Skip to main content

Your submission was sent successfully! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates from Canonical and upcoming events where you can meet our team.Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

Blog posts tagged
"Vulnerabilities"


Matthew de Klerk
12 December 2024

What is vulnerability management?

Security Article

Vulnerability management is the holistic process of identifying and handling security risks in an organization’s networks, systems and devices. Vulnerability management serves an overarching strategy that describes and outlines the many individual efforts and steps taken to reduce cyber incident risk to acceptable levels and improve overa ...


eslerm
19 November 2024

Needrestart local privilege escalation vulnerability fixes available

Ubuntu Article

Qualys discovered vulnerabilities which allow a local attacker to gain root privileges in the needrestart package (CVE-2024-48990, CVE-2024-48991, CVE-2024-48992, and CVE-2024-11003) and a related issue in libmodule-scandeps-perl (CVE-2024-10224). The vulnerabilities affect Debian, Ubuntu and other Linux distributions. Canonical’s securit ...


Luci Stanescu
26 September 2024

CUPS Remote Code Execution Vulnerability Fix Available

Ubuntu Article

Four CVE IDs have been assigned that together form an high-impact exploit chain surrounding CUPS: CVE-2024-47076, CVE-2024-47175, CVE-2024-47176 and CVE-2024-47177. Canonical’s security team has released updates for the cups-browsed, cups-filters, libcupsfilters and libppd packages for all supported Ubuntu LTS releases. The updates remedi ...


Diogo Sousa
21 August 2024

How Ubuntu keeps you secure with KEV prioritisation

Security Article

The Known Exploited Vulnerabilities Catalog (KEV) is a database published by the US Cybersecurity and Infrastructure Security Agency (CISA) that serves as a reference to help organisations better manage vulnerabilities and keep pace with threat activity.By having a commitment to prioritise vulnerabilities contained in the KEV, Ubuntu is p ...


Luci Stanescu
3 July 2024

What you need to know about regreSSHion: an OpenSSH server remote code execution vulnerability (CVE-2024-6387)

Security Security

Details about the high-impact CVE-2024-6387 vulnerability, nicknamed regreSSHion, and the Ubuntu fix released on the CRD. ...


Henry Coggill
3 November 2023

Meet Cyber Essentials requirements with Ubuntu Pro

Hardening Article

Cyber Essentials is an increasingly important security standard within the UK that allows organisations to demonstrate to their customers that they operate their business in a secure and trustworthy manner. Achieving the Cyber Essentials certification helps businesses win new customers and  stand out amongst their peers. It is a requireme ...


Lech Sandecki
3 October 2023

Zenbleed vulnerability fix for Ubuntu

Cloud and server Article

On 24 July 2023, security researchers from Google’s Information Security Engineering team disclosed a hardware vulnerability affecting AMD’s Zen 2 family of microprocessors. They dubbed this vulnerability “Zenbleed” (CVE-2023-20593), evoking memories of previous vulnerabilities like HeartBleed and hinting at its possible impact. In respon ...


Canonical
16 December 2021

Log4Shell: Log4j remote code execution vulnerability

Security Article

Last updated on 18th January 2022 to include the latest vulnerability updates. A high impact vulnerability was discovered in Apache Log4j 2, a widely deployed software component used by a lot of Java applications to facilitate logging. An attacker who can control the log messages or their parameters can cause the application to execute ar ...


Florencia Cabral Berenfus
15 December 2021

Security vulnerabilities on the Data Distribution Service (DDS)

Robotics Article

Learn more about DDS, and how to stay protected while using it If you are currently running the Robot Operating System 2 (ROS 2), this piece is especially relevant to the security of your robots. A few weeks ago, a group of security researchers reported 13 security vulnerabilities affecting some of the most used implementations ...


Lech Sandecki
28 October 2021

Enhance the security of your open-source applications and share feedback

Ubuntu Article

Are you spending time on high-impact, high-value activities, or are you constantly derailed by maintenance, support, and deployment challenges? Does your organisation consume open-source software that needs security patching? Where do you get the security updates from, and how do you track what’s available? Are you responsible for vulnera ...


Linux kernel Livepatching

Cloud and server Article

Ubuntu Livepatch is the service and the software that enables organizations to quickly patch vulnerabilities on the Ubuntu Linux kernels. Livepatch provides uninterrupted service while reducing fire drills during high and critical severity kernel vulnerabilities. It is a complex technology and the details can be confusing, so in this post ...


Nikos Mavrogiannopoulos
30 March 2021

What lies on the second phase of Ubuntu LTS? Two years of Ubuntu 14.04 in ESM

Security Article

Two years ago, we launched the Extended Security Maintenance (ESM) phase of Ubuntu 14.04, providing access to CVE patches through an Ubuntu Advantage for Infrastructure free or paid subscription. This phase extended the lifecycle of Ubuntu 14.04 LTS, released in April 2014, to a total of ten years, ending in April 2024. During the ESM ...


  1. Previous page
  2. 1
  3. 2
  4. Next page