Ondrej Kozina discovered that the keyring interface in the Linux kernel contained a buffer overflow when displaying timeout events via the /proc/keys interface. A local attacker could use this to cause a denial of service (system crash). Dmitry Vyukov discovered a use-after-free vulnerability during error processing in the recvmmsg(2) implementation in the Linux kernel. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other kernel vulnerabilities were also discovered and addressed.
5eae3cc7ae9949b636e16234a44d66f6ecfbbb7d410b77b7636cc74cb28cfc31
Ubuntu Security Notice 3142-1 - It was discovered that ImageMagick incorrectly handled certain malformed image files. If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a denial of service or possibly execute code with the privileges of the user invoking the program.
9fd88cf3758a9382f580962fbc9dc3eed2c9e6ab3625d2bfab08579dea19cc5d
Ubuntu Security Notice 3143-1 - Gzob Qq discovered that c-ares incorrectly handled certain hostnames. A remote attacker could use this issue to cause applications using c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code.
fd4c712ebea3609f12d8d0e74b0732444f1f40626f07b8895e89025af4f6bdb3
HP Security Bulletin HPSBHF03682 1 - A security vulnerability in the Linux kernel could potentially impact HPE Comware 7 network products. The vulnerability could be exploited locally to gain privileged access. Revision 1 of this advisory.
5ace745e7feeb86db5d7075ad2a92195f1a6aacff28d5f99cf61129d804628cd
Red Hat Security Advisory 2016-2837-01 - In accordance with the Red Hat CloudForms Support Life Cycle Policy, support will end on February 28, 2017. Red Hat will not provide extended support for this product. Customers are requested to migrate to the newer Red Hat CloudForms product prior to the end of the life cycle for CloudForms 3.0. After February 28, 2017, technical support through Red Hatas Global Support Services will no longer be provided.
bc6585a3c5618b7a47efd451a541b6c98520e320333b203998a827f62175823a
Ubuntu Security Notice 3147-1 - Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges. Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service or possibly gain privileges. Various other issues were also addressed.
24c2633893f05bc0f748cbbe00340693c9d2ef8d8ccaae283c9f5eb4d49199e9
Ubuntu Security Notice 3146-2 - USN-3146-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that the __get_user_asm_ex implementation in the Linux kernel for x86/x86_64 contained extended asm statements that were incompatible with the exception table. A local attacker could use this to gain administrative privileges. Various other issues were also addressed.
f19373773609e5f45ffaa3056bccfff36fc9074e721afb3c23140514cba33613
Ubuntu Security Notice 3146-1 - It was discovered that the __get_user_asm_ex implementation in the Linux kernel for x86/x86_64 contained extended asm statements that were incompatible with the exception table. A local attacker could use this to gain administrative privileges. Andreas Gruenbacher and Jan Kara discovered that the filesystem implementation in the Linux kernel did not clear the setgid bit during a setxattr call. A local attacker could use this to possibly elevate group privileges. Various other issues were also addressed.
866d7bda3219cca441808b8427f774eec5e84f72709d3a29611f6b9bc47b4ee1
Ubuntu Security Notice 3145-2 - USN-3145-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 LTS. Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service or possibly gain privileges. Various other issues were also addressed.
2d4e1867096ccba98da932b775e03c4b91aee4f7258ab10f399832c6c0bcc5e2
Ubuntu Security Notice 3145-1 - Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service or possibly gain privileges. Daxing Guo discovered a stack-based buffer overflow in the Broadcom IEEE802.11n FullMAC driver in the Linux kernel. A local attacker could use this to cause a denial of service or possibly gain privileges. Various other issues were also addressed.
e9d32953ccbbf124bab9efb2bc7409afdac81d72acd4c30be579d590fcba2667
Ubuntu Security Notice 3144-1 - Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service or possibly gain privileges.
476ef8a28c6c02f72f961436a2b3a5da7959fc2c2ee0e02adb1a04c3acaa5438
Ubuntu Security Notice 3144-2 - Marco Grassi discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A local attacker could use this to cause a denial of service or possibly gain privileges.
57f22d8aae31f684b79828e929a4b5dc7a2522b4c17d2a7d6a082b4bafe09a7c
Red Hat Security Advisory 2016-2839-01 - Red Hat CloudForms Management Engine delivers the insight, control, and automation needed to address the challenges of managing virtual environments. CloudForms Management Engine is built on Ruby on Rails, a model-view-controller framework for web application development. Action Pack implements the controller and the view components. Security Fix: A code injection flaw was found in the way capacity and utilization imported control files are processed. A remote, authenticated attacker with access to the capacity and utilization feature could use this flaw to execute arbitrary code as the user CFME runs as.
d9718f61734342769a0127149f824e770233555d6fa898c9d7302f5fe72a836d
HP Security Bulletin HPSBGN03677 1 - Potential security vulnerabilities in RPCServlet and Java deserialization were addressed by HPE Network Automation. The vulnerabilities could be remotely exploited to allow code execution. Revision 1 of this advisory.
