The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.
a89466d5232583fba0265c011a40644874a0b8cdf8005e0eded48a36f1f8c1c7Chrome suffers from a heap use-after-free condition in blink::PresentationAvailabilityState::UpdateAvailability.
23c003926c5c85cdcdf771092ba8c81c3f494485b3ff22565d8e9b7a04d1d2d5FreeBSD Security Advisory - The e1000 network adapters permit a variety of modifications to an Ethernet packet when it is being transmitted. These include the insertion of IP and TCP checksums, insertion of an Ethernet VLAN header, and TCP segmentation offload ("TSO"). The e1000 device model uses an on-stack buffer to generate the modified packet header when simulating these modifications on transmitted packets. When TCP segmentation offload is requested for a transmitted packet, the e1000 device model used a guest-provided value to determine the size of the on-stack buffer without validation. The subsequent header generation could overflow an incorrectly sized buffer or indirect a pointer composed of stack garbage. A misbehaving bhyve guest could overwrite memory in the bhyve process on the host.
5e5c704f8d1d9d95ef61652110af66385c6af7587e83674bd336e945b3308d47FreeBSD Security Advisory - A function extracting the length from type-length-value encoding is not properly validating the submitted length. A remote user could cause, for example, an out-of-bounds read, decoding of unrelated data, or trigger a crash of the software such as bsnmpd resulting in a denial of service.
f03bcb9feddf2d950ed61f77228c3a12e63a2a09995ac33ae2fea33ab21e623bFreeBSD Security Advisory - The ICMPv6 input path incorrectly handles cases where an MLDv2 listener query packet is internally fragmented across multiple mbufs. A remote attacker may be able to cause an out-of-bounds read or write that may cause the kernel to attempt to access an unmapped page and subsequently panic.
86cd4d5aa66f71d8010f300a18e1ff2919650d4f774ebb9f118b77a491c22e1bFreeBSD Security Advisory - The decompressor used in bzip2 contains a bug which can lead to an out-of-bounds write when processing a specially crafted bzip2(1) file. bzip2recover contains a heap use-after-free bug which can be triggered when processing a specially crafted bzip2(1) file. An attacker who can cause maliciously crafted input to be processed may trigger either of these bugs. The bzip2recover bug may cause a crash, permitting a denial-of-service. The bzip2 decompressor bug could potentially be exploited to execute arbitrary code. Note that some utilities, including the tar(1) archiver and the bspatch(1) binary patching utility (used in portsnap(8) and freebsd-update(8)) decompress bzip2(1)-compressed data internally; system administrators should assume that their systems will at some point decompress bzip2(1)-compressed data even if they never explicitly invoke the bunzip2(1) utility.
c0796921394dbd2b07e095dfc85718db5fd86cd3cd5df94e1e8e5e3f050f2c2cUbuntu Security Notice 4087-1 - It was discovered that Burrows-Wheeler Aligner mishandled certain crafted .alt files. An attacker could use this vulnerability to cause a denial of service or possibly execute arbitrary code.
51aca66af25c08c6c962fc0c761e94b4ba4857e39f1148b2712df4951ad4ca8dUbuntu Security Notice 4086-1 - It was discovered that Mercurial mishandled symlinks in subrepositories. An attacker could use this vulnerability to write arbitrary files to the target's filesystem.
0bf7f43989897b14f7c29947d932dbda752c9e538924a02d82525739ce52458eRed Hat Security Advisory 2019-2053-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include buffer overflow, code execution, denial of service, and null pointer vulnerabilities.
eefda7eb2b6cef18da02e156dd6be995cf60b244b555c2542e43adb2561d2f44Red Hat Security Advisory 2019-2101-01 - The exiv2 packages provide a command line utility which can display and manipulate image metadata such as EXIF, LPTC, and JPEG comments. Issues addressed include denial of service, heap overflow, and null pointer vulnerabilities.
