Ubuntu Security Notice 6606-1 - It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information.
7b9d61bb626e469fa6a211001e9c00d7fdd18aa20f3fbf87c320c90b5853f103Ubuntu Security Notice 6605-1 - Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information.
cdb12864a59aff826d39ce99319286459b3c2cc26a55968cce8994e8c4d8d20dUbuntu Security Notice 6604-1 - It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information.
d17c6353365258970841d80fc94ccc64beed6a1122b15a1bc1be29121160ed39Ubuntu Security Notice 6603-1 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information. Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
9fe186eef0aa6e0a6c7c161754052e49f62293ba385d9ccd44897abc7326341dUbuntu Security Notice 6602-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or execute arbitrary code.
e4ea46e063ed7320c58795d9803e3ac6d7fa5f331537b1801175adb5167bb09eUbuntu Security Notice 6601-1 - It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
cca79625b03d2bb1e94883b9d350917c326da4fe2ad588949119d92376aebd76Ubuntu Security Notice 6600-1 - Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.39 in Ubuntu 20.04 LTS, 10.6.16 in Ubuntu 22.04 LTS and 10.11.6 in Ubuntu 23.10. CVE-2022-47015 only affected the MariaDB packages in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
16c1095a14d9614f39b8bb44a170521da170553a595595a6e28eea3b61004115Ubuntu Security Notice 6599-1 - Yeting Li discovered that Jinja incorrectly handled certain regex. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that Jinja incorrectly handled certain HTML passed with xmlatter filter. An attacker could inject arbitrary HTML attributes keys and values potentially leading to XSS.
c4598e532c545a8d7a06e60082eca74ab86406a361138570c7495e31b23944fdRed Hat Security Advisory 2024-0530-03 - An update is now available for the Red Hat build of Cryostat 2 on RHEL 8. Issues addressed include a denial of service vulnerability.
1f3ad6f77ab6b4d3afdfac0816f95a171bf65805aea9b756b7b663ee63c7d6a9Red Hat Security Advisory 2024-0500-03 - An update for openssl is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
79ea5b662faf0d46f123482b6437eccc01739ac46cb2ae34fb71fc9700d2edbdRed Hat Security Advisory 2024-0499-03 - An update for libssh is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
ca24d6289d8a982597d3f2514213879395c4b7716d3efba7cb69afbfd9cf5fe7Red Hat Security Advisory 2024-0477-03 - An update for frr is now available for Red Hat Enterprise Linux 9. Issues addressed include an out of bounds read vulnerability.
0e4ea7e827876fcad8abf18b469606f0d0aec49ae054b80d32cc2cbd01c90e39Red Hat Security Advisory 2024-0474-03 - An update for tomcat is now available for Red Hat Enterprise Linux 9. Issues addressed include denial of service, information leakage, and open redirection vulnerabilities.
f93b882eddaffee5dafac1a17a664737c3bcb594ecb4028eac82158dcc78fc3cRed Hat Security Advisory 2024-0468-03 - An update for grub2 is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.
d7688836975def7a7a904a8dff1818935b2df13cd5fb4f7e3796a60864ca37d5Red Hat Security Advisory 2024-0466-03 - An update for python3.9 is now available for Red Hat Enterprise Linux 9.
fee6b8c5ed25918c773263bc37475a128af332da63631f21a83e18e24010445eRed Hat Security Advisory 2024-0465-03 - An update for sqlite is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer overflow vulnerability.
477f0343258b4863f2f758641a5d24a7a90a9675b0cca6ff1fe70c4c5af72728Red Hat Security Advisory 2024-0464-03 - An update for python-urllib3 is now available for Red Hat Enterprise Linux 9.
5e2d7a5624f97d20a6d70a2a3e5fdb17bfba7509f3c18063065f005ae58cf9e0Red Hat Security Advisory 2024-0463-03 - An update for rpm is now available for Red Hat Enterprise Linux 9.
1d949cd8db92cfa34b0c5f6638b7c5666c2a4b0b7646f98bb29899edf4c9aa9cRed Hat Security Advisory 2024-0461-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow, null pointer, and use-after-free vulnerabilities.
8a97eb13211dba27bd067364861d9d9f57b874b609d9ff24cb47628dbd668b96Red Hat Security Advisory 2024-0456-03 - An update for grub2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a bypass vulnerability.
8df03a50153d348b7a9523920f9931588088a0776e29e514ee69cf925bb4f6d7Red Hat Security Advisory 2024-0455-03 - An update for openssh is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a code execution vulnerability.
c5e3227243298a1e3bb59ac48643d3fe6e16b93315e9aa5aff8cb788c2e02d3eRed Hat Security Advisory 2024-0454-03 - An update for python3.9 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
fb4796b5011bcacfd3f53861ff3c07310778163054f0afa8e8bae1516f92a1b7Red Hat Security Advisory 2024-0453-03 - An update for rpm is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
cac9bd6523e37734d6a91d5c65bc53416562e9860776e32f3776aa9604726dfaRed Hat Security Advisory 2024-0452-03 - An update for curl is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an information leakage vulnerability.
59e2662368262e84ce86198718c9a8669a00a1a3d43ce9d6de4d7098796c8675Red Hat Security Advisory 2024-0451-03 - An update for gnutls is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
52e676e3e8a01ef2d811b076ad76a086174001e289f6b5100084fd05a1b2e146
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed