what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 7,871 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2024-04-24
Ubuntu Security Notice USN-6718-1
Posted Mar 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6718-1 - Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols without adding any, contrary to expectations. This issue only affected Ubuntu 23.10. It was discovered that curl incorrectly handled memory when limiting the amount of headers when HTTP/2 server push is allowed. A remote attacker could possibly use this issue to cause curl to consume resources, leading to a denial of service.

tags | advisory, remote, web, denial of service, protocol
systems | linux, ubuntu
advisories | CVE-2024-2004, CVE-2024-2398
SHA-256 | 626a0b8a1438ccde6a1826653d3285d7f2a9a3cd644e2dfcfff06f2bc14e0f9d
Ubuntu Security Notice USN-6717-1
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6717-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Hubert Kario discovered that Thunderbird had a timing side-channel when performing RSA decryption. A remote attacker could possibly use this issue to recover sensitive information.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-5388, CVE-2024-2607, CVE-2024-2608, CVE-2024-2610, CVE-2024-2612, CVE-2024-2614, CVE-2024-2616
SHA-256 | c7e276778f2c974b0aa76f968f7adfbc3e4984a93e8eaf31675ad13306e8e12a
Ubuntu Security Notice USN-6588-2
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6588-2 - USN-6588-1 fixed a vulnerability in PAM. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Matthias Gerstner discovered that the PAM pam_namespace module incorrectly handled special files when performing directory checks. A local attacker could possibly use this issue to cause PAM to stop responding, resulting in a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2024-22365
SHA-256 | c7b2ad8e2a4e87b81fc87db1dc5b2aeb9a7d378c2c2f1ce83e2f5497ce27f2a0
Ubuntu Security Notice USN-6716-1
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6716-1 - Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-44879, CVE-2023-22995, CVE-2023-23000, CVE-2023-23004, CVE-2023-4244, CVE-2023-51779, CVE-2023-51780, CVE-2023-51782, CVE-2023-6121, CVE-2024-0340, CVE-2024-1086, CVE-2024-24855
SHA-256 | ca7041e9e1eafaa437eb00fd772e3fc4d0224945b1c747de75266ab82a88c293
Ubuntu Security Notice USN-6714-1
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6714-1 - It was discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands.

tags | advisory, arbitrary, shell
systems | linux, debian, ubuntu
advisories | CVE-2023-27635
SHA-256 | d54f6944dfabbda777fb8a78361b6893760736de4073959bba84adbd8fa06495
Ubuntu Security Notice USN-6707-3
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6707-3 - Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2024-1085, CVE-2024-1086
SHA-256 | 4481855a0359e6fcdb7c16104841f3e2ebed01d718273c406f874c85f64846a5
Ubuntu Security Notice USN-6704-3
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6704-3 - It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service. Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-23000, CVE-2023-32247, CVE-2024-1085, CVE-2024-1086, CVE-2024-24855
SHA-256 | 01efe4c147c2288e39cc2669dc4bb7d1e7e1641d78d25efb20089e9afb739cf7
Ubuntu Security Notice USN-6701-3
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6701-3 - Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service. It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-2002, CVE-2023-23000, CVE-2023-3006, CVE-2023-34256, CVE-2023-39197, CVE-2023-4132, CVE-2023-46838, CVE-2023-51781, CVE-2023-6121, CVE-2024-0775, CVE-2024-1086, CVE-2024-24855
SHA-256 | 5a4090a47f47b9d450d81add0c7c5cc25fe72ace31de291f6722899f4e03c608
Ubuntu Security Notice USN-6711-1
Posted Mar 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6711-1 - Vincent Berg discovered that CRM shell incorrectly handled certain commands. An local attacker could possibly use this issue to execute arbitrary code via shell code injection to the crm history commandline.

tags | advisory, arbitrary, shell, local
systems | linux, ubuntu
advisories | CVE-2020-35459
SHA-256 | 561d06378a4d832e9a803e7cdd95a4af11f2b3f29f3a2e2508d84ddaebf01a8d
Ubuntu Security Notice USN-6713-1
Posted Mar 25, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6713-1 - It was discovered that QPDF incorrectly handled certain memory operations when decoding JSON files. If a user or automated system were tricked into processing a specially crafted JSON file, QPDF could be made to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-24246
SHA-256 | 8599d683e2b4517e16898898180dc7a0b2cdc7ba2174e82a8a13679c86f88304
Ubuntu Security Notice USN-6712-1
Posted Mar 25, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6712-1 - It was discovered that Net::CIDR::Lite incorrectly handled extra zero characters at the beginning of IP address strings. A remote attacker could possibly use this issue to bypass access controls.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-47154
SHA-256 | a9f0f6ed74484540e723d579471876cf9ff4f03a08ad177e2826858111934cf8
Ubuntu Security Notice USN-6710-1
Posted Mar 25, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6710-1 - Manfred Paul discovered that Firefox did not properly perform bounds checking during range analysis, leading to an out-of-bounds write vulnerability. A attacker could use this to cause a denial of service, or execute arbitrary code. Manfred Paul discovered that Firefox incorrectly handled MessageManager listeners under certain circumstances. An attacker who was able to inject an event handler into a privileged object may have been able to execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-29943, CVE-2024-29944
SHA-256 | cda91a51f7eccf5cc349e1e3b85719bd26d54ad0308e44c693aedf48562d1b72
Ubuntu Security Notice USN-6708-1
Posted Mar 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6708-1 - It was discovered that Graphviz incorrectly handled certain config6a files. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-46045
SHA-256 | 87c56dd2a6e4a9f5eb5b6002def5a0ee55ce8cfd12daff0edd58f64d95d3c0e5
Ubuntu Security Notice USN-6709-1
Posted Mar 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6709-1 - It was discovered that checking excessively long DH keys or parameters may be very slow. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service. After the fix for CVE-2023-3446 Bernd Edlinger discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A remote attacker could possibly use this issue to cause OpenSSL to consume resources, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-3446, CVE-2023-3817, CVE-2023-5678, CVE-2024-0727
SHA-256 | a3c85443f6ce0636dc4acc75b294ee38bc75374485acad341a73a787d547a0cb
Ubuntu Security Notice USN-6700-2
Posted Mar 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6700-2 - It was discovered that the Layer 2 Tunneling Protocol implementation in the Linux kernel contained a race condition when releasing PPPoL2TP sockets in certain conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the ext4 file system implementation in the Linux kernel did not properly handle block device modification while it is mounted. A privileged attacker could use this to cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-20567, CVE-2023-34256, CVE-2023-39197, CVE-2023-51781, CVE-2024-0775, CVE-2024-1086, CVE-2024-24855
SHA-256 | 4c2466c5a1092f0062ced6462c5b58b113956d4b9c6caa9042e032feef05a6f5
Ubuntu Security Notice USN-6704-2
Posted Mar 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6704-2 - It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service. Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-23000, CVE-2023-32247, CVE-2024-1085, CVE-2024-1086, CVE-2024-24855
SHA-256 | f06bcd3c690a7a1a9aa03506a63b723e669f5ad31c8c9917af3280e58f9883e5
Ubuntu Security Notice USN-6707-1
Posted Mar 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6707-1 - Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2024-1085, CVE-2024-1086
SHA-256 | 3b637593e8639c976d8633bfafd249dde177e122d4fd4b290472de0d4aad72b9
Ubuntu Security Notice USN-6707-2
Posted Mar 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6707-2 - Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Notselwyn discovered that the netfilter subsystem in the Linux kernel did not properly handle verdict parameters in certain cases, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2024-1085, CVE-2024-1086
SHA-256 | 5a61fb451857004e26d020b0c774144828ef079142309d729e79b3b726df05ca
Ubuntu Security Notice USN-6702-2
Posted Mar 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6702-2 - It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service. It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-23000, CVE-2023-23004, CVE-2024-1086, CVE-2024-24855
SHA-256 | a213d583fab5e7ea18b9f2b55c31cedb9241c9947c2e53ba4b289d916196a091
Ubuntu Security Notice USN-6706-1
Posted Mar 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6706-1 - It was discovered that the Microchip USB Ethernet driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2023-6039
SHA-256 | 89c25f2bec4e1e0ae3ee730429a2a8503f7d3a9f44ac5cd559c32bd0d370eae8
Ubuntu Security Notice USN-6701-2
Posted Mar 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6701-2 - Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service. It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-2002, CVE-2023-23000, CVE-2023-3006, CVE-2023-34256, CVE-2023-39197, CVE-2023-4132, CVE-2023-46838, CVE-2023-51781, CVE-2023-6121, CVE-2024-0775, CVE-2024-1086, CVE-2024-24855
SHA-256 | 7f5c37bdac372f1e14614b207db5ae250b9cfd02c3c09102b02e27d97b401d28
Ubuntu Security Notice USN-6705-1
Posted Mar 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6705-1 - It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service. It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-22995, CVE-2023-23000, CVE-2023-32247, CVE-2023-4134, CVE-2023-46343, CVE-2023-46862, CVE-2023-51779, CVE-2023-51782, CVE-2023-6121, CVE-2024-0340, CVE-2024-0607, CVE-2024-1085, CVE-2024-1086, CVE-2024-24855
SHA-256 | 64159aa588ca321d03ca98e717b66a596761142f9ae2d16ccb066957ac875616
Ubuntu Security Notice USN-6704-1
Posted Mar 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6704-1 - It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service. Quentin Minster discovered that the KSMBD implementation in the Linux kernel did not properly handle session setup requests. A remote attacker could possibly use this to cause a denial of service.

tags | advisory, remote, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-23000, CVE-2023-32247, CVE-2024-1085, CVE-2024-1086, CVE-2024-24855
SHA-256 | 6ed1a66dd66da03109747a9db9ed61695441d8d245bcbdd9a6cefe18cb9a4b2c
Ubuntu Security Notice USN-6686-4
Posted Mar 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6686-4 - It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Cypress touchscreen driver in the Linux kernel during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-22995, CVE-2023-4134, CVE-2023-46343, CVE-2023-46862, CVE-2023-51779, CVE-2023-51782, CVE-2023-6121, CVE-2024-0340, CVE-2024-0607
SHA-256 | 4cd7c0cbd4c81df0eab614905a7b129efdf5da526d3af995744cb9301ffd6a45
Ubuntu Security Notice USN-6702-1
Posted Mar 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6702-1 - It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service. It was discovered that the ARM Mali Display Processor driver implementation in the Linux kernel did not properly handle certain error conditions. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-23000, CVE-2023-23004, CVE-2024-1086, CVE-2024-24855
SHA-256 | 2bbdae5d9cc3f02f8eae0cef20dd869f5168509eea3a83ec1db4f828123bd6e2
Page 3 of 315
Back12345Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    23 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close