Ubuntu security notices
These are the Ubuntu security notices that affect the current supported releases of Ubuntu. These notices are also posted to the ubuntu-security-announce mailing list (list archive). To report a security vulnerability in an Ubuntu package, please file a bug, or contact [email protected]. You may also be interested in learning about Ubuntu security policies. For more details on a specific CVE or source package, please see the Ubuntu CVE Tracker.
You can also view the latest notices by subscribing to the RSS 
or the Atom feeds.
USN-2919-1: JasPer vulnerabilities - 3rd March 2016
Jacob Baines discovered that JasPer incorrectly handled ICC color profiles in JPEG-2000 image files. If a user were tricked into opening a specially crafted JPEG-2000 image file, a remote attacker could cause JasPer to crash or possibly execute arbitrary code with user privileges. (CVE-2016-1577) Tyler Hicks discovered that JasPer incorrectly ...
USN-2918-1: pixman vulnerability - 3rd March 2016
Vincent LE GARREC discovered an integer underflow in pixman. If a user were tricked into opening a specially crafted file, a remote attacker could cause pixman to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-2916-1: Perl vulnerabilities - 2nd March 2016
It was discovered that Perl incorrectly handled certain regular expressions with an invalid backreference. An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2013-7422) Markus Vervier discovered that Perl incorrectly handled nesting in the Data::Dumper module. An ...
USN-2915-1: Django vulnerabilities - 1st March 2016
Mark Striemer discovered that Django incorrectly handled user-supplied redirect URLs containing basic authentication credentials. A remote attacker could possibly use this issue to perform a cross-site scripting attack or a malicious redirect. (CVE-2016-2512) Sjoerd Job Postmus discovered that Django incorrectly handled timing when doing password hashing operations. A remote attacker ...
USN-2914-1: OpenSSL vulnerabilities - 1st March 2016
Yuval Yarom, Daniel Genkin, and Nadia Heninger discovered that OpenSSL was vulnerable to a side-channel attack on modular exponentiation. On certain CPUs, a local attacker could possibly use this issue to recover RSA keys. This flaw is known as CacheBleed. (CVE-2016-0702) Adam Langley discovered that OpenSSL incorrectly handled memory when ...
CVE-2016-0702 CVE-2016-0705 CVE-2016-0797 CVE-2016-0798 CVE-2016-0799
USN-2909-2: Linux kernel (Utopic HWE) regression - 27th February 2016
USN-2909-1 fixed vulnerabilities in the Ubuntu 14.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 14.10 backport kernel within VMWare virtual machines. This update fixes the problem. We apologize for the inconvenience. ...
USN-2910-2: Linux kernel (Vivid HWE) regression - 27th February 2016
USN-2910-1 fixed vulnerabilities in the Ubuntu 15.04 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 15.04 backport kernel within VMWare virtual machines. This update fixes the problem. We apologize for the inconvenience. ...
USN-2908-5: Linux kernel (Wily HWE) regression - 27th February 2016
USN-2908-2 fixed vulnerabilities in the Ubuntu 15.10 Linux kernel backported to Ubuntu 14.04 LTS. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 14.04 LTS guests running the Ubuntu 15.10 backport kernel within VMWare virtual machines. This update fixes the problem. We apologize for the inconvenience. ...
USN-2908-4: Linux kernel regression - 26th February 2016
USN-2908-1 fixed vulnerabilities in the Linux kernel for Ubuntu 15.10. An incorrect locking fix caused a regression that broke graphics displays for Ubuntu 15.10 guests running within VMWare virtual machines. This update fixes the problem. We apologize for the inconvenience. Original advisory details: halfdog discovered that OverlayFS, when mounting on ...
USN-2913-3: OpenSSL update - 24th February 2016
USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the OpenSSL package to properly handle the removal. Original advisory details: The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20160104 package, ...
USN-2913-2: glib-networking update - 24th February 2016
USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the glib-networking package to properly handle the removal. Original advisory details: The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20160104 package, ...
USN-2913-4: GnuTLS update - 24th February 2016
USN-2913-1 removed 1024-bit RSA CA certificates from the ca-certificates package. This update adds support for alternate certificate chains to the GnuTLS package to properly handle the removal. Original advisory details: The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20160104 package, ...
USN-2913-1: ca-certificates update - 24th February 2016
The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 20160104 package, including the removal of the SPI CA and CA certificates with 1024-bit RSA keys.
USN-2903-2: NSS regression - 23rd February 2016
USN-2903-1 fixed a vulnerability in NSS. An incorrect package versioning change in Ubuntu 12.04 LTS caused a regression when building software against NSS. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Hanno Böck discovered that NSS incorrectly handled certain division functions, possibly leading to cryptographic ...
USN-2912-1: libssh vulnerabilities - 23rd February 2016
Mariusz Ziulek discovered that libssh incorrectly handled certain packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service. (CVE-2015-3146) Aris Adamantiadis discovered that libssh incorrectly generated ephemeral secret keys of 128 bits instead of the recommended 1024 or 2048 bits ...
USN-2905-1: Oxide vulnerability - 23rd February 2016
A security issue was discovered in Chromium. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions or a sandbox protection mechanism. (CVE-2016-1629)
USN-2911-2: Linux kernel (OMAP4) vulnerability - 22nd February 2016
It was discovered that the Linux kernel keyring subsystem contained a race between read and revoke operations. A local attacker could use this to cause a denial of service (system crash).
USN-2911-1: Linux kernel vulnerability - 22nd February 2016
It was discovered that the Linux kernel keyring subsystem contained a race between read and revoke operations. A local attacker could use this to cause a denial of service (system crash).
USN-2910-1: Linux kernel (Vivid HWE) vulnerabilities - 22nd February 2016
halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. (CVE-2016-1576) halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged ...
CVE-2015-7550 CVE-2015-8543 CVE-2015-8569 CVE-2015-8575 CVE-2015-8785 CVE-2016-1575 CVE-2016-1576
USN-2909-1: Linux kernel (Utopic HWE) vulnerabilities - 22nd February 2016
halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. (CVE-2016-1576) halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged ...
USN-2908-1: Linux kernel vulnerabilities - 22nd February 2016
halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. (CVE-2016-1576) halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged ...
CVE-2013-4312 CVE-2015-8785 CVE-2016-1575 CVE-2016-1576 CVE-2016-2069
USN-2908-2: Linux kernel (Wily HWE) vulnerabilities - 22nd February 2016
halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. (CVE-2016-1576) halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged ...
CVE-2013-4312 CVE-2015-8785 CVE-2016-1575 CVE-2016-1576 CVE-2016-2069
USN-2908-3: Linux kernel (Raspberry Pi 2) vulnerabilities - 22nd February 2016
halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. (CVE-2016-1576) halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged ...
CVE-2013-4312 CVE-2015-8785 CVE-2016-1575 CVE-2016-1576 CVE-2016-2069
USN-2907-2: Linux kernel (Trusty HWE) vulnerabilities - 22nd February 2016
halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. (CVE-2016-1576) halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged ...
CVE-2015-7550 CVE-2015-8543 CVE-2015-8569 CVE-2015-8575 CVE-2015-8785 CVE-2016-1575 CVE-2016-1576
USN-2907-1: Linux kernel vulnerabilities - 22nd February 2016
halfdog discovered that OverlayFS, when mounting on top of a FUSE mount, incorrectly propagated file attributes, including setuid. A local unprivileged attacker could use this to gain privileges. (CVE-2016-1576) halfdog discovered that OverlayFS in the Linux kernel incorrectly propagated security sensitive extended attributes, such as POSIX ACLs. A local unprivileged ...
CVE-2015-7550 CVE-2015-8543 CVE-2015-8569 CVE-2015-8575 CVE-2015-8785 CVE-2016-1575 CVE-2016-1576
USN-2906-1: GNU cpio vulnerabilities - 22nd February 2016
Alexander Cherepanov discovered that GNU cpio incorrectly handled symbolic links when used with the --no-absolute-filenames option. If a user or automated system were tricked into extracting a specially-crafted cpio archive, a remote attacker could possibly use this issue to write arbitrary files. This issue only affected Ubuntu 12.04 LTS and ...
USN-2895-1: Oxide vulnerabilities - 18th February 2016
The DOM implementation in Chromium did not properly restrict frame-attach operations from occurring during or after frame-detach operations. If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit this to bypass same-origin restrictions. (CVE-2016-1623) An integer underflow was discovered in Brotli. If a ...
USN-2903-1: NSS vulnerability - 17th February 2016
Hanno Böck discovered that NSS incorrectly handled certain division functions, possibly leading to cryptographic weaknesses. (CVE-2016-1938) This update also refreshes the NSS package to version 3.21 which includes the latest CA certificate bundle, and removes the SPI CA.
USN-2902-1: graphite2 vulnerabilities - 17th February 2016
Yves Younan discovered that graphite2 incorrectly handled certain malformed fonts. If a user or automated system were tricked into opening a specially- crafted font file, a remote attacker could use this issue to cause graphite2 to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-2901-1: xdelta3 vulnerability - 17th February 2016
It was discovered that xdelta3 incorrectly handled certain files. If a user or automated system were tricked into processing a specially-crafted file, a remote attacker could use this issue to cause xdelta3 to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-2900-1: GNU C Library vulnerability - 16th February 2016
It was discovered that the GNU C Library incorrectly handled receiving responses while performing DNS resolution. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-2899-1: LibreOffice vulnerabilities - 16th February 2016
It was discovered that LibreOffice incorrectly handled LWP document files. If a user were tricked into opening a specially crafted LWP document, a remote attacker could cause LibreOffice to crash, and possibly execute arbitrary code.
USN-2855-2: Samba regression - 16th February 2016
USN-2855-1 fixed vulnerabilities in Samba. The upstream fix for CVE-2015-5252 introduced a regression in certain specific environments. This update fixes the problem. Original advisory details: Thilo Uttendorfer discovered that the Samba LDAP server incorrectly handled certain packets. A remote attacker could use this issue to cause the LDAP server to ...
USN-2898-2: Eye of GNOME vulnerability - 15th February 2016
It was discovered that Eye of GNOME incorrectly handled certain large images. If a user were tricked into opening a specially-crafted image, a remote attacker could use this issue to cause Eye of GNOME to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-2898-1: GTK+ vulnerability - 15th February 2016
It was discovered that GTK+ incorrectly handled certain large images. A remote attacker could use this issue to cause GTK+ applications to crash, resulting in a denial of service, or possibly execute arbitrary code.
USN-2897-1: Nettle vulnerabilities - 15th February 2016
Hanno Böck discovered that Nettle incorrectly handled carry propagation in the NIST P-256 elliptic curve. (CVE-2015-8803) Hanno Böck discovered that Nettle incorrectly handled carry propagation in the NIST P-384 elliptic curve. (CVE-2015-8804) Niels Moeller discovered that Nettle incorrectly handled carry propagation in the NIST P-256 elliptic curve. (CVE-2015-8805)
USN-2896-1: Libgcrypt vulnerability - 15th February 2016
Daniel Genkin, Lev Pachmanov, Itamar Pipman and Eran Tromer discovered that Libgcrypt was susceptible to an attack via physical side channels. A local attacker could use this attack to possibly recover private keys.
USN-2893-1: Firefox vulnerability - 11th February 2016
Jason Pang discovered that service workers intercept responses to plugin network requests made through the browser. An attacker could potentially exploit this to bypass same origin restrictions using the Flash plugin. (CVE-2016-1949)
USN-2894-1: PostgreSQL vulnerabilities - 11th February 2016
It was discovered that PostgreSQL incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause PostgreSQL to crash, resulting in a denial of service. (CVE-2016-0773) It was discovered that PostgreSQL incorrectly handled certain configuration settings (GUCS) for users of PL/Java. A remote attacker could possibly ...
USN-2892-1: nginx vulnerabilities - 9th February 2016
It was discovered that nginx incorrectly handled certain DNS server responses when the resolver is enabled. A remote attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service. (CVE-2016-0742) It was discovered that nginx incorrectly handled CNAME response processing when the resolver is ...
USN-2880-2: Firefox regression - 8th February 2016
USN-2880-1 fixed vulnerabilities in Firefox. This update introduced a regression which caused Firefox to crash on startup with some configurations. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Bob Clary, Christian Holler, Nils Ohlmeier, Gary Kwong, Jesse Ruderman, Carsten Book, Randell Jesup, Nicolas Pierron, Eric ...
USN-2891-1: QEMU vulnerabilities - 3rd February 2016
Qinghao Tang discovered that QEMU incorrectly handled PCI MSI-X support. An attacker inside the guest could use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 15.10. (CVE-2015-7549) Lian Yihan discovered that QEMU incorrectly handled the VNC ...
CVE-2015-7549 CVE-2015-8504 CVE-2015-8550 CVE-2015-8558 CVE-2015-8567 CVE-2015-8568 CVE-2015-8613 CVE-2015-8619 CVE-2015-8666 CVE-2015-8743 CVE-2015-8744 CVE-2015-8745 CVE-2016-1568 CVE-2016-1714 CVE-2016-1922 CVE-2016-1981 CVE-2016-2197 CVE-2016-2198
USN-2890-3: Linux kernel (Raspberry Pi 2) vulnerabilities - 1st February 2016
It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446) It was discovered that the KVM implementation in the Linux kernel did not ...
CVE-2013-7446 CVE-2015-7513 CVE-2015-7550 CVE-2015-7990 CVE-2015-8374 CVE-2015-8543 CVE-2015-8569 CVE-2015-8575 CVE-2015-8787
USN-2890-2: Linux kernel (Wily HWE) vulnerabilities - 1st February 2016
It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446) It was discovered that the KVM implementation in the Linux kernel did not ...
CVE-2013-7446 CVE-2015-7513 CVE-2015-7550 CVE-2015-7990 CVE-2015-8374 CVE-2015-8543 CVE-2015-8569 CVE-2015-8575 CVE-2015-8787
USN-2890-1: Linux kernel vulnerabilities - 1st February 2016
It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446) It was discovered that the KVM implementation in the Linux kernel did not ...
CVE-2013-7446 CVE-2015-7513 CVE-2015-7550 CVE-2015-7990 CVE-2015-8374 CVE-2015-8543 CVE-2015-8569 CVE-2015-8575 CVE-2015-8787
USN-2889-2: Linux kernel (Vivid HWE) vulnerabilities - 1st February 2016
It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446) It was discovered that the KVM implementation in the Linux kernel did not ...
CVE-2013-7446 CVE-2015-7513 CVE-2015-7990 CVE-2015-8374 CVE-2015-8787
USN-2889-1: Linux kernel vulnerabilities - 1st February 2016
It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446) It was discovered that the KVM implementation in the Linux kernel did not ...
CVE-2013-7446 CVE-2015-7513 CVE-2015-7990 CVE-2015-8374 CVE-2015-8787
USN-2888-1: Linux kernel (Utopic HWE) vulnerabilities - 1st February 2016
It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446) It was discovered that the KVM implementation in the Linux kernel did not ...
CVE-2013-7446 CVE-2015-7513 CVE-2015-7550 CVE-2015-7990 CVE-2015-8374 CVE-2015-8543 CVE-2015-8569 CVE-2015-8575
USN-2887-2: Linux kernel (Trusty HWE) vulnerabilities - 1st February 2016
It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446) It was discovered that the KVM implementation in the Linux kernel did not ...
USN-2887-1: Linux kernel vulnerabilities - 1st February 2016
It was discovered that a use-after-free vulnerability existed in the AF_UNIX implementation in the Linux kernel. A local attacker could use crafted epoll_ctl calls to cause a denial of service (system crash) or expose sensitive information. (CVE-2013-7446) It was discovered that the KVM implementation in the Linux kernel did not ...