Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash). Dmitry Vyukov discovered a use-after-free vulnerability during error processing in the recvmmsg(2) implementation in the Linux kernel. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other kernel vulnerabilities were also discovered and addressed.
5eae3cc7ae9949b636e16234a44d66f6ecfbbb7d410b77b7636cc74cb28cfc31Ubuntu Security Notice 3142-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
9fd88cf3758a9382f580962fbc9dc3eed2c9e6ab3625d2bfab08579dea19cc5dUbuntu Security Notice 3143-1 - Gzob Qq discovered that c-ares incorrectly handled certain hostnames. A remote attacker could use this issue to cause applications using c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code.
fd4c712ebea3609f12d8d0e74b0732444f1f40626f07b8895e89025af4f6bdb3HP Security Bulletin HPSBHF03682 1 - A security vulnerability in the Linux kernel could potentially impact HPE Comware 7 network products. The vulnerability could be exploited locally to gain privileged access. Revision 1 of this advisory.
5ace745e7feeb86db5d7075ad2a92195f1a6aacff28d5f99cf61129d804628cdRed Hat Security Advisory 2016-2837-01 - In accordance with the Red Hat CloudForms Support Life Cycle Policy, support will end on February 28, 2017. Red Hat will not provide extended support for this product. Customers are requested to migrate to the newer Red Hat CloudForms product prior to the end of the life cycle for CloudForms 3.0. After February 28, 2017, technical support through Red Hatas Global Support Services will no longer be provided.
bc6585a3c5618b7a47efd451a541b6c98520e320333b203998a827f62175823aUbuntu Security Notice 3147-1 - Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges. Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service or possibly gain privileges. Various other issues were also addressed.
24c2633893f05bc0f748cbbe00340693c9d2ef8d8ccaae283c9f5eb4d49199e9Ubuntu Security Notice 3146-2 - USN-3146-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the __get_user_asm_ex implementation in the Linux kernel for x86/x86_64 contained extended asm statements that were incompatible with the exception table. A local attacker could use this to gain administrative privileges. Various other issues were also addressed.
f19373773609e5f45ffaa3056bccfff36fc9074e721afb3c23140514cba33613Ubuntu Security Notice 3146-1 - It was discovered that the __get_user_asm_ex implementation in the Linux kernel for x86/x86_64 contained extended asm statements that were incompatible with the exception table. A local attacker could use this to gain administrative privileges. Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges. Various other issues were also addressed.
866d7bda3219cca441808b8427f774eec5e84f72709d3a29611f6b9bc47b4ee1Ubuntu Security Notice 3145-2 - USN-3145-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service or possibly gain privileges. Various other issues were also addressed.
2d4e1867096ccba98da932b775e03c4b91aee4f7258ab10f399832c6c0bcc5e2Ubuntu Security Notice 3145-1 - Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service or possibly gain privileges. Daxing Guo discovered a stack-based buffer overflow in the Broadcom IEEE802.11n FullMAC driver in the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain privileges. Various other issues were also addressed.
e9d32953ccbbf124bab9efb2bc7409afdac81d72acd4c30be579d590fcba2667Ubuntu Security Notice 3144-1 - Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service or possibly gain privileges.
476ef8a28c6c02f72f961436a2b3a5da7959fc2c2ee0e02adb1a04c3acaa5438Ubuntu Security Notice 3144-2 - Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service or possibly gain privileges.
57f22d8aae31f684b79828e929a4b5dc7a2522b4c17d2a7d6a082b4bafe09a7cRed Hat Security Advisory 2016-2839-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security Fix: A code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker with access to the capacity and utilization feature could use this flaw to execute arbitrary code as the user CFME runs as.
d9718f61734342769a0127149f824e770233555d6fa898c9d7302f5fe72a836dHP Security Bulletin HPSBGN03677 1 - Potential security vulnerabilities in RPCServlet and Java deserialization were addressed by HPE Network Automation. The vulnerabilities could be remotely exploited to allow code execution. Revision 1 of this advisory.
3defcc454c7e4050b2e9b10207b13b98ca9f6f8e907b1fbd4d176da15c39317cZurb Foundation versions 5.5.1 and 5.5.3 suffer from a cross site scripting vulnerability.
f24e729af9e63fb4ce65ccc21a22893690b66398a546e6fe4f1f266b5546ac8dRed Hat Security Advisory 2016-2823-01 - This release of Red Hat JBoss BRMS 6.4.0 serves as a replacement for Red Hat JBoss BRMS 6.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes of the patch linked to in the References section. Security Fix: It was found that several XML parsers used by XStream had default settings that would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.
8dbab47734f09bd5535d85680eeb30af3067f1855c752393866e2574216e77c4Red Hat Security Advisory 2016-2825-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.5.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
54ff8650e4490e85629a750535d3779d73f23bb595e59bd9e223f6a5ed9a9cacRed Hat Security Advisory 2016-2822-01 - This release of Red Hat JBoss BPM Suite 6.4.0 serves as a replacement for Red Hat JBoss BPM Suite 6.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes of the patch linked to in the References section. Security Fix: It was found that several XML parsers used by XStream had default settings that would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.
6a3f71e3995dd45560a98eb9719679794b13ea13a4d9ddd7133a684f5961eaf8Ubuntu Security Notice 3139-1 - Florian Larysch discovered that the Vim text editor did not properly validate values for the 'filetype', 'syntax', and 'keymap' options. An attacker could trick a user into opening a file with specially crafted modelines and possibly execute arbitrary code with the user's privileges.
cd7c375a66724dd2cd449203c8cca7ddce33d575128a34810feae44d65173725Red Hat Security Advisory 2016-2824-01 - Expat is a C library for parsing XML documents. Security Fix: An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute arbitrary code with the permission of the user running the application.
15b1cfacba0f19d15530badb193026d093d7c0ccf480c95cbe80f7be4e28cad7Ubuntu Security Notice 3138-1 - Markus Doering discovered that python-cryptography incorrectly handled certain HKDF lengths. This could result in python-cryptography returning an empty string instead of the expected derived key.
d43f841edb4ea05dfc79682b7bcf6b24c0aae61440c09d4576dc2e86ce097208Ubuntu Security Notice 3135-2 - USN-3135-1 fixed a vulnerability in GStreamer Good Plugins. The original security fix was incomplete. This update fixes the problem. Chris Evans discovered that GStreamer Good Plugins did not correctly handle malformed FLC movie files. If a user were tricked into opening a crafted FLC movie file with a GStreamer application, an attacker could cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
710a121e87daf705ce0abad9fdd2abe49e8249e4694f61334da9f345c9dd511fDebian Linux Security Advisory 3725-1 - Several vulnerabilities were discovered in the International Components for Unicode (ICU) library.
99a71d702d541d4ed870c289a1b6f4edd7a57bf4a5787b856f49b6abbc7e3545The Apache OpenOffice installer for Windows contained a defective operation that could trigger execution of unwanted software installed by a Trojan Horse application. The installer defect is known as an unquoted Windows search path vulnerability. In the case of Apache OpenOffice installers for Windows, the PC must have previously been infected by a Trojan Horse application (or user) running with administrator privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit. The exploit may already have operated on the user's PC.
b11761ee166cb00e6ba0bf9385312c23f0c2bac21fc64c14b18cf0d87d0cdeadDebian Linux Security Advisory 3723-1 - Chris Evans discovered that the GStreamer 1.0 plugin used to decode files in the FLIC format allowed execution of arbitrary code.
1d94de5f108a641a7b5e9dbc3bb7d8da7246df577309dc403eabaf566072824b
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed