Ubuntu Security Notice 6567-2 - USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behavior change leading to a regression in certain environments. This update fixes the problem. Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. Various other issues were also addressed.
a54d7bc90f81ef99a51f6873f6c189be32af415ca78c88b11fc2bd3df9e91a3bUbuntu Security Notice 6567-1 - Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. It was discovered that QEMU incorrectly handled the TCG Accelerator. A local attacker could use this issue to cause QEMU to crash, leading to a denial of service, or possibly execute arbitrary code and escalate privileges. This issue only affected Ubuntu 20.04 LTS.
822fd59a00f432568a1ff02767caa245fcfcf6843527f21aad32e7fa00321108Red Hat Security Advisory 2023-3309-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.42. Issues addressed include a denial of service vulnerability.
c91347d4eacd33c674502120cc2317c1f69bb7ba46d738f4b534bc4338ada89bRed Hat Security Advisory 2023-3373-02 - Migration Toolkit for Runtimes 1.1.0 Images. Issues addressed include a denial of service vulnerability.
7678ca0b7bd958e85ffc13d8fdb5d08a983bdc9c706896d0141a71287a108a11Red Hat Security Advisory 2023-3265-01 - Red Hat OpenShift Data Foundation is software-defined storage integrated with and optimized for the Red Hat OpenShift Data Foundation. Red Hat OpenShift Data Foundation is a highly scalable, production-grade persistent storage for stateful applications running in the Red Hat OpenShift Container Platform.
2f4d2ce380c06ad992921a601a6736c8d549adc40181508ee18c6df486235315Red Hat Security Advisory 2023-3189-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.
c1a9f72a1de72bcd2a82bf5398bf81512e57501c0569646cf82d89a6db74ee2eRed Hat Security Advisory 2023-2110-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.16. Issues addressed include a bypass vulnerability.
4e216a91a43a7b8927163cc64253bfb9385719276af01ea8051621c425a5d012There is an integer overflow in Shannon Baseband leading to a heap buffer overflow when reassembling IPv4 fragments. According to the debug strings, this corresponding functionality is implemented in SmdtIp4Rx::ProcessFragments function and its callees.
85296d153a53a5ed603bc0ad519a9d3336041170d6909013ceb81a85f4d1624bRed Hat Security Advisory 2023-2107-01 - The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. Issues addressed include a denial of service vulnerability.
4e5916017cd2c38d0dbb46d07a4b6c5a15d545e4b934c30942abd25556065af8Red Hat Security Advisory 2023-2074-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.
c987e2273cfeb7b3f01bfe51480be0a40eef5149bf32317ed06513d72e898c33Red Hat Security Advisory 2023-2010-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.
e8baa6d1fa100c1b7b62890126bc774072facd36999a2030145b147879359154Red Hat Security Advisory 2023-1958-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.
cf25468b7d0d6a79befd6664846e5201ca4fa0203d6b49fcb609ce2cf1b228f1Red Hat Security Advisory 2023-1931-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.
c4233eaeb9a1498de9a9586f0a8a4355d0bc6f32e52bf4e895b239775a774a4cRed Hat Security Advisory 2023-1930-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.
c0aa2edbf1e7401bb400f276bba1eb6d390fb3077b7a11c1c8072537f43899fcRed Hat Security Advisory 2023-1915-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.
80ae80894103f9e3bb72bd9ba03087e0cc89634f41448a0c25e72fa71230e905Ubuntu Security Notice 6003-1 - Xi Lu discovered that Emacs did not properly handle certain inputs. An attacker could possibly use this issue to execute arbitrary commands.
d45d92b17b409832b17761f7a669011d4084c820876ff88d057705cf23bd412c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed