Ubuntu security

USN-5197-1: Apache Log4j 2 vulnerability It was found that the fix to address CVE-2021-44228 in Apache Log4j 2.15.0 was incomplete in certain non-default configurations. An attacker could use this vulnerability to cause a denial of service. Source: USN-5197-1: Apache Log4j 2 vulnerability

USN-5193-1: X.Org X Server vulnerabilities Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled certain inputs. An attacker could use this issue to cause the server to crash, resulting in a denial of service, or possibly execute arbitrary code and escalate privileges. Source: USN-5193-1: X.Org X Server vulnerabilities

USN-5192-1: Apache Log4j 2 vulnerability Chen Zhaojun discovered that Apache Log4j 2 allows remote attackers to run programs via a special crafted input. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code. Source: USN-5192-1: Apache Log4j 2 vulnerability

USN-5191-1: Flatpak vulnerability It was discovered that Flatpak incorrectly handled certain AF_UNIX sockets. An attacker could use this to specially craft a Flatpak application that could escape sandbox confinement. Source: USN-5191-1: Flatpak vulnerability

USN-5174-2: Samba regression USN-5174-1 fixed vulnerabilities in Samba. Some of the changes introduced a regression in Kerberos authentication in certain environments. Please see the following upstream bug for more information: https://bugzilla.samba.org/show_bug.cgi?id=14922 This update fixes the problem. Original advisory details: Stefan Metzmacher discovered that Samba incorrectly handled SMB1 client connections. A remote attacker could possibly use this issue to downgrade connections to plaintext authentication. (CVE-2016-2124) Andrew Bartlett discovered that Samba incorrectly mapping domain users to local users. An authenticated attacker could possibly use this issue to become root on domain members. (CVE-2020-25717) Andrew Bartlett discovered that Samba did not properly check sensitive attributes. An authenticated attacker could possibly use this issue to escalate privileges. (CVE-2020-25722) Joseph Sutton discovered that Samba incorrectly handled certain TGS requests. An authenticated attacker could possibly use this issue to cause Samba to crash, resulting in a [ more… ]