Questions tagged [security]
Security covers a wide-ranging set of topics including Users, Permissions, Authentication, Authorisation, Upgrades, Firewalling, Hardening, etc.
2,595 questions
-1
votes
0
answers
223
views
Does the recent attack on Ubuntu infrastructure put Ubuntu computers under security risk?
Is it known whether the recent attacks (see Ubuntu Infrastructure not responding, returning 503 or other errors) on the whole Ubuntu infrastructure (official Websites/snapcraft/Launchpad) cause any ...
- 41.8k
17
votes
2
answers
10k
views
How do I fix CVE-2026-31431 on Ubuntu 24.04 LTS?
We are running a bunch of containers for a cyber security teaching environment, where students can execute arbitrary commands (unprivileged).
Our system (Ubuntu 24.04.4 LTS) is affected by the ...
- 351
0
votes
2
answers
52
views
What are the security risks on a non-encrypted system? [closed]
I was installing Ubuntu and noticed the option to encrypt the system, which made me wonder what exactly the advantages of encryption are. I have very little technical knowledge and I wanted to know ...
- 1
1
vote
1
answer
159
views
How to enable Firefox to display local HTML files -- file: URLs -- that are only referenced locally?
For security reasons, Firefox and other browsers block local file: URLs like file:///tmp/foo.html that are linked from external web pages. That makes sense to me. But it also blocks access to file: ...
- 91
-1
votes
1
answer
94
views
Downsides to only asking for the unencryption key when logging in Ubuntu?
Because I encrypted the drive and I'm already asked to enter a password at system boot, I wondered what downsides could arise if I check the 'automatic login' option for my user, as this would ...
- 191
0
votes
1
answer
113
views
Ubuntu 24.04 How to update python3 3.12.3 for CVE-2025-4517? [duplicate]
My company's SOC has tagged my Ubuntu 24.04 default python3 3.12.3 with CVE https://www.cve.org/CVERecord?id=CVE-2025-4517
According to cve.org, to remediate the CVE I must upgrade python3 to at least ...
2
votes
1
answer
219
views
Hardening GRUB in Ubuntu 24.04 [duplicate]
Is it possible to configure grub in Ubuntu 24.04 so that the default boot menu can start without asking for a password, but restrict all other actions with a password requirement, specifically:
...
- 21
0
votes
1
answer
82
views
Ubuntu 22.04 CVE-2025-37899 vulnerability remediation
I'm looking for a solution for Ubuntu 22.04 CVE-2025-37899 remediation as a new kernel is not available.
Kernel version: 6.8.0-1044-azure
VERSION="22.04.5 LTS (Jammy Jellyfish)"
- 11
1
vote
1
answer
67
views
Leaving Secure Boot key in the system
I was trying to run Ubuntu from a USB thumb drive, and as part of that I enrolled a key into my device’s UEFI settings (key database?). I did not install Ubuntu. I was just running the disk utility ...
- 211
-2
votes
1
answer
122
views
Downloads from https://launchpad.net/ubuntu or https://packages.debian.org really insecure?
If a newer version for a package was missing in my Debian or Ubuntu distribution, for many years, I would visit https://launchpad.net/ubuntu or https://packages.debian.org, search for the package, ...
- 117
0
votes
1
answer
80
views
How to upgrade from HSI:0 to HSI:1 in Ubuntu 24.04lts
I'm currently at HSI:0 (High Speed Synchronous Serial Interface level 0) and would like to somehow upgrade it to HSI:1. My TPM is 1.2 and not upgradable - is this even possible?
BTW - Running Ubuntu ...
- 536
1
vote
0
answers
103
views
Why patches for CVEs like (2021-26291 and 2024-45337) not availabe for standard Ubuntu?
The patches for CVE-2021-26291 and CVE-2024-45337 are only available for the Ubuntu Pro subscription packages, even though Ubuntu support page mentions: The initial 5 years of standard security ...
- 11
185
votes
2
answers
202k
views
Installing python: who is deadsnakes and why should I trust them?
I want to install Python 3.9 on my Ubuntu 20.04, and all tutorials I can find include a step as follows:
sudo add-apt-repository ppa:deadsnakes/ppa
I am concerned about security. I've looked into ...
- 2,063
2
votes
0
answers
171
views
Security update -- Do I REALLY need to reinstall all my drivers?
Today, my computer would not turn on. I opened her up, took out the RAM, blew on it, and stuck it back in. This caused my computer to turn on, but in the wrong resolution, and with no access to its ...
- 121
0
votes
1
answer
103
views
Why are CVEs resolved first for latest, and not for LTS versions?
As many of us use LTS versions in production environments, I really find it appalling that you are first fixing the CVEs for the latest version, while LTS version is not even touched from that ...
