Gentoo Linux Security Advisory 202209-10 - A vulnerability has been discovered in Logcheck's ebuilds which could allow for root privilege escalation. Versions less than or equal to 1.3.23 are affected.
aa98c006ed7286f0640e95c22bca0d5dc8e2af534e7dbdcc233ab4f91e9694d0Gentoo Linux Security Advisory 202209-9 - Multiple vulnerabilities have been found in Smarty, the worst of which could result in remote code execution. Versions less than 4.2.1 are affected.
8a9753a3318c6302ef6528cd85e6f858a3e8e25c2174e9c1bdaf58ea02e08e97Ubuntu Security Notice 5635-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service.
659df738a1290534fb4de396b00a3b37c0db9cd653e811b0b0daf576c904b263Gentoo Linux Security Advisory 202209-8 - Multiple vulnerabilities have been discovered in Smokeping, the worst of which could result in root privilege escalation. Versions less than or equal to 2.7.3-r1 are affected.
6e3fcee3fe1f1e7e0baf4975b253d383008542bce7b60e7fd3ab9f30c21bbae3Gentoo Linux Security Advisory 202209-7 - A vulnerability has been discovered in Mrxvt which could allow for arbitrary code execution. Versions less than or equal to 0.5.4 are affected.
b6f6608eaf7071d16a5a0b910051433ac0b48e375f8616b305e5d7f0b9f071c0Gentoo Linux Security Advisory 202209-6 - Multiple vulnerabilities have been discovered in Rizin, the worst of which could lead to arbitrary code execution. Versions less than 0.4.1 are affected.
22d5cf8f464d6ffe04c9956f4344d28ed205bd65249718b202e629915bf3c862Ubuntu Security Notice 5629-1 - It was discovered that the Python http.server module incorrectly handled certain URIs. An attacker could potentially use this to redirect web traffic.
8ed17abf4d4b43b1e2bb7cde1858817522b51ed63ec4e2aa8a769c70b7853ef1Ubuntu Security Notice 5631-1 - It was discovered that libjpeg-turbo incorrectly handled certain EOF characters. An attacker could possibly use this issue to cause libjpeg-turbo to consume resource, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. It was discovered that libjpeg-turbo incorrectly handled certain malformed jpeg files. An attacker could possibly use this issue to cause libjpeg-turbo to crash, resulting in a denial of service.
1c5e9f66c33802aff0761c128dc62d1964aa449af0264e73bb69f61d3abed1d5Ubuntu Security Notice 5632-1 - Sebastian Chnelik discovered that OAuthLib incorrectly handled certain redirect uris. A remote attacker could possibly use this issue to cause OAuthLib to crash, resulting in a denial of service.
6f7b863b27652aa9705029e163b1edc76bb8e28ed46da9dae3fa8141b190d3d9Ubuntu Security Notice 5634-1 - Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service.
f8b1a7ed35a19079cc1dd5e26022f3651c361b93150ae1cc012219e3818ac9aeUbuntu Security Notice 5633-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service.
8351862c78cded631737902c0b3547d5bb307ab0a6be5cec52f04529fb8c7581Ubuntu Security Notice 5630-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.
c7c0c0227fda6e6bf4499a2c48b667c084b37cc6c2d87ab84b3410ec00d70af1Ubuntu Security Notice 5628-1 - It was discovered that etcd incorrectly handled certain specially crafted WAL files. An attacker could possibly use this issue to cause a denial of service. It was discovered that etcd incorrectly handled directory permissions when trying to create a directory that exists already. An attacker could possibly use this issue to obtain sensitive information. It was discovered that etcd incorrectly handled endpoint setup. An attacker could possibly use this issue to cause a denial of service.
28f2da782ea003139da2e8040d034ae2b2f3198ce124812a6471f98fc2cbaab1Ubuntu Security Notice 5627-1 - It was discovered that PCRE incorrectly handled memory when handling certain regular expressions. An attacker could possibly use this issue to cause applications using PCRE to expose sensitive information.
7aa38649a545af11b9197793106e2db93bfb4933b2a8c062f9b3ded3df35c13eRed Hat Security Advisory 2022-6681-01 - Red Hat OpenShift Virtualization release 4.9.6 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important.
35fe0c51a1e2d8d57b8f5b189f065486839edc6ee7397371f98e2e4d322f3113Ubuntu Security Notice 5626-2 - USN-5626-1 fixed several vulnerabilities in Bind. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of service.
5582262f24a0e94484485b69255a623685abc83599ef59c31512503b78e7393cRed Hat Security Advisory 2022-6535-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.11.5.
6d3c1ddf774e1588d2f8e92bbdc00d295380ed834dc8b5fd7cc6adb3e7a09bafRed Hat Security Advisory 2022-6536-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.5.
0c76c344a24ad9f294e5e60b3ecf6b5cbee617962cc0ff63f7cf784cc0666fc0Red Hat Security Advisory 2022-6531-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.33.
c6657749af2aec5a876585445e4bcbd9d3c2a60965b10273bbb9fc304ad6aa9aUbuntu Security Notice 5625-1 - It was discovered that Mako incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service.
1518e9ab65af606e2b3478c1bc02d7277d99370e8ebac2f107d283198ef64bccUbuntu Security Notice 5626-1 - Yehuda Afek, Anat Bremler-Barr, and Shani Stajnrod discovered that Bind incorrectly handled large delegations. A remote attacker could possibly use this issue to reduce performance, leading to a denial of service. It was discovered that Bind incorrectly handled statistics requests. A remote attacker could possibly use this issue to obtain sensitive memory contents, or cause a denial of service. This issue only affected Ubuntu 22.04 LTS.
34b2988765657bb9a18a6b8e41a326b6235943782ca9236238e2273ea984abd6Ubuntu Security Notice 5623-1 - Asaf Modelevsky discovered that the Intel 10GbE PCI Express Ethernet driver for the Linux kernel performed insufficient control flow management. A local attacker could possibly use this to cause a denial of service. It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
66e07fde9b2f0ceb8d17443fb1c31d6a38d2a48d2df851450322abe3437cfe75Ubuntu Security Notice 5624-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service.
c0aa41281b93bc03ff14dd2e3b4c36a94d879b74a8922ddb466c077ece80362eUbuntu Security Notice 5622-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.
5c33f90fb992303748572c66b36601509148fb06281517205f43d8b46f9c7a99Ubuntu Security Notice 5621-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service.
40c548696df891b760842604fc704cc1c5c68040fc122ae7115bc694f014d36e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed