Canonical Ubuntu Linux vulnerabilities

CVE-2017-13080 [MEDIUM] CWE-323 CVE-2017-13080: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during t Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the group key handshake, allowing an attacker within radio range to replay frames from access points to clients.

CVE-2017-13079 [MEDIUM] CWE-323 CVE-2017-13079: Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integr Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the four-way handshake, allowing an attacker within radio range to spoof frames from access points to clients.

CVE-2017-13078 [MEDIUM] CWE-323 CVE-2017-13078: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during t Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Group Temporal Key (GTK) during the four-way handshake, allowing an attacker within radio range to replay frames from access points to clients.

CVE-2017-13077 [MEDIUM] CWE-330 CVE-2017-13077: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temp Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Pairwise Transient Key (PTK) Temporal Key (TK) during the four-way handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

CVE-2017-13081 [MEDIUM] CWE-323 CVE-2017-13081: Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integr Wi-Fi Protected Access (WPA and WPA2) that supports IEEE 802.11w allows reinstallation of the Integrity Group Temporal Key (IGTK) during the group key handshake, allowing an attacker within radio range to spoof frames from access points to clients.

CVE-2017-13084 [MEDIUM] CWE-323 CVE-2017-13084: Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Tr Wi-Fi Protected Access (WPA and WPA2) allows reinstallation of the Station-To-Station-Link (STSL) Transient Key (STK) during the PeerKey handshake, allowing an attacker within radio range to replay, decrypt, or spoof frames.

CVE-2017-12629 [CRITICAL] CWE-611 CVE-2017-12629: Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting X Remote code execution occurs in Apache Solr before 7.1 with Apache Lucene before 7.1 by exploiting XXE in conjunction with use of a Config API add-listener command to reach the RunExecutableListener class. Elasticsearch, although it uses Lucene, is NOT vulnerable to this. Note that the XML external entity expansion vulnerability occurs in the XML

CVE-2017-15298 [MEDIUM] CWE-400 CVE-2017-15298: Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denia Git through 2.14.2 mishandles layers of tree objects, which allows remote attackers to cause a denial of service (memory consumption) via a crafted repository, aka a Git bomb. This can also have an impact of disk consumption; however, an affected process typically would not survive its attempt to build the data structure in memory before writing to

CVE-2017-15281 [HIGH] CWE-119 CVE-2017-15281: ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of ser ReadPSDImage in coders/psd.c in ImageMagick 7.0.7-6 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted file, related to "Conditional jump or move depends on uninitialised value(s)."

CVE-2017-0903 [CRITICAL] CWE-502 CVE-2017-0903: RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulner RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability. YAML deserialization of gem specifications can bypass class white lists. Specially crafted serialized objects can possibly be used to escalate to remote code execution.

CVE-2017-2888 [HIGH] CWE-190 CVE-2017-2888: An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A An exploitable integer overflow vulnerability exists when creating a new RGB Surface in SDL 2.0.5. A specially crafted file can cause an integer overflow resulting in too little memory being allocated which can lead to a buffer overflow and potential code execution. An attacker can provide a specially crafted image file to trigger this vulnerability.

CVE-2014-9092 [MEDIUM] CWE-119 CVE-2014-9092: libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafte libjpeg-turbo before 1.3.1 allows remote attackers to cause a denial of service (crash) via a crafted JPEG file, related to the Exif marker.

CVE-2017-15217 [MEDIUM] CWE-772 CVE-2017-15217: ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c. ImageMagick 7.0.7-2 has a memory leak in ReadSGIImage in coders/sgi.c.

CVE-2017-15218 [MEDIUM] CWE-772 CVE-2017-15218: ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c. ImageMagick 7.0.7-2 has a memory leak in ReadOneJNGImage in coders/png.c.

CVE-2017-15032 [CRITICAL] CWE-772 CVE-2017-15032: ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c. ImageMagick version 7.0.7-2 contains a memory leak in ReadYCBCRImage in coders/ycbcr.c.

CVE-2017-15015 [HIGH] CWE-476 CVE-2017-15015: ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in PDFDelegateMessage in coders/pdf.c.

CVE-2017-15016 [HIGH] CWE-476 CVE-2017-15016: ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/em ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadEnhMetaFile in coders/emf.c.

CVE-2017-15033 [HIGH] CWE-772 CVE-2017-15033: ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c. ImageMagick version 7.0.7-2 contains a memory leak in ReadYUVImage in coders/yuv.c.

CVE-2017-15017 [HIGH] CWE-476 CVE-2017-15017: ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/pn ImageMagick 7.0.7-0 Q16 has a NULL pointer dereference vulnerability in ReadOneMNGImage in coders/png.c.

CVE-2017-14491 [CRITICAL] CWE-787 CVE-2017-14491: Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of servi Heap-based buffer overflow in dnsmasq before 2.78 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a crafted DNS response.