Ubuntu Security Notice 5361-1 - It was discovered that the VFIO PCI driver in the Linux kernel did not properly handle attempts to access disabled memory spaces. A local attacker could use this to cause a denial of service. Mathy Vanhoef discovered that the Linux kernel’s WiFi implementation did not properly verify certain fragmented frames. A physically proximate attacker could possibly use this issue to inject or decrypt packets.
c315b3f99c654dc04603839d125f1fe9f0159f30ff823c00d323d0852627c9cfUbuntu Security Notice 4984-1 - Jan Beulich discovered that the Xen netback backend in the Linux kernel did not properly handle certain error conditions under paravirtualization. An attacker in a guest VM could possibly use this to cause a denial of service. It was discovered that the Realtek RTL8188EU Wireless device driver in the Linux kernel did not properly validate ssid lengths in some situations. An attacker could use this to cause a denial of service. Various other issues were also addressed.
47d0f4a3952d8cf4b938ec83f7efd85bdb8431f9f1a68e359b4de49fcf50d2edUbuntu Security Notice 4982-1 - Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service. Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
30a5afa51a330465bbea0807650492fe79f27388cc8ee9ac30d0e02a89f6de63Ubuntu Security Notice 4979-1 - Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel contained a reference counting error. A local attacker could use this to cause a denial of service. Kiyin discovered that the NFC LLCP protocol implementation in the Linux kernel did not properly deallocate memory in certain error situations. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
90a7c669862e49045b1de1c602699d7bb48ce1cffe8fc4484aa9b83a8c441860Ubuntu Security Notice 4948-1 - Ryota Shiga discovered that the eBPF implementation in the Linux kernel did not properly verify that a BPF program only reserved as much memory for a ring buffer as was allocated. A local attacker could use this to cause a denial of service or execute arbitrary code. Manfred Paul discovered that the eBPF implementation in the Linux kernel did not properly track bounds on bitwise operations. A local attacker could use this to cause a denial of service or execute arbitrary code. Various other issues were also addressed.
957eb73e74d19d4c62c7116de0b476cf551491d297e087fb9602eff91b7ee985
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed