Ubuntu security

Ubuntu security notices

No Image

USN-2972-1: OpenJDK 6 vulnerabilities

2016-05-11 KENNETH 0

USN-2972-1: OpenJDK 6 vulnerabilities Ubuntu Security Notice USN-2972-1 10th May, 2016 openjdk-6 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in OpenJDK 6. Software description openjdk-6 – Open Source Java implementation Details Multiple vulnerabilities were discovered in the OpenJDK JRE related toinformation disclosure, data integrity, and availability. An attackercould exploit these to cause a denial of service, expose sensitive dataover the network, or possibly execute arbitrary code. (CVE-2016-0686,CVE-2016-0687, CVE-2016-3427) A vulnerability was discovered in the OpenJDK JRE related to informationdisclosure. An attacker could exploit this to expose sensitive data overthe network. (CVE-2016-0695) A vulnerability was discovered in the OpenJDK JRE related to availability.An attacker could exploit this to cause a denial of service.(CVE-2016-3425) Update instructions The problem can be corrected by updating your system to the following [ more… ]

No Image

USN-2967-2: Linux kernel (OMAP4) vulnerabilities

2016-05-10 KENNETH 0

USN-2967-2: Linux kernel (OMAP4) vulnerabilities Ubuntu Security Notice USN-2967-2 9th May, 2016 linux-ti-omap4 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-ti-omap4 – Linux kernel for OMAP4 Details It was discovered that the Linux kernel did not properly enforce rlimitsfor file descriptors sent over UNIX domain sockets. A local attacker coulduse this to cause a denial of service. (CVE-2013-4312) Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7515) Ralf Spenneberg discovered that the USB driver for Clie devices in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical [ more… ]

No Image

USN-2967-1: Linux kernel vulnerabilities

2016-05-10 KENNETH 0

USN-2967-1: Linux kernel vulnerabilities Ubuntu Security Notice USN-2967-1 9th May, 2016 linux vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux – Linux kernel Details It was discovered that the Linux kernel did not properly enforce rlimitsfor file descriptors sent over UNIX domain sockets. A local attacker coulduse this to cause a denial of service. (CVE-2013-4312) Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7515) Ralf Spenneberg discovered that the USB driver for Clie devices in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause [ more… ]

No Image

USN-2969-1: Linux kernel (Utopic HWE) vulnerabilities

2016-05-10 KENNETH 0

USN-2969-1: Linux kernel (Utopic HWE) vulnerabilities Ubuntu Security Notice USN-2969-1 9th May, 2016 linux-lts-utopic vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-utopic – Linux hardware enablement kernel from Utopic for Trusty Details Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7515) Ben Hawkes discovered that the Linux kernel's AIO interface allowed singlewrites greater than 2GB, which could cause an integer overflow when writingto certain filesystems, socket or device types. A local attacker could thisto cause a denial of service (system crash) or possibly execute arbitrarycode. (CVE-2015-8830) Zach Riggle discovered that the Linux kernel's list [ more… ]

No Image

USN-2968-2: Linux kernel (Trusty HWE) vulnerabilities

2016-05-10 KENNETH 0

USN-2968-2: Linux kernel (Trusty HWE) vulnerabilities Ubuntu Security Notice USN-2968-2 9th May, 2016 linux-lts-trusty vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 12.04 LTS Summary Several security issues were fixed in the kernel. Software description linux-lts-trusty – Linux hardware enablement kernel from Trusty for Precise Details USN-2968-1 fixed vulnerabilities in the Linux kernel for Ubuntu14.04 LTS. This update provides the corresponding updates for theLinux Hardware Enablement (HWE) kernel from Ubuntu 14.04 LTS forUbuntu 12.04 LTS. Ralf Spenneberg discovered that the Aiptek Tablet USB device driver in theLinux kernel did not properly sanity check the endpoints reported by thedevice. An attacker with physical access could cause a denial of service(system crash). (CVE-2015-7515) Ben Hawkes discovered that the Linux kernel's AIO interface allowed singlewrites greater than 2GB, which could cause an integer overflow when writingto certain filesystems, [ more… ]