Ubuntu Security Notices

Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package.

To report a security vulnerability in an Ubuntu package, please contact the Security Team.

The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.

Search

Release:

Details contain:

Latest Notices

USN-7226-1: Cacti vulnerability ›

23 January 2025

Cacti could be made to crash or run programs if it received specially crafted network traffic.

USN-7205-2: Django vulnerability ›

23 January 2025

Django could be made to cause a denial of service if it received a specially crafted IPv6 string.

Ubuntu 18.04 ESM

USN-7224-1: Cyrus IMAP Server vulnerabilities ›

22 January 2025

Several security issues were fixed in Cyrus IMAP Server.

CVE-2024-34055 , CVE-2019-18928 , CVE-2021-33582

USN-7223-1: OpenJPEG vulnerabilities ›

22 January 2025

OpenJPEG could be made to crash or run programs if it opened a specially crafted file.

CVE-2024-56826 , CVE-2024-56827

USN-7222-1: BlueZ vulnerabilities ›

22 January 2025

BlueZ could be made to run programs as an administrator if it connected to a malicious Bluetooth device.

CVE-2023-50229 , CVE-2023-50230

USN-7221-1: Linux kernel (OEM) vulnerabilities ›

21 January 2025

Several security issues were fixed in the Linux kernel.

CVE-2024-56757 , CVE-2024-53238

Ubuntu 24.04 LTS

USN-7220-1: Vim vulnerability ›

21 January 2025

Vim could be made to crash or run programs if it received specially crafted input.

USN-7219-1: Python vulnerability ›

20 January 2025

Python could be made to consume resources if it received specially crafted network traffic.

USN-7218-1: Python vulnerability ›

20 January 2025

Python could allow Server-Side Request Forgery attacks.

USN-7166-4: Linux kernel (Xilinx ZynqMP) vulnerabilities ›

20 January 2025

Several security issues were fixed in the Linux kernel.

CVE-2024-49927 , CVE-2024-36893 , CVE-2024-49856 , and 164 others

Ubuntu 22.04 LTS

Subscribe

1
2
3
4
5

Subscribe

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading