Ubuntu Secutity Notices

A race condition was discovered in Web Render Components. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit this to execute arbitrary code.

It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2021-29457) It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to cause a denial of service. (CVE-2021-29458, CVE-2021-29470) It was discovered that Exiv2 incorrectly handled certain images. An attacker could possibly use this issue to execute arbitrary code or cause a crash. (CVE-2021-3482)

It was discovered that PyYAML incorrectly handled untrusted YAML files with the FullLoader loader. A remote attacker could possibly use this issue to execute arbitrary code.

A large number of security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, or execute arbitrary code. (CVE-2021-23968, CVE-2021-23969, CVE-2021-23973, CVE-2021-23978) It was discovered that Thunderbird may keep key material in memory in some circumstances. A local attacker could potentially exploit this to obtain private keys. (CVE-2021-29950)

It was discovered that Unbound contained multiple security issues. A remote attacker could possibly use these issues to cause a denial of service, inject arbitrary commands, execute arbitrary code, and overwrite local files.

USN-4934-1 fixed several vulnerabilities in Exim. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. CVE-2020-28026 only affected Ubuntu 16.04 ESM. Original advisory details: It was discovered that Exim contained multiple security issues. An attacker could use these issues to cause a denial of service, execute arbitrary code remotely, obtain sensitive information, or escalate local privileges.

Ondrej Holy discovered that GNOME Autoar could extract files outside of the intended directory. If a user were tricked into extracting a specially crafted archive, a remote attacker could create files in arbitrary locations, possibly leading to code execution.

It was discovered that the NVIDIA GPU display driver for the Linux kernel incorrectly performed access control. A local attacker could use this issue to cause a denial of service, expose sensitive information, or escalate privileges. (CVE-2021-1076) It was discovered that the NVIDIA GPU display driver for the Linux kernel incorrectly performed reference counting. A local attacker could use this issue to cause a denial of service. (CVE-2021-1077)

It was discovered that Exim contained multiple security issues. An attacker could use these issues to cause a denial of service, execute arbitrary code remotely, obtain sensitive information, or escalate local privileges.

It was discovered that Django incorrectly handled certain filenames. A remote attacker could possibly use this issue to create or overwrite files in unexpected directories.

It was discovered that OpenVPN incorrectly handled certain data channel v2 packets. A remote attacker could possibly use this issue to inject packets using a victim's peer-id. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-11810) It was discovered that OpenVPN incorrectly handled deferred authentication. When a server is configured to use deferred authentication, a remote attacker could possibly use this issue to bypass authentication and access control channel data. (CVE-2020-15078)

USN-4918-1 fixed vulnerabilities in ClamAV. The updated package could fail to properly scan in some situations. This update fixes the problem. Original advisory details: It was discovered that ClamAV incorrectly handled parsing Excel documents. A remote attacker could possibly use this issue to cause ClamAV to hang, resulting in a denial of service. (CVE-2021-1252) It was discovered that ClamAV incorrectly handled parsing PDF documents. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2021-1404) It was discovered that ClamAV incorrectly handled parsing email. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. (CVE-2021-1405)

Steven French discovered that Samba incorrectly handled ChangeNotify permissions. A remote attacker could possibly use this issue to obtain file name information. (CVE-2020-14318) Bas Alberts discovered that Samba incorrectly handled certain winbind requests. A remote attacker could possibly use this issue to cause winbind to crash, resulting in a denial of service. (CVE-2020-14323) Francis Brosnan Blázquez discovered that Samba incorrectly handled certain invalid DNS records. A remote attacker could possibly use this issue to cause the DNS server to crash, resulting in a denial of service. (CVE-2020-14383) Peter Eriksson discovered that Samba incorrectly handled certain negative idmap cache entries. This issue could result in certain users gaining unauthorized access to files, contrary to expected behaviour. (CVE-2021-20254)

Peter Eriksson discovered that Samba incorrectly handled certain negative idmap cache entries. This issue could result in certain users gaining unauthorized access to files, contrary to expected behaviour.

Greg Kuechle discovered that Bind incorrectly handled certain incremental zone updates. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2021-25214) Siva Kakarla discovered that Bind incorrectly handled certain DNAME records. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. (CVE-2021-25215) It was discovered that Bind incorrectly handled GSSAPI security policy negotiation. A remote attacker could use this issue to cause Bind to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-25216)

It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to cause access sensitive information or cause a crash. (CVE-2021-3497) It was discovered that GStreamer Good Plugins incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code or cause a crash. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. (CVE-2021-3498)

USN-4913-1 fixed vulnerabilities in Underscore. This update provides the corresponding updates for Ubuntu 21.04. Original advisory details: It was discovered that Underscore incorrectly handled certain inputs. An attacker could possibly use this issue to inject arbitrary code.

It was discovered that OpenJDK incorrectly verified Jar signatures. An attacker could possibly use this issue to bypass intended security restrictions when using Jar files signed with a disabled algorithm.

USN-4922-1 fixed a vulnerability in Ruby. This update provides the corresponding update for Ubuntu 21.04. Original advisory details: Juho Nurminen discovered that the REXML gem bundled with Ruby incorrectly parsed and serialized XML documents. A remote attacker could possibly use this issue to perform an XML round-trip attack.