Ubuntu Security Notice 6247-1 - David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. It was discovered that the IDT 77252 ATM PCI device driver in the Linux kernel did not properly remove any pending timers during device exit, resulting in a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service or execute arbitrary code.
61a789330b36bb59452695c01cc71820e77a036e8d7f9331f88a8e22ffbd82e6Gentoo Linux Security Advisory 202305-33 - Multiple vulnerabilities have been found in OpenImageIO, the worst of which could result in arbitrary code execution. Versions greater than or equal to 2.4.6.0 are affected.
3dd527d2b5e7ca984a2b0a358b5b181b237ddce19dac490dbe16bf6d387b633dDebian Linux Security Advisory 5384-1 - Multiple security vulnerabilities have been discovered in OpenImageIO, a library for reading and writing images. Buffer overflows and out-of-bounds read and write programming errors may lead to a denial of service (application crash) or the execution of arbitrary code if a malformed image file is processed.
4463eef1c3286360b187dc7f4d59d0d98c35528325c4983df9515b40cce58dcbUbuntu Security Notice 5774-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service.
6e56ac06b223dab70c8cc4ea9d04b28dca6d246125512b3c713e93fc6e047549Ubuntu Security Notice 5758-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the video4linux driver for Empia based TV cards in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
256eadaaba2ca6b555ffdca188a01a32a38b8869b53454c79b3151aafb702dc1Ubuntu Security Notice 5728-3 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
ebafaab2d5db4b2842460331e69fe77801e170fb619cc3bd4e090cd8f02623deUbuntu Security Notice 5729-2 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an out-of-bounds read vulnerability in the x86 JIT compiler. A local attacker could possibly use this to cause a denial of service or expose sensitive information.
37ac683956be1298d59db7946f6bc8b7d7e2c0e7a850719e8ead2f51fc670c14Ubuntu Security Notice 5728-2 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
c3624c07f86cdfd2b3713a4f62018465ad2c42db0469b2ff000d4ff889d73b83Ubuntu Security Notice 5727-2 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. It was discovered that the KVM implementation in the Linux kernel did not properly handle virtual CPUs without APICs in certain situations. A local attacker could possibly use this to cause a denial of service.
198528c181d3d41c1c6d41390038b021e5a8bb3d1e1b1bda41b1f5b01c58e2b7Ubuntu Security Notice 5729-1 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. Hsin-Wei Hung discovered that the BPF subsystem in the Linux kernel contained an out-of-bounds read vulnerability in the x86 JIT compiler. A local attacker could possibly use this to cause a denial of service or expose sensitive information.
2ed9de86da2c1e7cc0b4f8970c86b427aa7bf63dcea72f209cebdcce6cd60b19Ubuntu Security Notice 5727-1 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. It was discovered that the KVM implementation in the Linux kernel did not properly handle virtual CPUs without APICs in certain situations. A local attacker could possibly use this to cause a denial of service.
c5aeb552da277840f0734207a89d8b35a628cfa276057d8cc68659f6540b4287Ubuntu Security Notice 5728-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
d0a1c25c6eb1d9a7ff69a8217addefb3508ac783bad0f3c1762570c079322a29Debian Linux Security Advisory 5254-1 - Multiple security issues were found in Django, a Python web development framework, which could result in denial of service, SQL injection or cross-site scripting.
f1deaa074be2780bc47f540868f469aef9215c48a81c548946be8c4d1bf75ee6Ubuntu Security Notice 5549-1 - It was discovered that Django incorrectly handled certain FileResponse. An attacker could possibly use this issue to expose sensitive information or gain access over user machine.
d6802db37f187944cfcae70e62625c7f67a075d00e01f75cb25bab74570cc154
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed