Ubuntu security

Ubuntu security notices

No Image

USN-5324-1: libxml2 vulnerability

2022-03-14 KENNETH 0

USN-5324-1: libxml2 vulnerability It was discovered that libxml2 incorrectly handled certain XML files. An attacker could use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code. Source: USN-5324-1: libxml2 vulnerability

No Image

USN-5323-1: NBD vulnerabilities

2022-03-14 KENNETH 0

USN-5323-1: NBD vulnerabilities It was discovered that NBD incorrectly handled name length fields. A remote attacker could use this issue to cause NBD to crash, resulting in a denial of service, or possibly execute arbitrary code. Source: USN-5323-1: NBD vulnerabilities

No Image

USN-5322-1: Subversion vulnerability

2022-03-11 KENNETH 0

USN-5322-1: Subversion vulnerability Thomas Akesson discovered that Subversion incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service. Source: USN-5322-1: Subversion vulnerability

No Image

USN-5321-1: Firefox vulnerabilities

2022-03-11 KENNETH 0

USN-5321-1: Firefox vulnerabilities Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof the browser UI, bypass security restrictions, obtain sensitive information, or execute arbitrary code. (CVE-2022-0843, CVE-2022-26381, CVE-2022-26382, CVE-2022-26383, CVE-2022-26384, CVE-2022-26385) A TOCTOU bug was discovered when verifying addon signatures during install. A local attacker could potentially exploit this to trick a user into installing an addon with an invalid signature. (CVE-2022-26387) Source: USN-5321-1: Firefox vulnerabilities

No Image

USN-5320-1: Expat vulnerabilities and regression

2022-03-10 KENNETH 0

USN-5320-1: Expat vulnerabilities and regression USN-5288-1 fixed several vulnerabilities in Expat. For CVE-2022-25236 it caused a regression and an additional patch was required. This update address this regression and several other vulnerabilities. It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-25313) It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.10. (CVE-2022-25314) It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2022-25315) Original advisory details: It was discovered that Expat incorrectly handled certain files. An attacker could possibly use this issue to cause a [ more… ]