulting in a denial of service. This
issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and Ubuntu 16.04
LTS. (CVE-2016-9844)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-1000035
- https://people.canonical.com/~ubuntu-security/cve/CVE-2018-18384
- https://people.canonical.com/~ubuntu-security/cve/CVE-2014-9913
- https://people.canonical.com/~ubuntu-security/cve/CVE-2016-9844
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-13232
Title: USN-4684-1: EDK II vulnerabilities
URL: https://ubuntu.com/security/notices/USN-4684-1
Priorities: low
Description:
Laszlo Ersek discovered that EDK II incorrectly validated certain signed
images. An attacker could possibly use this issue with a specially crafted
image to cause EDK II to hang, resulting in a denial of service. This issue
only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS.
(CVE-2019-14562)
It was discovered that EDK II incorrectly parsed signed PKCS #7 data. An
attacker could use this issue to cause EDK II to crash, resulting in a
denial of service, or possibly execute arbitrary code. (CVE-2019-14584)
CVEs:
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14584
- https://people.canonical.com/~ubuntu-security/cve/CVE-2019-14562
Title: USN-4670-1: ImageMagick vulnerabilities
URL: h