Ubuntu Security Notice 4118-1 - It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.
4f908bb81d9ebb9dd129fad885aa16a8ad89f97c5c09adc998aefff895ea8268Ubuntu Security Notice 4094-1 - It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Wen Xu discovered that the XFS filesystem implementation in the Linux kernel did not properly track inode validations. An attacker could use this to construct a malicious XFS image that, when mounted, could cause a denial of service. Various other issues were also addressed.
057991c54bda99e36e45617061b5319a3d5749216d070d59b5d605ff61ea7dccRed Hat Security Advisory 2019-1880-01 - The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. An NTLM password overflow via integer overflow issue was addressed.
7ff194be1ef6e345bac33f6db0c2870bd8420e769ad1819a796d665aa8b116e1Ubuntu Security Notice 3932-2 - USN-3932-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a race condition existed in the f2fs file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
6b04b1ca2b939f9ef77c26b11ce5669d6f7a229ddfbabf646e284686af89d8a3Ubuntu Security Notice 3932-1 - It was discovered that a race condition existed in the f2fs file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Wen Xu discovered that the f2fs file system implementation in the Linux kernel did not properly validate metadata. An attacker could use this to construct a malicious f2fs image that, when mounted, could cause a denial of service. Various other issues were also addressed.
8a9cf057269e567e457b41d6710b7b91e84287f5f6e3ab62365a668b68242bbcGentoo Linux Security Advisory 201903-3 - Multiple vulnerabilities have been found in cURL, the worst of which could result in a Denial of Service condition. Versions less than 7.64.0 are affected.
7b295ee612fd47e8561e865b6ce95775caadd490653734d95071b885946efb5aSlackware Security Advisory - New kernel packages are available for Slackware 14.2 to fix security issues.
b00c9750a9d1a5293cf1b00be4962a74b7a8b39c5ae241b16f2e5d2e209b667bUbuntu Security Notice 3821-2 - USN-3821-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service. Various other issues were also addressed.
2b45d9df391d578d2bf6120f0c3781be981c031e4fcd0cab749bd0c70ec71961Ubuntu Security Notice 3821-1 - Wen Xu discovered that the ext4 filesystem implementation in the Linux kernel did not properly ensure that xattr information remained in inode bodies. An attacker could use this to construct a malicious ext4 image that, when mounted, could cause a denial of service. It was discovered that the alarmtimer implementation in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
254ad91732f674016cc8c241e3bd94844f31ec3b8f719729a95810b24cec4ab4Debian Linux Security Advisory 4308-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
a9488a1ec49d402caeb675f06f2c3bfc5c6485d76c3af54ee57d369cf63de403Ubuntu Security Notice 3765-2 - USN-3765-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 12.04 ESM. It was discovered that curl incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code.
4e0f3be81c17eccb811b09f0977fe023a0b78c12dac6aa24244460450774460dUbuntu Security Notice 3765-1 - It was discovered that curl incorrectly handled certain inputs. An attacker could possibly use this to execute arbitrary code.
6e258f8259c823ad99ace2e5dacdc5049329213737fd43379b9c36d75dfc7dd4Slackware Security Advisory - New curl packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues.
14096838d0d04a2c7293306d0348996f3bc0573fc8dac84c87bec5efcb0a8b1bDebian Linux Security Advisory 4286-1 - Zhaoyang Wu discovered that cURL, an URL transfer library, contains a buffer overflow in the NTLM authentication code triggered by passwords that exceed 2GB in length on 32bit systems.
bbcf61aaad1ed97d1ae1784f4ceeac29a2930166d62674c6c527d9a84a30d1dbVulnerabilities were identified in the IBM Flashsystem 840, IBM Flashsystem 900 and IBM Storwize V7000. They include cross site request forgery, arbitrary file read, unauthenticated access, and various other vulnerabilities.
d45e02ddefce4c928adb2f687a315a1468066a84c0e57d8b05416cacbbb35851
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed