Ubuntu Security Notices
Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package. You can find additional guidance for high-profile vulnerabilities in the Ubuntu Vulnerability Knowledge Base section.
To report a security vulnerability in an Ubuntu package, please contact the Security Team.
The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.
Search USNs
USN ID, name, description or CVE ID contains
101 - 110 of 1256 results
26 September 2024
OpenJPEG could be made to crash if it opened a specially crafted file.
- Ubuntu 24.04 LTS,
- 22.04 LTS,
- 20.04 LTS,
- 18.04 LTS,
- 16.04 LTS
CVE ID
26 September 2024
Several security issues were fixed in Rack.
- Ubuntu 22.04 LTS
CVE ID
CVE-2024-25126, CVE-2024-26146, CVE-2023-27539 + 7 others
25 September 2024
AppArmor restrictions could be bypassed for rules allowing mount operations
- Ubuntu 22.04 LTS,
- 20.04 LTS
CVE ID
25 September 2024
The CA certificates in the ca-certificates package were updated.
- Ubuntu 22.04 LTS,
- 20.04 LTS
25 September 2024
Several security issues were fixed in Intel Microcode.
- Ubuntu 24.04 LTS,
- 22.04 LTS,
- 20.04 LTS,
- 18.04 LTS,
- 16.04 LTS
CVE ID
24 September 2024
Tomcat could allow unintended access to network services.
- Ubuntu 24.04 LTS,
- 22.04 LTS,
- 20.04 LTS,
- 18.04 LTS
CVE ID
24 September 2024
Puma could be made to overwrite headers if it received specially crafted network traffic.
- Ubuntu 22.04 LTS,
- 20.04 LTS
CVE ID
24 September 2024
py7zr could be made to create arbitrary files when extracting the contents of a specially crafted 7z archive.
- Ubuntu 22.04 LTS
CVE ID
23 September 2024
Several security issues were fixed in the Linux kernel.
- Ubuntu 22.04 LTS,
- 20.04 LTS
CVE ID
CVE-2024-39494, CVE-2024-27012, CVE-2024-42160 + 5 others
23 September 2024
Several security issues were fixed in the Linux kernel.
- Ubuntu 22.04 LTS
CVE ID
CVE-2024-32936, CVE-2024-39490, CVE-2024-39483 + 224 others
Resources
Join the discussion
Canonical is offering
Expanded Security Maintenance
Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.