10801 matches found
USN-7159-4: Linux kernel (IoT) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...
USN-7178-1: DPDK vulnerability
It was discovered that DPDK incorrectly handled the Vhost library checksum offload feature. An malicious guest could possibly use this issue to cause the hypervisor's vSwitch to crash, resulting in a denial of service...
LSN-0108-1: Kernel Live Patch Security Notice
In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt request goes to the backlog and cryptoaeaddecrypt returns -EBUSY, tlsdodecryption will wait until all async decryptions have completed. If one of them fails,...
USN-7177-1: YARA vulnerability
It was discovered that YARA did not properly sanitize its configuration settings. An attacker could potentially exploit this issue to cause a denial of service...
USN-7169-2: Linux kernel (GCP) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...
USN-7172-1: libvpx vulnerability
It was discovered that libvpx did not properly handle certain malformed media files. If an application using libvpx opened a specially crafted file, a remote attacker could cause a denial of service, or possibly execute arbitrary code. Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, and...
USN-7176-1: GStreamer Good Plugins vulnerabilities
Antonio Morales discovered that GStreamer Good Plugins incorrectly handled certain malformed media files. An attacker could use these issues to cause GStreamer Good Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-7175-1: GStreamer Base Plugins vulnerabilities
Antonio Morales discovered that GStreamer Base Plugins incorrectly handled certain malformed media files. An attacker could use these issues to cause GStreamer Base Plugins to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-7174-1: GStreamer vulnerability
Antonio Morales discovered that GStreamer incorrectly handled allocating memory for certain buffers. An attacker could use this issue to cause GStreamer to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-7171-1: PHPUnit vulnerability
It was discovered that PHPUnit incorrectly handled web requests if exposed to the internet. An attacker could possibly use this issue to achive remote code execution or obtain sensitive information...
USN-7168-1: EditorConfig vulnerabilities
It was discovered that EditorConfig improperly managed memory when handling certain inputs, leading to overflows. An attacker could possibly use these issues to cause a denial of service, or execute arbitrary code...
USN-7159-3: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...
USN-7166-2: Linux kernel (AWS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI...
USN-7173-1: Linux kernel vulnerabilities
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Several security issues were discover...
USN-7170-1: Linux kernel (OEM) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - GPU drivers; - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49914, CVE-2024-4991...
USN-7169-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...
USN-7167-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-50264, CVE-2024-49967, CVE-2024-530...
USN-7159-2: Linux kernel (AWS) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...
USN-7166-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - RISC-V architecture; - S390 architecture; - x86 architecture; - Block layer subsystem; - ACPI...
USN-7165-1: Spring Framework vulnerability
It was discovered that the Spring Framework incorrectly handled web requests via data binding. An attacker could possibly use this issue to achieve remote code execution and obtain sensitive information...
USN-7164-1: ImageMagick vulnerability
It was discovered that ImageMagick incorrectly handled certain malformed files. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly exploit this to cause a denial of service...
USN-7163-1: Linux kernel vulnerability
A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system. This update corrects flaws in the following subsystem: - Network traffic control;...
USN-7161-1: Docker vulnerabilities
Yair Zak discovered that Docker could unexpectedly forward DNS requests from internal networks in an unexpected manner. An attacker could possibly use this issue to exfiltrate data by encoding information in DNS queries to controlled nameservers. This issue was only addressed for the source packa...
USN-7162-1: curl vulnerability
Harry Sintonen discovered that curl incorrectly handled credentials from .netrc files when following HTTP redirects. In certain configurations, the password for the first host could be leaked to the followed-to host, contrary to expectations...
USN-7160-1: Mpmath vulnerability
It was discovered Mpmath incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause Mpmath to consume resources, leading to a denial of service...
USN-7157-2: PHP regression
USN-7157-1 fixed vulnerabilities in PHP. The patch for CVE-2024-8932 caused a regression in php7.4. This update fixes the problem. Original advisory details: It was discovered that PHP incorrectly handled certain inputs when processed with convert.quoted-printable decode filters. An attacker coul...
USN-7157-1: PHP vulnerabilities
It was discovered that PHP incorrectly handled certain inputs when processed with convert.quoted-printable decode filters. An attacker could possibly use this issue to expose sensitive information or cause a crash. CVE-2024-11233 It was discovered that PHP incorrectly handled certain HTTP request...
USN-7158-1: Smarty vulnerabilities
It was discovered that Smarty incorrectly handled query parameters in requests. An attacker could possibly use this issue to inject arbitrary Javascript code, resulting in denial of service or potential execution of arbitrary code. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubun...
USN-7159-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM32 architecture; - ARM64 architecture; - S390 architecture; - x86 architecture; - Power management core; - GPU...
USN-7156-1: Linux kernel (GKE) vulnerabilities
Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. CVE-2024-25741 Several security issues were discovered in the Linux kernel. An...
USN-7155-1: Linux kernel (NVIDIA) vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; -...
USN-7154-1: Linux kernel vulnerabilities
Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; -...
USN-7153-1: PHP vulnerability
It was discovered that PHP incorrectly handled long string inputs in two database drivers. An attacker could possibly use this issue to write files in locations they would not normally have access to. CVE-2024-11236...
USN-7108-2: AsyncSSH vulnerabilities
USN-7108-1 fixed vulnerabilities in AysncSSH. This update provides the corresponding update for Ubuntu 18.04 LTS. Original advisory details: Fabian Bäumer, Marcus Brinkmann, and Jörg Schwenk discovered that AsyncSSH did not properly handle the extension info message. An attacker able to intercept...
USN-7151-1: oFono vulnerabilities
It was discovered that oFono incorrectly handled decoding SMS messages leading to a stack overflow. A remote attacker could potentially use this issue to cause a denial of service. CVE-2023-4232, CVE-2023-4235...
USN-7150-1: Tornado vulnerabilities
It was discovered that Tornado incorrectly handled a certain redirect. A remote attacker could possibly use this issue to redirect a user to an arbitrary web site and conduct a phishing attack by having the user access a specially crafted URL. This issue was only addressed in Ubuntu 22.04 LTS,...
USN-7149-1: Intel Microcode vulnerabilities
Avraham Shalev and Nagaraju N Kodalapura discovered that some IntelR XeonR processors did not properly restrict access to the memory controller when using IntelR SGX. This may allow a local privileged attacker to further escalate their privileges. CVE-2024-21820, CVE-2024-23918 It was discovered...
USN-7148-1: Linux kernel vulnerabilities
Lyu Tao discovered that the NFS implementation in the Linux kernel did not properly handle requests to open a directory on a regular file. A local attacker could use this to expose sensitive information kernel memory. Several security issues were discovered in the Linux kernel. An attacker could...
USN-7147-1: Apache Shiro vulnerabilities
It was discovered that Apache Shiro incorrectly handled path traversal when used with other web frameworks or path rewriting. An attacker could possibly use this issue to obtain sensitive information or administrative privileges. This update provides the corresponding fix for Ubuntu 24.04 LTS and...
USN-7146-1: Dogtag PKI vulnerabilities
Christina Fu discovered that Dogtag PKI accidentally enabled a mock authentication plugin by default. An attacker could potentially use this flaw to bypass the regular authentication process and trick the CA server into issuing certificates. This issue only affected Ubuntu 16.04 LTS. CVE-2017-753...
USN-7145-1: Expat vulnerability
It was discovered that Expat did not properly handle its internal state when attempting to resume an unstarted parser. An attacker could use this issue to cause a denial of service application crash...
USN-7141-1: oFono vulnerabilities
It was discovered that oFono incorrectly handled decoding SMS messages leading to a stack overflow. A remote attacker could potentially use this issue to cause a denial of service. CVE-2023-2794, CVE-2023-4233, CVE-2023-4234...
USN-7144-1: Linux kernel (Intel IoTG) vulnerabilities
Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a deni...
USN-7143-1: RabbitMQ Server vulnerabilities
Christian Rellmann discovered that RabbitMQ Server did not properly sanitize user input when adding a new user via the management UI. An attacker could possibly use this issue to perform cross site scripting and obtain sensitive information. CVE-2021-32718 Fahimhusain Raydurg discovered that...
USN-7142-1: WebKitGTK vulnerabilities
Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and...
USN-7140-1: Tinyproxy vulnerability
It was discovered that Tinyproxy did not properly manage memory under certain circumstances. An attacker could possibly use this issue to leak left-over heap data if custom error page templates containing special non-standard variables are used...
USN-7117-3: needrestart regression
USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem for LXC containers. We apologize for the inconvenience. Original advisory details: Qualys discovered that needrestart passed unsanitized data to a library...
USN-7139-1: Apache Shiro vulnerability
It was discovered that Apache Shiro used a static cipher within the "Remember Me" feature inside authentication by default. An attacker could possibly use this issue to achieve remote code execution or obtain sensitive information...
USN-7138-1: Ghostscript vulnerabilities
It was discovered that Ghostscript incorrectly handled parsing certain PS files. An attacker could use this issue to cause Ghostscript to crash, resulting in a denial of service, or possibly execute arbitrary code...
USN-7137-1: recutils vulnerabilities
It was discovered that recutils incorrectly handled memory when parsing comments with the recparser utility. An attacker could possibly use this issue to cause a denial of service or run arbitrary commands. CVE-2021-46019, CVE-2021-46021, CVE-2021-46022 It was discovered that recutils incorrectly...