Ubuntu Security Notices

Developers issue an Ubuntu Security Notice when a security issue is fixed in an official Ubuntu package. You can find additional guidance for high-profile vulnerabilities in the Ubuntu Vulnerability Knowledge Base section.

To report a security vulnerability in an Ubuntu package, please contact the Security Team.

The Security Team also produces OVAL files for each Ubuntu release. These are an industry-standard machine-readable format dataset that contain details of all known security vulnerabilities and fixes relevant to the Ubuntu release, and can be used to determine whether a particular patch is appropriate. OVAL files can also be used to audit a system to check whether the latest security fixes have been applied.

Search

Release:

Details contain:

Latest Notices

USN-7267-2: libsndfile vulnerability ›

25 February 2025

libsndfile could be made to crash if it opened a specially crafted file.

USN-7262-2: Linux kernel (KVM) vulnerabilities ›

24 February 2025

Several security issues were fixed in the Linux kernel.

CVE-2024-41020 , CVE-2024-41066 , CVE-2024-42252 , and 7 others

Ubuntu 16.04 ESM

USN-7289-1: Linux kernel vulnerabilities ›

24 February 2025

Several security issues were fixed in the Linux kernel.

CVE-2024-50036 , CVE-2024-50208 , CVE-2024-50072 , and 100 others

Ubuntu 22.04 LTS

USN-7288-1: Linux kernel vulnerabilities ›

24 February 2025

Several security issues were fixed in the Linux kernel.

CVE-2024-50036 , CVE-2024-50208 , CVE-2024-50072 , and 101 others

Ubuntu 22.04 LTS

USN-7287-1: libcap2 vulnerability ›

24 February 2025

libcap2 would allow unintended capabilities.

USN-7286-1: iniParser vulnerability ›

24 February 2025

iniparser could be made to crash if it opened a specially crafted file.

USN-7285-1: nginx vulnerability ›

24 February 2025

Several security issues were fixed in nginx.

USN-7269-2: Intel Microcode vulnerabilities ›

24 February 2025

Several security issues were fixed in Intel Microcode.

CVE-2024-39279 , CVE-2024-36293 , CVE-2024-31068

Ubuntu 24.04 LTS

USN-7284-1: Netty vulnerabilities ›

24 February 2025

Several security issues were fixed in Netty.

CVE-2022-24823 , CVE-2024-29025

USN-7282-1: tomcat7 vulnerabilities ›

21 February 2025

tomcat7 could be made to execute arbitrary code.

CVE-2017-12616 , CVE-2017-12617

Ubuntu 16.04 ESM

Subscribe

20
21
22
23
24

Subscribe

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading