what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 51 - 75 of 7,821 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2024-03-27
Ubuntu Security Notice USN-6658-2
Posted Mar 12, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6658-2 - USN-6658-1 fixed a vulnerability in libxml2. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. It was discovered that libxml2 incorrectly handled certain XML documents. A remote attacker could possibly use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-25062
SHA-256 | 2a750c69f6b035fa2c99f3825916f5c17d092b9f9cd726a59615137e53c334da
Ubuntu Security Notice USN-6687-1
Posted Mar 11, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6687-1 - It was discovered that AccountsService called a helper incorrectly when performing password change operations. A local attacker could possibly use this issue to obtain encrypted passwords.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2012-6655
SHA-256 | 5935f51374bbedbe8e20bc4619732fb163c84254783cd4b5e539b7512d9bce32
Ubuntu Security Notice USN-6680-2
Posted Mar 8, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6680-2 - 黄思聪 discovered that the NFC Controller Interface implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-46343, CVE-2023-51779, CVE-2023-51782, CVE-2023-6121, CVE-2023-6560, CVE-2024-0607, CVE-2024-25744
SHA-256 | 6bc81fdaf7d2ab62cb88527ba4630824136da02c06781b70c420f590e02c5a29
Ubuntu Security Notice USN-6686-1
Posted Mar 8, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6686-1 - It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Cypress touchscreen driver in the Linux kernel during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-22995, CVE-2023-4134, CVE-2023-46343, CVE-2023-46862, CVE-2023-51779, CVE-2023-51782, CVE-2023-6121, CVE-2024-0340, CVE-2024-0607
SHA-256 | 32b61fd68287a18eb0704bbcdd739624e37463787dff6bc8a0147ae34ca4a9e0
Ubuntu Security Notice USN-6685-1
Posted Mar 8, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6685-1 - It was discovered that mqtt-client incorrectly handled memory while parsing malformed MQTT frames. An attacker could possibly use this issue to cause a crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2019-0222
SHA-256 | cc49c88c4675421bfd9834e4e4e0c55406cf579405c22b78ee6f529f264652ce
Ubuntu Security Notice USN-6684-1
Posted Mar 8, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6684-1 - It was discovered that ncurses incorrectly handled certain function return values, possibly leading to segmentation fault. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2023-50495
SHA-256 | 9c9caddc495e352909c94749c019135ed23b06515863dd6d046a8d28bcaac8cf
Ubuntu Security Notice USN-6682-1
Posted Mar 8, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6682-1 - ZeddYu Lu discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affected Ubuntu 20.04 LTS. It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue only affected Ubuntu 20.04 LTS.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2020-11076, CVE-2020-11077, CVE-2022-23634, CVE-2022-24790, CVE-2023-40175, CVE-2024-21647
SHA-256 | 17369ac09ff469d577917f6a11d6b237c679de121e53f191d4d051615739e955
Ubuntu Security Notice USN-6683-1
Posted Mar 8, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6683-1 - It was discovered that HtmlCleaner incorrectly handled certain html documents. An attacker could possibly use this issue to cause a denial of service via application crash.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-34624
SHA-256 | 920b6cad9b18ef88bc6e4355f6d2168f1b3a372eff262a980a9d8d05feb02ab3
Ubuntu Security Notice USN-6681-1
Posted Mar 7, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6681-1 - Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service. It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-44879, CVE-2023-22995, CVE-2023-4244, CVE-2023-51779, CVE-2023-51780, CVE-2023-51782, CVE-2023-6121, CVE-2024-0340
SHA-256 | e6207c1377c4c4662d23c4c6808627d6ca7ab8ee47c61e983d303f015693e726
Ubuntu Security Notice USN-6680-1
Posted Mar 7, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6680-1 - 黄思聪 discovered that the NFC Controller Interface implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-46343, CVE-2023-51779, CVE-2023-51782, CVE-2023-6121, CVE-2023-6560, CVE-2024-0607, CVE-2024-25744
SHA-256 | 2d0e95b66ec180b53afc0e7cf46240a83376c5acc340939b8b3af331c9190321
Ubuntu Security Notice USN-6679-1
Posted Mar 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6679-1 - It was discovered that FRR incorrectly handled certain malformed OSPF LSA packets. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2024-27913
SHA-256 | 3efcd48e104a143fe730fd8974e6c97f3e55c468d9f86582780097369d74b591
Ubuntu Security Notice USN-6676-1
Posted Mar 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6676-1 - Vojtěch Vobr discovered that c-ares incorrectly handled user input from local configuration files. An attacker could possibly use this issue to cause a denial of service via application crash.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2024-25629
SHA-256 | dbe62c177736e67d0f34559bcd12eaefa58499419a3ef18ef50db23f6bb5ade7
Ubuntu Security Notice USN-6649-2
Posted Mar 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6649-2 - USN-6649-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Alfred Peters discovered that Firefox did not properly manage memory when storing and re-accessing data on a networking channel. An attacker could potentially exploit this issue to cause a denial of service. Johan Carlsson discovered that Firefox incorrectly handled Set-Cookie response headers in multipart HTTP responses. An attacker could potentially exploit this issue to inject arbitrary cookie values. Gary Kwong discovered that Firefox incorrectly generated codes on 32-bit ARM devices, which could lead to unexpected numeric conversions or undefined behaviour. An attacker could possibly use this issue to cause a denial of service. Ronald Crane discovered that Firefox did not properly manage memory when accessing the built-in profiler. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, web, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-1546, CVE-2024-1548, CVE-2024-1551, CVE-2024-1552, CVE-2024-1555, CVE-2024-1556
SHA-256 | 57493f4eb5405080e87d75b58868c8d0c8ea4844948fc6ac9afc75823a5e7a6f
Ubuntu Security Notice USN-6678-1
Posted Mar 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6678-1 - It was discovered that libgit2 mishandled equivalent filenames on NTFS partitions. If a user or automated system were tricked into cloning a specially crafted repository, an attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that libgit2 did not perform certificate checking by default. An attacker could possibly use this issue to perform a machine-in-the-middle attack. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-12278, CVE-2023-22742, CVE-2024-24575, CVE-2024-24577
SHA-256 | 7b3086cc98d56d838c607776e3a17b3c2150866662ba214c0dc65ab02e4712cb
Ubuntu Security Notice USN-6677-1
Posted Mar 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6677-1 - It was discovered that libde265 could be made to dereference invalid memory. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-27102, CVE-2023-27103, CVE-2023-49465, CVE-2023-49467
SHA-256 | e5b123a14132e2de2966b2dd309e46adfd9dcc9597f183fc3ef618a6d4a7dcb7
Ubuntu Security Notice USN-6675-1
Posted Mar 6, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6675-1 - It was discovered that ImageProcessing incorrectly handled series of operations that are coming from unsanitised inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-24720
SHA-256 | d491a79e75514bf25f975567ff41507638e98c09cab54bfb9d5dcf4332bfbb3a
Ubuntu Security Notice USN-6653-4
Posted Mar 5, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6653-4 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-51780, CVE-2023-51781, CVE-2023-6915, CVE-2024-0565, CVE-2024-0646
SHA-256 | aa48f67fd66f658d9892f7335cc6fb90de9e9c25c6ff2c4f219a83a90245088d
Ubuntu Security Notice USN-6674-2
Posted Mar 5, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6674-2 - USN-6674-1 fixed a vulnerability in Django. This update provides the corresponding update for Ubuntu 18.04 LTS. Seokchan Yoon discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2024-27351
SHA-256 | 997b193005614a4286e157f3adb9ede1701e065c5ba4f071d3dffb9741612a72
Ubuntu Security Notice USN-6674-1
Posted Mar 5, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6674-1 - Seokchan Yoon discovered that the Django Truncator function incorrectly handled very long HTML input. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2024-27351
SHA-256 | 8724577a7a85c8ee06c83d3ec00d4db888a3a2260fa6a62b92f39b2d23d729c9
Ubuntu Security Notice USN-6673-1
Posted Mar 4, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6673-1 - Hubert Kario discovered that python-cryptography incorrectly handled errors returned by the OpenSSL API when processing incorrect padding in RSA PKCS#1 v1.5. A remote attacker could possibly use this issue to expose confidential or sensitive information. It was discovered that python-cryptography incorrectly handled memory operations when processing mismatched PKCS#12 keys. A remote attacker could possibly use this issue to cause python-cryptography to crash, leading to a denial of service. This issue only affected Ubuntu 23.10.

tags | advisory, remote, denial of service, python
systems | linux, ubuntu
advisories | CVE-2023-50782, CVE-2024-26130
SHA-256 | 01de93cd85b2bb26752f49682241d7f6847ee989213ef66fd7a7389e73b6b48a
Ubuntu Security Notice USN-6672-1
Posted Mar 4, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6672-1 - Morgan Jones discovered that Node.js incorrectly handled certain inputs that leads to false positive errors during some cryptographic operations. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 23.10. It was discovered that Node.js incorrectly handled certain inputs leaded to a untrusted search path vulnerability. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to perform a privilege escalation.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-23919, CVE-2023-23920, CVE-2023-2650
SHA-256 | fa597d50e9f8b5bd302a8783ff6dbb02dfd40c5672ca6442aff828f6a586c095
Ubuntu Security Notice USN-6669-1
Posted Mar 4, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6669-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-0741, CVE-2024-0746, CVE-2024-0747, CVE-2024-0749, CVE-2024-0755, CVE-2024-1546, CVE-2024-1547, CVE-2024-1549, CVE-2024-1551, CVE-2024-1552, CVE-2024-1553
SHA-256 | 63ee0e6f83b4e9f77d873f79cf50c1f02a046461e6ad8e93392c9da32d118bfc
Ubuntu Security Notice USN-6671-1
Posted Mar 1, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6671-1 - It was discovered that php-nyholm-psr7 incorrectly parsed HTTP headers. A remote attacker could possibly use this issue to perform an HTTP header injection attack.

tags | advisory, remote, web, php
systems | linux, ubuntu
advisories | CVE-2023-29197
SHA-256 | 27772bf11ba58e6506ed22ecdca799a5cc5144ec12da1e50691c8a33285fc90d
Ubuntu Security Notice USN-6670-1
Posted Mar 1, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6670-1 - It was discovered that php-guzzlehttp-psr7 incorrectly parsed HTTP headers. A remote attacker could possibly use these issues to perform an HTTP header injection attack.

tags | advisory, remote, web, php
systems | linux, ubuntu
advisories | CVE-2022-24775
SHA-256 | f678a48ca90812aa9d2b76350886677e9b4c1db467f139d16a69adc2ef646f7c
Ubuntu Security Notice USN-6653-3
Posted Mar 1, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6653-3 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-51780, CVE-2023-51781, CVE-2023-6915, CVE-2024-0565, CVE-2024-0646
SHA-256 | 60fb5270aaf03325ad43e2f4dacecf3881635fbb18b2fa28485adf10dae290b5
Page 3 of 313
Back12345Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close