what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 101 - 125 of 7,844 RSS Feed

Files from Ubuntu

Email addresssecurity at ubuntu.com
First Active2004-10-28
Last Active2024-04-12
Ubuntu Security Notice USN-6653-2
Posted Feb 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6653-2 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-51780, CVE-2023-51781, CVE-2023-6915, CVE-2024-0565, CVE-2024-0646
SHA-256 | 2f07851c21569ae0eee530af9d5bdebed76880cb59d7cda6e3ed6b201bf2df0b
Ubuntu Security Notice USN-6651-2
Posted Feb 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6651-2 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-51780, CVE-2023-51781, CVE-2023-6915, CVE-2024-0565, CVE-2024-0582, CVE-2024-0646
SHA-256 | d2d23ae1b65988ff0ad2b84582cd36ddc80022fa069d82e81e5127115f12a8e9
Ubuntu Security Notice USN-6648-2
Posted Feb 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6648-2 - It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-51781, CVE-2023-6915, CVE-2024-0565, CVE-2024-0646
SHA-256 | b20b61a904133f077965c2d159bb4588f6d1a76c9d9e29a8c1d6e8e4f12b7705
Ubuntu Security Notice USN-6668-1
Posted Feb 28, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6668-1 - It was discovered that when python-openstackclient attempted to delete a non-existing access rule, it would delete another existing access rule instead, contrary to expectations.

tags | advisory, python
systems | linux, ubuntu
advisories | CVE-2023-6110
SHA-256 | 8b976b5faa5d4b10b0fc031169e7fc9d450e6f7d3e44c15b0b2209066d59a417
Ubuntu Security Notice USN-6667-1
Posted Feb 28, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6667-1 - It was discovered that Cpanel-JSON-XS incorrectly decoded certain data. A remote attacker could use this issue to cause Cpanel-JSON-XS to crash, resulting in a denial of service, or possibly obtain sensitive information.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-48623
SHA-256 | 9a17a30381d9291845aef07c2e2c4b22b5c2cecc38cebc67005e48cab63a0355
Ubuntu Security Notice USN-6666-1
Posted Feb 28, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6666-1 - It was discovered that libuv incorrectly truncated certain hostnames. A remote attacker could possibly use this issue with specially crafted hostnames to bypass certain checks.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2024-24806
SHA-256 | 3708b57f00e48056a0ff770faacabf49aa5ec9ceb551c9f97111aee2cda1ee21
Ubuntu Security Notice USN-6665-1
Posted Feb 28, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6665-1 - Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Unbound incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service. It was discovered that Unbound incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Unbound to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-50387, CVE-2023-50868
SHA-256 | 247e0c613315c524f7a23eca5cd0d2daffd570c3ffc7c235478e29feb918a658
Ubuntu Security Notice USN-6644-2
Posted Feb 28, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6644-2 - USN-6644-1 fixed vulnerabilities in LibTIFF. This update provides the corresponding updates for Ubuntu 22.04 LTS. It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. It was discovered that LibTIFF incorrectly handled certain image files with the tiffcp utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcp to crash, resulting in a denial of service. It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to consume resources, resulting in a denial of service.

tags | advisory, denial of service, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-52356, CVE-2023-6228, CVE-2023-6277
SHA-256 | 3b39aabfecba0f4995c29794c7e0e8350f5b346f154fcd5c9a66829eec33e954
Ubuntu Security Notice USN-6664-1
Posted Feb 28, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6664-1 - It was discovered that less incorrectly handled certain file names. An attacker could possibly use this issue to cause a crash or execute arbitrary commands.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-48624
SHA-256 | 3a426e4094dd9ad9549006ec37e42525a4d7a61f7dd4bf291cc27ed8a13a7d55
Ubuntu Security Notice USN-6663-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6663-1 - As a security improvement, this update prevents OpenSSL from returning an error when detecting wrong padding in PKCS#1 v1.5 RSA, to prevent its use in possible Bleichenbacher timing attacks.

tags | advisory
systems | linux, ubuntu
SHA-256 | 70e2a3a25cb4e59a313bc99a88541c5d7f7f7e5852ffa537238da422d39d2f0d
Ubuntu Security Notice USN-6305-2
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6305-2 - USN-6305-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that PHP incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.

tags | advisory, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-3823, CVE-2023-3824
SHA-256 | caacfeb4e539a353abe770f6325dbffce7919a619b169957ffad81b1917bb00b
Ubuntu Security Notice USN-6662-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6662-1 - Yi Yang discovered that the Hotspot component of OpenJDK 21 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 21 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.

tags | advisory, java, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20945, CVE-2024-20952
SHA-256 | aaa047aaea8cde67a241170dbe81023fa98342d4dfece4d36d5b5774c741bb8a
Ubuntu Security Notice USN-6661-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6661-1 - Yi Yang discovered that the Hotspot component of OpenJDK 17 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 17 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.

tags | advisory, java, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952
SHA-256 | 074c45f3f5391055a9a621cd01f94fecea05dd020da0763a507bf083917efb09
Ubuntu Security Notice USN-6660-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6660-1 - Yi Yang discovered that the Hotspot component of OpenJDK 11 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 11 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.

tags | advisory, java, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952
SHA-256 | aa34f5f90f10131d0c663071adccbab36c202d5d64988d18d500f490c20b7cab
Ubuntu Security Notice USN-6659-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6659-1 - It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that libde265 could be made to read out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-43244, CVE-2022-43245, CVE-2022-43250, CVE-2022-47665, CVE-2023-24755, CVE-2023-24756, CVE-2023-25221
SHA-256 | d962c76a1595f5d14d9bd9c4c43a02311f732979462f52580a68633ddd9b343e
Ubuntu Security Notice USN-6658-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6658-1 - It was discovered that libxml2 incorrectly handled certain XML documents. A remote attacker could possibly use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-25062
SHA-256 | ef37288d1a6aa550f0abd5b82938c289b9e7762e12b39439453f8081d9ac4abd
Ubuntu Security Notice USN-6657-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6657-1 - Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Dnsmasq icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. It was discovered that Dnsmasq incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-28450, CVE-2023-50387, CVE-2023-50868
SHA-256 | 46f1a09bc8e779b0877ec272386957a7de5ad50e209a3024756ed199c3923006
Ubuntu Security Notice USN-6656-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6656-1 - It was discovered that PostgreSQL incorrectly handled dropping privileges when handling REFRESH MATERIALIZED VIEW CONCURRENTLY commands. If a user or automatic system were tricked into running a specially crafted command, a remote attacker could possibly use this issue to execute arbitrary SQL functions.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-0985
SHA-256 | 6797b8612873d00de8c6c855d9749b296bac7e6a4b0d216f58b119fed0c03bc5
Ubuntu Security Notice USN-6653-1
Posted Feb 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6653-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-51780, CVE-2023-51781, CVE-2023-6915, CVE-2024-0565, CVE-2024-0646
SHA-256 | 7264b1489787bd2aa4f01e0965296f2e2b95a382b4da17e044109efb8286489e
Ubuntu Security Notice USN-6652-1
Posted Feb 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6652-1 - Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service. Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2023-34324, CVE-2023-35827, CVE-2023-46813, CVE-2023-46862, CVE-2023-51780, CVE-2023-51781, CVE-2023-5972, CVE-2023-6176, CVE-2023-6531, CVE-2023-6622, CVE-2023-6915, CVE-2024-0565, CVE-2024-0582, CVE-2024-0641
SHA-256 | 4f6741e6cd2ec7ebe45095a33d68bec179ca45c931ff0896b24a5a24f2017966
Ubuntu Security Notice USN-6651-1
Posted Feb 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6651-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-51780, CVE-2023-51781, CVE-2023-6915, CVE-2024-0565, CVE-2024-0582, CVE-2024-0646
SHA-256 | 50ce129d01fba83dc1f23444d3644122297a10313ae31301b92dca3ee8a5400e
Ubuntu Security Notice USN-6650-1
Posted Feb 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6650-1 - Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-6915
SHA-256 | 3f6fd7285de278b165f5be6af2312c053a9e4c1e747410d3f389b749466cebe9
Ubuntu Security Notice USN-6655-1
Posted Feb 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6655-1 - It was discovered that GNU binutils was not properly handling the logic behind certain memory management related operations, which could lead to an invalid memory access. An attacker could possibly use this issue to cause a denial of service. It was discovered that GNU binutils was not properly performing bounds checks when dealing with memory allocation operations, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2022-47695, CVE-2022-48063, CVE-2022-48065
SHA-256 | 396cf437b25e5fb094de4260df060587d374c3a0672e376e0ad2c3f2a679ccc0
Ubuntu Security Notice USN-6654-1
Posted Feb 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6654-1 - It was discovered that Roundcube Webmail incorrectly sanitized characters in the linkrefs text messages. An attacker could possibly use this issue to execute a cross-site scripting attack.

tags | advisory, xss
systems | linux, ubuntu
advisories | CVE-2023-43770
SHA-256 | 460026cc73cc6675127f73b71d11e0359570d321c9e013f075f7ee551cfcf679
Ubuntu Security Notice USN-6649-1
Posted Feb 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6649-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Alfred Peters discovered that Firefox did not properly manage memory when storing and re-accessing data on a networking channel. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-1546, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1551, CVE-2024-1552, CVE-2024-1554, CVE-2024-1555, CVE-2024-1556, CVE-2024-1557
SHA-256 | 915d1dd9c871ef5fa18727920f32a507f24302608c703c4e810bc2c237c6b315
Page 5 of 314
Back34567Next

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    0 Files
  • 16
    Apr 16th
    0 Files
  • 17
    Apr 17th
    0 Files
  • 18
    Apr 18th
    0 Files
  • 19
    Apr 19th
    0 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    0 Files
  • 23
    Apr 23rd
    0 Files
  • 24
    Apr 24th
    0 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close