Ubuntu Security Notices

Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package. You can find additional guidance for high-profile vulnerabilities in the Ubuntu Vulnerability Knowledge Base section.

To report a security vulnerability in an Ubuntu package, please contact the Security Team.

The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.

Subscribe for updates  

Mailing list Atom RSS

Search USNs

USN ID, name, description or CVE ID contains

Filter by Ubuntu release

1911 - 1920 of 2817 results

USN-4705-1: Sudo vulnerabilities

26 January 2021

Several security issues were fixed in Sudo.

  • Ubuntu 20.10 ,
  • 20.04 LTS,
  • 18.04 LTS,
  • 16.04 LTS

CVE ID

CVE-2021-3156, CVE-2021-23239

LSN-0074-1: Kernel Live Patch Security Notice

26 January 2021

Several security issues were fixed in the kernel.

  • Ubuntu 20.04 LTS,
  • 18.04 LTS,
  • 16.04 LTS,
  • 14.04 LTS

CVE ID

CVE-2020-28374, CVE-2020-12352, CVE-2020-25645 + 1 other

USN-4703-1: Mutt vulnerability

25 January 2021

Mutt could be made to denial of service if it received a specially crafted email message.

  • Ubuntu 20.10 ,
  • 20.04 LTS,
  • 18.04 LTS,
  • 16.04 LTS

CVE ID

CVE-2021-3181

USN-4689-4: Linux kernel update

21 January 2021

Several security issues were fixed in NVIDIA graphics drivers.

  • Ubuntu 20.10 ,
  • 20.04 LTS,
  • 18.04 LTS

CVE ID

CVE-2021-1053, CVE-2021-1052

USN-4689-3: NVIDIA graphics drivers vulnerabilities

20 January 2021

Several security issues were fixed in NVIDIA graphics drivers.

  • Ubuntu 20.10 ,
  • 20.04 LTS,
  • 18.04 LTS

CVE ID

CVE-2021-1053, CVE-2021-1052

USN-4700-1: PyXDG vulnerability

19 January 2021

PyXDG could be made to run programs as your login if it received specially crafted input.

  • Ubuntu 18.04 LTS,
  • 16.04 LTS,
  • 14.04 LTS

CVE ID

CVE-2019-12761

USN-4699-1: Apache Log4net vulnerability

19 January 2021

Apache Log4net could made to expose sensitive information if it received a specially crafted configuration file.

  • Ubuntu 20.10 ,
  • 20.04 LTS,
  • 18.04 LTS,
  • 16.04 LTS

CVE ID

CVE-2018-1285

USN-4698-1: Dnsmasq vulnerabilities

19 January 2021

Several security issues were fixed in Dnsmasq.

  • Ubuntu 20.10 ,
  • 20.04 LTS,
  • 18.04 LTS,
  • 16.04 LTS

CVE ID

CVE-2020-25684, CVE-2020-25683, CVE-2020-25686 + 5 others

USN-4697-1: Pillow vulnerabilities

18 January 2021

Pillow could be made to crash or run programs as your login if it opened a specially crafted file.

  • Ubuntu 20.10 ,
  • 20.04 LTS,
  • 18.04 LTS,
  • 16.04 LTS

CVE ID

CVE-2020-35655, CVE-2020-35654, CVE-2020-35653

USN-4696-1: HTMLDOC vulnerability

18 January 2021

HTMLDOC could be made to denial of service if it received a specially crafted HTML file.

  • Ubuntu 18.04 LTS,
  • 16.04 LTS

CVE ID

CVE-2019-19630

  1. Previous page
  2. 190
  3. 191
  4. 192
  5. 193
  6. 194
  7. Next page

Resources

Join the discussion

Further reading

Get up to 15 years of security
maintenance for your new or established systems

Get up to 15 years of security maintenance for your entire Ubuntu Archive. Keep your systems stable with security backporting and avoid forced upgrades.

Find out more about Ubuntu Pro ›
Learn more about ESM and our legacy add-on ›