Ubuntu Security Notices

Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package.

To report a security vulnerability in an Ubuntu package, please contact the Security Team.

The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.

Search

Release:

Details contain:

Latest Notices

USN-7079-1: WebKitGTK vulnerabilities ›

22 October 2024

Several security issues were fixed in WebKitGTK.

CVE-2024-40866 , CVE-2024-44187

USN-7078-1: Firefox vulnerability ›

22 October 2024

Firefox could be made to crash or run programs as your login

CVE-2024-9936

Ubuntu 20.04 LTS

USN-7072-2: Linux kernel (GKE) vulnerabilities ›

21 October 2024

Several security issues were fixed in the Linux kernel.

CVE-2024-27397 , CVE-2024-38630 , CVE-2024-45016

Ubuntu 22.04 LTS

USN-7062-2: libgsf vulnerabilities ›

21 October 2024

libgsf could be made to run programs as your login if it opened a specially crafted file.

CVE-2024-42415 , CVE-2024-36474

Ubuntu 24.10

USN-7042-3: cups-browsed vulnerability ›

21 October 2024

cups-browsed could be made to run programs if it received specially crafted network traffic.

CVE-2024-47176

Ubuntu 24.10

USN-7077-1: AMD Microcode vulnerability ›

21 October 2024

AMD processors may allow a privileged local attacker to further escalate their privileged and execute arbitrary code within the processor's firmware layer.

CVE-2023-31315