Ubuntu security

Ubuntu security notices

No Image

USN-4488-2: X.Org X Server vulnerabilities

2020-09-10 KENNETH 0

USN-4488-2: X.Org X Server vulnerabilities USN-4488-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update and also the update from USN-4490-1 for Ubuntu 14.04 ESM. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the input extension protocol. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14346) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly initialized memory. A local attacker could possibly use this issue to obtain sensitive information. (CVE-2020-14347) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSelectEvents function. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14361) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XRecordRegisterClients function. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14362) Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled [ more… ]

No Image

USN-4491-1: GnuTLS vulnerability

2020-09-09 KENNETH 0

USN-4491-1: GnuTLS vulnerability It was discovered that GnuTLS incorrectly handled certain alerts when being used with TLS 1.3 servers. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. Source: USN-4491-1: GnuTLS vulnerability

No Image

USN-4487-2: libx11 vulnerabilities

2020-09-09 KENNETH 0

USN-4487-2: libx11 vulnerabilities USN-4487-1 fixed several vulnerabilities in libx11. This update provides the corresponding update for Ubuntu 12.04 ESM and 14.04 ESM. Original advisory details: Todd Carson discovered that libx11 incorrectly handled certain memory operations. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14344) Jayden Rivers discovered that libx11 incorrectly handled locales. A local attacker could possibly use this issue to escalate privileges. (CVE-2020-14363) Source: USN-4487-2: libx11 vulnerabilities

No Image

USN-4490-1: X.Org X Server vulnerability

2020-09-08 KENNETH 0

USN-4490-1: X.Org X Server vulnerability Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled the XkbSetNames function. A local attacker could possibly use this issue to escalate privileges. Source: USN-4490-1: X.Org X Server vulnerability

No Image

USN-4489-1: Linux kernel vulnerability

2020-09-08 KENNETH 0

USN-4489-1: Linux kernel vulnerability Or Cohen discovered that the AF_PACKET implementation in the Linux kernel did not properly perform bounds checking in some situations. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Source: USN-4489-1: Linux kernel vulnerability