20ff2b4ced357e5a6ec10a28a3e980d79d43fbf130a30444ce9ef217c0a8c851Red Hat Security Advisory 2019-2078-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include an information leakage vulnerability.
c01465c4d0d0cdac17f46a2c48177349271745bf0341c5731b3d68c47b17ebffRed Hat Security Advisory 2019-2281-01 - The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats so that the code can be displayed or printed.
45020627ddd639ec2cbf2e6c935b43ca1927ffd74044e8bba44786fab42701d4Red Hat Security Advisory 2019-2166-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm-ma packages provide the user-space component for running virtual machines that use KVM on the IBM z Systems, IBM Power, and 64-bit ARM architectures. An out-of-bounds access vulnerability was addressed.
cb5867265a79f64f29d0458f586c823ea584682e0a52d28a9002fcd0af3bf41bRed Hat Security Advisory 2019-2130-01 - LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice replaces OpenOffice and provides a similar but enhanced and extended office suite.
8b76774498c4a9e9865f3316d475af0f76f8b41d7751ace00c86ea481fdfc252Red Hat Security Advisory 2019-2308-01 - The libguestfs-winsupport package adds support for Windows guests to libguestfs, a set of tools and libraries allowing users to access and modify virtual machine disk images. Issues addressed include a buffer overflow vulnerability.
d5fda1c68e809856cd0fd875b251798a3d0a792b6c2da8f3315b797d4009f77cRed Hat Security Advisory 2019-2060-01 - The Dynamic Host Configuration Protocol is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to enable and administer DHCP on a network. Issues addressed include a denial of service vulnerability.
0d259abc79bc1bbe751614f1ff393eeb742e0ca44a6b68f577cf8ebf62084c7dRed Hat Security Advisory 2019-2169-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. An insufficient validation vulnerability was addressed.
c28dbc3b015aa1608b45f6e9328f646007a792eac551439eeb42b4362a72a19aRed Hat Security Advisory 2019-2110-01 - The rsyslog packages provide an enhanced, multi-threaded syslog daemon. It supports MySQL, syslog/TCP, RFC 3195, permitted sender lists, filtering on any message part, and fine-grained control over output format. Issues addressed include a buffer overflow vulnerability.
2efeb7249cb42d7593aece29d499cd6c456b47c8612bfa859aa531d3b5b061b9Red Hat Security Advisory 2019-2112-01 - mod_auth_openidc enables an Apache 2.x web server to operate as an OpenID Connect Relying Party and/or OAuth 2.0 Resource Server.
683852f86cc126bdb908641f310b1f735d8dc9931014d0a7e44409a0bf9bf6c2Red Hat Security Advisory 2019-2057-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.
409bac022eaffd94a90b4f48a66f3f3bea150a298bcc127008d955940d234e52Red Hat Security Advisory 2019-2332-01 - AdvanceCOMP is a set of recompression utilities for .PNG, .MNG and .ZIP files. Issues addressed include denial of service and null pointer vulnerabilities.
196e852923fccff2dc9546e8a25dcd11de1770b3174725417fe8ec1e12e8b09eRed Hat Security Advisory 2019-2022-01 - Poppler is a Portable Document Format rendering library, used by applications such as Evince or Okular. Issues addressed include buffer overflow and null pointer vulnerabilities.
f061e04600cb7a44b8779e63c60cb0e6e00ccc4f4e226136e98e81aa1893874bRed Hat Security Advisory 2019-2290-01 - The libsolv packages provide a library for resolving package dependencies using a satisfiability algorithm. Issues addressed include a null pointer vulnerability.
c16e0519287198b30214c8dd47caa5ed386a78eccecff2199486ef0906b7e366Red Hat Security Advisory 2019-2097-01 - The Archive::Tar module provides a mechanism for Perl scripts to manipulate tar archive files. Issues addressed include a traversal vulnerability.
b503047a7be676f8471bbf9a3187ab71674e8aa318ac5d13a41673d9a39256baRed Hat Security Advisory 2019-2043-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, denial of service, information leakage, null pointer, and use-after-free vulnerabilities.
e071d742d6603367cb65da2c4efe950228d4321aa8233e8b9ddce2ca45118e06
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed