Ubuntu security

Ubuntu security notices

No Image

USN-6180-1: VLC media player vulnerabilities

2023-06-21 KENNETH 0

USN-6180-1: VLC media player vulnerabilities It was discovered that VLC could be made to read out of bounds when decoding image files. If a user were tricked into opening a crafted image file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-19721) It was discovered that VLC could be made to write out of bounds when processing H.264 video files. If a user were tricked into opening a crafted H.264 video file, a remote attacker could possibly use this issue to cause VLC to crash, leading to a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-13428) It was discovered that VLC could be made to read [ more… ]

No Image

USN-6168-2: libx11 vulnerability

2023-06-20 KENNETH 0

USN-6168-2: libx11 vulnerability USN-6168-1 fixed a vulnerability in libx11. This update provides the corresponding update for Ubuntu 14.04 ESM, Ubuntu 16.04 ESM, and Ubuntu 18.04 ESM. Original advisory details: Gregory James Duck discovered that libx11 incorrectly handled certain Request, Event, or Error IDs. If a user were tricked into connecting to a malicious X Server, a remote attacker could possibly use this issue to cause libx11 to crash, resulting in a denial of service. Source: USN-6168-2: libx11 vulnerability

No Image

USN-6179-1: Jettison vulnerability

2023-06-20 KENNETH 0

USN-6179-1: Jettison vulnerability It was discovered that Jettison incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Source: USN-6179-1: Jettison vulnerability

No Image

USN-6178-1: SVG++ library vulnerabilities

2023-06-20 KENNETH 0

USN-6178-1: SVG++ library vulnerabilities It was discovered that in SVG++ library that the demo application incorrectly managed memory resulting in a memory access violation under certain circumstances. An attacker could possibly use this issue to leak memory information or run a denial of service attack. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-6246) It was discovered that in SVG++ library that the demo application incorrectly handled null pointers under certain circumstances. An attacker could possibly use this issue to cause denial of service, leak memory information or manipulate program execution flow. (CVE-2021-44960) Source: USN-6178-1: SVG++ library vulnerabilities

No Image

USN-6083-2: cups-filters vulnerability

2023-06-19 KENNETH 0

USN-6083-2: cups-filters vulnerability USN-6083-1 fixed a vulnerability in cups-filters. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: It was discovered that cups-filters incorrectly handled the beh CUPS backend. A remote attacker could possibly use this issue to cause the backend to stop responding or to execute arbitrary code. Source: USN-6083-2: cups-filters vulnerability