3defcc454c7e4050b2e9b10207b13b98ca9f6f8e907b1fbd4d176da15c39317c
Zurb Foundation versions 5.5.1 and 5.5.3 suffer from a cross site scripting vulnerability.
f24e729af9e63fb4ce65ccc21a22893690b66398a546e6fe4f1f266b5546ac8d
Red Hat Security Advisory 2016-2823-01 - This release of Red Hat JBoss BRMS 6.4.0 serves as a replacement for Red Hat JBoss BRMS 6.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes of the patch linked to in the References section. Security Fix: It was found that several XML parsers used by XStream had default settings that would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.
8dbab47734f09bd5535d85680eeb30af3067f1855c752393866e2574216e77c4
Red Hat Security Advisory 2016-2825-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.5.0. Security Fix: Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitrary code with the privileges of the user running Thunderbird.
54ff8650e4490e85629a750535d3779d73f23bb595e59bd9e223f6a5ed9a9cac
Red Hat Security Advisory 2016-2822-01 - This release of Red Hat JBoss BPM Suite 6.4.0 serves as a replacement for Red Hat JBoss BPM Suite 6.3.4, and includes bug fixes and enhancements, which are documented in the Release Notes of the patch linked to in the References section. Security Fix: It was found that several XML parsers used by XStream had default settings that would expand entity references. A remote, unauthenticated attacker could use this flaw to read files accessible to the user running the application server, and potentially perform other more advanced XXE attacks.
6a3f71e3995dd45560a98eb9719679794b13ea13a4d9ddd7133a684f5961eaf8
Ubuntu Security Notice 3139-1 - Florian Larysch discovered that the Vim text editor did not properly validate values for the 'filetype', 'syntax', and 'keymap' options. An attacker could trick a user into opening a file with specially crafted modelines and possibly execute arbitrary code with the user's privileges.
cd7c375a66724dd2cd449203c8cca7ddce33d575128a34810feae44d65173725
Red Hat Security Advisory 2016-2824-01 - Expat is a C library for parsing XML documents. Security Fix: An out-of-bounds read flaw was found in the way Expat processed certain input. A remote attacker could send specially crafted XML that, when parsed by an application using the Expat library, would cause that application to crash or, possibly, execute arbitrary code with the permission of the user running the application.
15b1cfacba0f19d15530badb193026d093d7c0ccf480c95cbe80f7be4e28cad7
Ubuntu Security Notice 3138-1 - Markus Doering discovered that python-cryptography incorrectly handled certain HKDF lengths. This could result in python-cryptography returning an empty string instead of the expected derived key.
d43f841edb4ea05dfc79682b7bcf6b24c0aae61440c09d4576dc2e86ce097208
Ubuntu Security Notice 3135-2 - USN-3135-1 fixed a vulnerability in GStreamer Good Plugins. The original security fix was incomplete. This update fixes the problem. Chris Evans discovered that GStreamer Good Plugins did not correctly handle malformed FLC movie files. If a user were tricked into opening a crafted FLC movie file with a GStreamer application, an attacker could cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking the program. Various other issues were also addressed.
710a121e87daf705ce0abad9fdd2abe49e8249e4694f61334da9f345c9dd511f
Debian Linux Security Advisory 3725-1 - Several vulnerabilities were discovered in the International Components for Unicode (ICU) library.
99a71d702d541d4ed870c289a1b6f4edd7a57bf4a5787b856f49b6abbc7e3545
The Apache OpenOffice installer for Windows contained a defective operation that could trigger execution of unwanted software installed by a Trojan Horse application. The installer defect is known as an unquoted Windows search path vulnerability. In the case of Apache OpenOffice installers for Windows, the PC must have previously been infected by a Trojan Horse application (or user) running with administrator privilege. Any installer with the unquoted search path vulnerability becomes a delayed trigger for the exploit. The exploit may already have operated on the user's PC.
b11761ee166cb00e6ba0bf9385312c23f0c2bac21fc64c14b18cf0d87d0cdead
Debian Linux Security Advisory 3723-1 - Chris Evans discovered that the GStreamer 1.0 plugin used to decode files in the FLIC format allowed execution of arbitrary code.
1d94de5f108a641a7b5e9dbc3bb7d8da7246df577309dc403eabaf566072824b