Aggregator

USN-7701-3: Linux kernel (IoT) vulnerabilities

4 hours 34 minutes ago
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - SMB network file system; - Bluetooth subsystem; - Network traffic control; (CVE-2023-52975, CVE-2024-38541, CVE-2025-37797, CVE-2024-49950, CVE-2024-50073, CVE-2023-52757, CVE-2025-38083)

USN-7704-3: Linux kernel vulnerabilities

16 hours 50 minutes ago
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-A(FFA); - Multiple devices driver; - Media drivers; - Network drivers; - NVDIMM (Non-Volatile Memory Device) drivers; - NVME drivers; - x86 platform drivers; - TCM subsystem; - Virtio drivers; - File systems infrastructure; - SMB network file system; - LZO compression library; - Digital Audio (PCM) driver; - Tracing infrastructure; - Padata parallel execution mechanism; - CAN network layer; - Networking core; - TIPC protocol; - ALSA framework; (CVE-2025-38079, CVE-2025-38048, CVE-2025-38075, CVE-2025-38077, CVE-2025-38035, CVE-2025-38037, CVE-2025-38034, CVE-2025-38058, CVE-2025-38004, CVE-2025-38031, CVE-2025-38078, CVE-2025-38044, CVE-2025-38066, CVE-2025-38052, CVE-2025-38043, CVE-2025-38065, CVE-2025-38003, CVE-2025-38061, CVE-2025-38051, CVE-2025-38072, CVE-2025-38068)

USN-7703-2: Linux kernel vulnerabilities

17 hours 8 minutes ago
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU drivers; - HID subsystem; - Input Device (Mouse) drivers; - Multiple devices driver; - Media drivers; - Network drivers; - PCI subsystem; - S/390 drivers; - SPI subsystem; - Trusted Execution Environment drivers; - UFS subsystem; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - Framebuffer layer; - Network file system (NFS) client; - Network file system (NFS) server daemon; - File systems infrastructure; - SMB network file system; - Networking core; - L3 Master device support module; - TCP network protocol; - io_uring subsystem; - Process Accounting mechanism; - BPF subsystem; - Timer subsystem; - Workqueue subsystem; - Memory management; - Amateur Radio drivers; - B.A.T.M.A.N. meshing protocol; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Open vSwitch; - Network traffic control; - SOF drivers; (CVE-2025-21776, CVE-2025-21768, CVE-2025-21848, CVE-2025-21855, CVE-2025-21791, CVE-2025-21838, CVE-2025-21762, CVE-2025-21846, CVE-2025-21765, CVE-2025-21869, CVE-2025-21783, CVE-2025-21868, CVE-2025-21857, CVE-2025-21773, CVE-2024-54458, CVE-2025-21871, CVE-2025-21763, CVE-2024-58088, CVE-2025-21835, CVE-2025-21793, CVE-2025-21867, CVE-2025-21784, CVE-2025-21839, CVE-2025-21786, CVE-2025-21764, CVE-2025-21761, CVE-2025-21767, CVE-2024-58020, CVE-2025-21847, CVE-2025-21792, CVE-2025-21785, CVE-2025-21863, CVE-2025-21854, CVE-2025-21704, CVE-2024-52559, CVE-2025-21775, CVE-2025-21758, CVE-2025-21858, CVE-2025-21866, CVE-2025-21870, CVE-2024-57977, CVE-2024-54456, CVE-2025-21759, CVE-2025-21781, CVE-2025-21760, CVE-2025-21706, CVE-2024-57834, CVE-2025-21712, CVE-2025-21864, CVE-2025-21780, CVE-2025-21790, CVE-2025-21856, CVE-2025-21796, CVE-2025-21859, CVE-2025-21782, CVE-2024-58093, CVE-2025-21844, CVE-2025-21795, CVE-2025-21823, CVE-2025-21853, CVE-2025-21772, CVE-2025-21746, CVE-2025-21821, CVE-2024-58086, CVE-2025-21787, CVE-2025-21836, CVE-2025-21861, CVE-2025-21766, CVE-2025-21862, CVE-2025-21779)

USN-7699-2: Linux kernel (HWE) vulnerabilities

17 hours 25 minutes ago
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - RISC-V architecture; - x86 architecture; - Buffer Sharing and Synchronization framework; - DMA engine subsystem; - GPU drivers; - HID subsystem; - IIO ADC drivers; - IIO subsystem; - InfiniBand drivers; - Input Device core drivers; - Network drivers; - Mellanox network drivers; - PHY drivers; - Voltage and Current Regulator drivers; - VideoCore services drivers; - USB Type-C Connector System Software Interface driver; - Xen hypervisor drivers; - EROFS file system; - Network file system (NFS) client; - File systems infrastructure; - SMB network file system; - Network traffic control; - io_uring subsystem; - Kernel command line parsing driver; - Scheduler infrastructure; - Memory management; - Networking core; - MAC80211 subsystem; - Management Component Transport Protocol (MCTP); - Netfilter; - Open vSwitch; - TLS protocol; - Wireless networking; - SOF drivers; (CVE-2025-38011, CVE-2025-38095, CVE-2025-37967, CVE-2025-38012, CVE-2025-38019, CVE-2025-37960, CVE-2025-37973, CVE-2025-37958, CVE-2025-38094, CVE-2025-37963, CVE-2025-37955, CVE-2025-38014, CVE-2025-38025, CVE-2025-37970, CVE-2025-37947, CVE-2025-37966, CVE-2025-37948, CVE-2025-38013, CVE-2025-37957, CVE-2025-38028, CVE-2025-37962, CVE-2025-38002, CVE-2025-37996, CVE-2025-37992, CVE-2025-37969, CVE-2025-38009, CVE-2025-38027, CVE-2025-38020, CVE-2025-38023, CVE-2025-38008, CVE-2025-38015, CVE-2025-37954, CVE-2025-38007, CVE-2025-38005, CVE-2025-37956, CVE-2025-37965, CVE-2025-37972, CVE-2025-38006, CVE-2025-37971, CVE-2025-38056, CVE-2025-37968, CVE-2025-38024, CVE-2025-37951, CVE-2025-38016, CVE-2025-38022, CVE-2025-37964, CVE-2025-37994, CVE-2025-37952, CVE-2025-37998, CVE-2025-37993, CVE-2025-38018, CVE-2025-38010, CVE-2025-37995, CVE-2025-38021, CVE-2025-37999, CVE-2025-37961, CVE-2025-37959, CVE-2025-37950, CVE-2025-37949)

USN-7707-1: LibTIFF vulnerabilities

21 hours 18 minutes ago
It was discovered that LibTIFF incorrectly handled certain memory operations when using tiffmedian tool. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. (CVE-2025-8176) It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using thumbnail tool. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2025-8177) It was discovered that LibTIFF incorrectly handled certain memory operations when using tiff2ps tool. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. (CVE-2025-8534) It was discovered that LibTIFF did not properly perform bounds checking in certain operations when using tiffcrop tool. An attacker could trick a user into processing a specially crafted tiff image file and potentially use this issue to cause a denial of service. (CVE-2025-8851)

USN-7701-2: Linux kernel (FIPS) vulnerabilities

1 day 4 hours ago
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Device tree and open firmware driver; - SCSI subsystem; - TTY drivers; - SMB network file system; - Bluetooth subsystem; - Network traffic control; (CVE-2023-52757, CVE-2024-49950, CVE-2024-38541, CVE-2023-52975, CVE-2024-50073, CVE-2025-38083, CVE-2025-37797)

USN-7706-1: Ceph vulnerabilities

1 day 6 hours ago
It was discovered that Ceph incorrectly handled read-only permissions. An authenticated attacker could use this issue to obtain dm-crypt encryption keys. This issue only affected Ubuntu 14.04 LTS. (CVE-2018-14662) Sergey Bobrov discovered that Ceph’s RadosGW (Ceph Object Gateway) allowed the injection of HTTP headers in responses to CORS requests. An attacker could possibly use this issue to compromise system integrity. This issue only affected Ubuntu 16.04 LTS. (CVE-2021-3524)

USN-7705-1: Tomcat vulnerabilities

1 day 11 hours ago
It was discovered that Tomcat did not correctly handle case sensitivity. An attacker could possibly use this issue to bypass authentication mechanisms. (CVE-2025-46701) Elysee Franchuk discovered that Tomcat did not correctly limit the number of attributes for a session. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-54677) It was discovered that Tomcat did not correctly sanitize certain URLs. An attacker could possibly use this issue to bypass authentication mechanisms. (CVE-2025-31651) It was discovered that Tomcat did not correctly handle certain malformed HTTP headers, which could lead to a memory leak. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 24.04 LTS. (CVE-2025-31650) It was discovered that Tomcat did not correctly handle concurrent operations under certain circumstances. An attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-50379) It was discovered that Tomcat did not correctly handle certain authentication errors. An attacker could possibly use this issue to bypass authentication mechanisms. This issue only affected Ubuntu 24.04 LTS. (CVE-2024-52316)

USN-7704-1: Linux kernel vulnerabilities

1 day 12 hours ago
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-A(FFA); - Multiple devices driver; - Media drivers; - Network drivers; - NVDIMM (Non-Volatile Memory Device) drivers; - NVME drivers; - x86 platform drivers; - TCM subsystem; - Virtio drivers; - File systems infrastructure; - SMB network file system; - LZO compression library; - Digital Audio (PCM) driver; - Tracing infrastructure; - Padata parallel execution mechanism; - CAN network layer; - Networking core; - TIPC protocol; - ALSA framework; (CVE-2025-38079, CVE-2025-38048, CVE-2025-38075, CVE-2025-38077, CVE-2025-38035, CVE-2025-38037, CVE-2025-38034, CVE-2025-38058, CVE-2025-38004, CVE-2025-38031, CVE-2025-38078, CVE-2025-38044, CVE-2025-38066, CVE-2025-38052, CVE-2025-38043, CVE-2025-38065, CVE-2025-38003, CVE-2025-38061, CVE-2025-38051, CVE-2025-38072, CVE-2025-38068)

USN-7704-2: Linux kernel (FIPS) vulnerabilities

1 day 12 hours ago
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - Arm Firmware Framework for ARMv8-A(FFA); - Multiple devices driver; - Media drivers; - Network drivers; - NVDIMM (Non-Volatile Memory Device) drivers; - NVME drivers; - x86 platform drivers; - TCM subsystem; - Virtio drivers; - File systems infrastructure; - SMB network file system; - LZO compression library; - Digital Audio (PCM) driver; - Tracing infrastructure; - Padata parallel execution mechanism; - CAN network layer; - Networking core; - TIPC protocol; - ALSA framework; (CVE-2025-38052, CVE-2025-38078, CVE-2025-38079, CVE-2025-38061, CVE-2025-38044, CVE-2025-38065, CVE-2025-38043, CVE-2025-38034, CVE-2025-38037, CVE-2025-38048, CVE-2025-38066, CVE-2025-38003, CVE-2025-38058, CVE-2025-38075, CVE-2025-38077, CVE-2025-38051, CVE-2025-38031, CVE-2025-38035, CVE-2025-38072, CVE-2025-38004, CVE-2025-38068)

USN-7703-1: Linux kernel vulnerabilities

1 day 14 hours ago
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - GPIO subsystem; - GPU drivers; - HID subsystem; - Input Device (Mouse) drivers; - Multiple devices driver; - Media drivers; - Network drivers; - PCI subsystem; - S/390 drivers; - SPI subsystem; - Trusted Execution Environment drivers; - UFS subsystem; - USB Device Class drivers; - USB core drivers; - USB Gadget drivers; - Framebuffer layer; - Network file system (NFS) client; - Network file system (NFS) server daemon; - File systems infrastructure; - SMB network file system; - Networking core; - L3 Master device support module; - TCP network protocol; - io_uring subsystem; - Process Accounting mechanism; - BPF subsystem; - Timer subsystem; - Workqueue subsystem; - Memory management; - Amateur Radio drivers; - B.A.T.M.A.N. meshing protocol; - IPv4 networking; - IPv6 networking; - Multipath TCP; - Open vSwitch; - Network traffic control; - SOF drivers; (CVE-2025-21776, CVE-2025-21768, CVE-2025-21848, CVE-2025-21855, CVE-2025-21791, CVE-2025-21838, CVE-2025-21762, CVE-2025-21846, CVE-2025-21765, CVE-2025-21869, CVE-2025-21783, CVE-2025-21868, CVE-2025-21857, CVE-2025-21773, CVE-2024-54458, CVE-2025-21871, CVE-2025-21763, CVE-2024-58088, CVE-2025-21835, CVE-2025-21793, CVE-2025-21867, CVE-2025-21784, CVE-2025-21839, CVE-2025-21786, CVE-2025-21764, CVE-2025-21761, CVE-2025-21767, CVE-2024-58020, CVE-2025-21847, CVE-2025-21792, CVE-2025-21785, CVE-2025-21863, CVE-2025-21854, CVE-2025-21704, CVE-2024-52559, CVE-2025-21775, CVE-2025-21758, CVE-2025-21858, CVE-2025-21866, CVE-2025-21870, CVE-2024-57977, CVE-2024-54456, CVE-2025-21759, CVE-2025-21781, CVE-2025-21760, CVE-2025-21706, CVE-2024-57834, CVE-2025-21712, CVE-2025-21864, CVE-2025-21780, CVE-2025-21790, CVE-2025-21856, CVE-2025-21796, CVE-2025-21859, CVE-2025-21782, CVE-2024-58093, CVE-2025-21844, CVE-2025-21795, CVE-2025-21823, CVE-2025-21853, CVE-2025-21772, CVE-2025-21746, CVE-2025-21821, CVE-2024-58086, CVE-2025-21787, CVE-2025-21836, CVE-2025-21861, CVE-2025-21766, CVE-2025-21862, CVE-2025-21779)