exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 7,714 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2024-02-20
Ubuntu Security Notice USN-6644-1
Posted Feb 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6644-1 - It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. It was discovered that LibTIFF incorrectly handled certain image files with the tiffcp utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcp to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-52356, CVE-2023-6228, CVE-2023-6277
SHA-256 | ef3f4db4f26363a7b6f29905c846ae44e713361a0326d73013b608026cee7283
Ubuntu Security Notice USN-6643-1
Posted Feb 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6643-1 - Emre Durmaz discovered that NPM IP package incorrectly distinguished between private and public IP addresses. A remote attacker could possibly use this issue to perform Server-Side Request Forgery attacks.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2023-42282
SHA-256 | c16ecfe30134498bd139552611380f432fae442982648114d6b239d58d36cbcb
Ubuntu Security Notice USN-6625-3
Posted Feb 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6625-3 - Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service. Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2023-34324, CVE-2023-35827, CVE-2023-45863, CVE-2023-46343
SHA-256 | 52bdeffe5f0a9bcabf5888bdf230cc21b6b378f00b6361fdcb2347a717f725ef
Ubuntu Security Notice USN-6642-1
Posted Feb 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6642-1 - Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-4408, CVE-2023-50387, CVE-2023-50868, CVE-2023-5517, CVE-2023-6516
SHA-256 | 59690fe75ddf72adb23e500a05f4e810c75b29c755af18781f7010d4def3deac
Ubuntu Security Notice USN-6641-1
Posted Feb 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6641-1 - Harry Sintonen discovered that curl incorrectly handled mixed case cookie domains. A remote attacker could possibly use this issue to set cookies that get sent to different and unrelated sites and domains.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2023-46218
SHA-256 | a7d9ffd24a024ab8781ee9e6e2b5c442a80ad8acaf458870a637f085aae82d59
Ubuntu Security Notice USN-6626-3
Posted Feb 16, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6626-3 - Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2023-32250, CVE-2023-32257, CVE-2023-34324, CVE-2023-35827, CVE-2023-46813, CVE-2023-6039, CVE-2023-6176, CVE-2023-6622, CVE-2024-0641
SHA-256 | c4f05b80ddac576aade0f7ae79e18a25f3e6427f2d9176a2bd74aec2add4db82
Ubuntu Security Notice USN-6640-1
Posted Feb 16, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6640-1 - It was discovered that shadow was not properly sanitizing memory when running the password utility. An attacker could possibly use this issue to retrieve a password from memory, exposing sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2023-4641
SHA-256 | 66fccfd58b58a4ce523efd3b5c9bd62c4adf984f4fd74bb57ad09a7a1939e1ae
Ubuntu Security Notice USN-6629-3
Posted Feb 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6629-3 - USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An attacker could possibly use this issue to cause key confusion and overwrite values in dictionaries. It was discovered that UltraJSON incorrectly handled an error when reallocating a buffer for string decoding. An attacker could possibly use this issue to corrupt memory.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-45958, CVE-2022-31116, CVE-2022-31117
SHA-256 | 50be04630cf03d8f15f815dd6a94344ba4a09eeb74709bbf0914315704d4157c
Ubuntu Security Notice USN-6639-1
Posted Feb 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6639-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-51780, CVE-2023-51781, CVE-2023-51782, CVE-2023-6121, CVE-2023-6531, CVE-2023-6622, CVE-2023-6932, CVE-2024-0565, CVE-2024-0607, CVE-2024-0646, CVE-2024-22705
SHA-256 | 729831ae2fd2e2d037f3b0023e1e02b87125b330ee3c867a9edd370373e1911c
Ubuntu Security Notice USN-6628-2
Posted Feb 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6628-2 - Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2023-32250, CVE-2023-32257, CVE-2023-34324, CVE-2023-35827, CVE-2023-46813, CVE-2023-6039, CVE-2023-6040, CVE-2023-6176, CVE-2023-6606, CVE-2023-6622, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932, CVE-2024-0193
SHA-256 | 8b210c8c777d4cc501999ec7007ed1d81cb230f6a188fd0f09171622aadeb0ba
Ubuntu Security Notice USN-6638-1
Posted Feb 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6638-1 - Marc Beatove discovered buffer overflows exit in EDK2. An attacker on the local network could potentially use this to impact availability or possibly cause remote code execution. It was discovered that a buffer overflows exists in EDK2's Network Package An attacker on the local network could potentially use these to impact availability or possibly cause remote code execution.

tags | advisory, remote, overflow, local, code execution
systems | linux, ubuntu
advisories | CVE-2022-36763, CVE-2022-36765, CVE-2023-45231, CVE-2023-45234, CVE-2023-45235, CVE-2023-48733
SHA-256 | cb517471393f2b25d84672292a8731ab62b9d85dbfaf6f8ff61eb3870a2e1cb5
Ubuntu Security Notice USN-6636-1
Posted Feb 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6636-1 - It was discovered that ClamAV incorrectly handled parsing certain OLE2 files. A remote attacker could possibly use this issue to cause ClamAV to crash, resulting in a denial of service. Amit Schendel discovered that the ClamAV ClamD service incorrectly handled the VirusEvent feature. An attacker able to connect to ClamD could possibly use this issue to execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-20290, CVE-2024-20328
SHA-256 | 4233521b1bfeb5ef13d5d7a96d44be5ec9fab356eb2b34b1c3a131adc45c3065
Ubuntu Security Notice USN-6635-1
Posted Feb 15, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6635-1 - It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service. Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-37453, CVE-2023-39189, CVE-2023-39192, CVE-2023-39193, CVE-2023-42754, CVE-2023-5158, CVE-2023-5178, CVE-2023-5717, CVE-2023-6606, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932, CVE-2024-0193
SHA-256 | b16b3c4f49f2049591b131f1367693ba4f54cc72d2d1b19001a952cc87282724
Ubuntu Security Notice USN-6608-2
Posted Feb 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6608-2 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information. Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-6606, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932, CVE-2024-0193
SHA-256 | a36fb866376042d55edb7600c47b39b6eea427e345f42f8acac97c6298960e3b
Ubuntu Security Notice USN-6626-2
Posted Feb 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6626-2 - Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2023-32250, CVE-2023-32257, CVE-2023-34324, CVE-2023-35827, CVE-2023-46813, CVE-2023-6039, CVE-2023-6176, CVE-2023-6622, CVE-2024-0641
SHA-256 | f604bb78b46c5c78f8d5c3eebf5d47fd8329d33d9d972d5425768f75ed48b1e8
Ubuntu Security Notice USN-6629-2
Posted Feb 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6629-2 - USN-6629-1 fixed vulnerabilities in UltraJSON. This update provides the corresponding updates for Ubuntu 20.04 LTS. It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An attacker could possibly use this issue to cause key confusion and overwrite values in dictionaries. It was discovered that UltraJSON incorrectly handled an error when reallocating a buffer for string decoding. An attacker could possibly use this issue to corrupt memory.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-45958, CVE-2022-31116, CVE-2022-31117
SHA-256 | ec6ddcf81a1c32520be536e38ebdd283e58f5386914c40a18c8dc5490e39e31a
Ubuntu Security Notice USN-6629-1
Posted Feb 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6629-1 - It was discovered that UltraJSON incorrectly handled certain input with a large amount of indentation. An attacker could possibly use this issue to crash the program, resulting in a denial of service. Jake Miller discovered that UltraJSON incorrectly decoded certain characters. An attacker could possibly use this issue to cause key confusion and overwrite values in dictionaries. It was discovered that UltraJSON incorrectly handled an error when reallocating a buffer for string decoding. An attacker could possibly use this issue to corrupt memory.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2021-45958, CVE-2022-31116, CVE-2022-31117
SHA-256 | d35aa970db759e585e1e8439b5af8a9496efa3c84d58b5fde339a617a0f22a82
Ubuntu Security Notice USN-6634-1
Posted Feb 14, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6634-1 - Brennan Conroy discovered that .NET with SignalR did not properly handle malicious clients. An attacker could possibly use this issue to cause a denial of service. Bahaa Naamneh discovered that .NET with OpenSSL support did not properly parse X509 certificates. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2024-21386, CVE-2024-21404
SHA-256 | de10672913c1c439d6731061defe8ff1f177c00fb56026d2b2e18bbcd3e60f15
Ubuntu Security Notice USN-6633-1
Posted Feb 13, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6633-1 - Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-4408, CVE-2023-50387, CVE-2023-50868, CVE-2023-5517, CVE-2023-5679
SHA-256 | 054b5c6621a2c15204c6e7c406399951136064dab698608de345f5ebc5be679d
Ubuntu Security Notice USN-6632-1
Posted Feb 13, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6632-1 - David Benjamin discovered that OpenSSL incorrectly handled excessively long X9.42 DH keys. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, leading to a denial of service. Bahaa Naamneh discovered that OpenSSL incorrectly handled certain malformed PKCS12 files. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-5678, CVE-2024-0727
SHA-256 | 3abb323919f13a3d84d1a0cd64fcc14e25be794245741c0876d6749101772303
Ubuntu Security Notice USN-6631-1
Posted Feb 12, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6631-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

tags | advisory, remote, web, denial of service, arbitrary, javascript, code execution, xss
systems | linux, ubuntu
advisories | CVE-2024-23206
SHA-256 | 4b6f4fc061a2d62f4bfc4c023b3a9687f579682d0d0d93b1e1032a14339c54da
Ubuntu Security Notice USN-6630-1
Posted Feb 12, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6630-1 - It was discovered that Glance_store incorrectly handled logging when the DEBUG log level is enabled. A local attacker could use this issue to obtain access_key values.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2024-1141
SHA-256 | e33597e4fb62975ce2ddc0081056b778d1042fba229644d2cddd928586329b1c
Ubuntu Security Notice USN-6628-1
Posted Feb 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6628-1 - Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel when handling sessions operations. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service.

tags | advisory, remote, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2023-32250, CVE-2023-32257, CVE-2023-34324, CVE-2023-35827, CVE-2023-46813, CVE-2023-6039, CVE-2023-6040, CVE-2023-6176, CVE-2023-6606, CVE-2023-6622, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932, CVE-2024-0193
SHA-256 | a52607ded902da64c49c773da7fa6fd61683abc0bc5e94297c83cad64b281932
Ubuntu Security Notice USN-6625-2
Posted Feb 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6625-2 - Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service. Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2023-34324, CVE-2023-35827, CVE-2023-45863, CVE-2023-46343
SHA-256 | b66fd333f93de3d51bd80224f8e2d3a19cbfc05e73e64ee252cbdbc53d94990c
Ubuntu Security Notice USN-6627-1
Posted Feb 9, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6627-1 - It was discovered that libde265 could be made to read out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. It was discovered that libde265 did not properly manage memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-35452, CVE-2021-36408, CVE-2021-36409, CVE-2021-36411, CVE-2022-1253, CVE-2022-43236, CVE-2022-43237, CVE-2022-43241, CVE-2022-43242, CVE-2022-43243, CVE-2022-43248, CVE-2022-43252
SHA-256 | f02c27a054257e7caf3fb5163ff041b1ddb84edeb8858c8dee0b15323488e030
Page 1 of 309
Back12345Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close