Ubuntu Security Notice 5519-1 - It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code.
5d14f39f1eb4bd189e0b727ddf12f2568325e99366d052607e964063bdb10d56Ubuntu Security Notice 5520-1 - It was discovered that HTTP-Daemon incorrectly handled certain crafted requests. A remote attacker could possibly use this issue to perform an HTTP Request Smuggling attack.
6f3d73129a49248edc07f514b13fbb9ee342a58e68004488bc38988c7e60db16Ubuntu Security Notice 5518-1 - It was discovered that the eBPF implementation in the Linux kernel did not properly prevent writes to kernel objects in BPF_BTF_LOAD commands. A privileged local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Marvell NFC device driver implementation in the Linux kernel did not properly perform memory cleanup operations in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service or execute arbitrary code.
259c9db2981428d739727acfa13b86afb975c029e4f9b1aa93ac0c95f8c62423Ubuntu Security Notice 5517-1 - It was discovered that the Atheros ath9k wireless device driver in the Linux kernel did not properly handle some error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the virtio RPMSG bus driver in the Linux kernel contained a double-free vulnerability in certain error conditions. A local attacker could possibly use this to cause a denial of service.
33025d8b5da4319de392f98221c9975056f0411aa393c7264c6fa7cafaefa106Ubuntu Security Notice 5516-1 - It was discovered that Vim incorrectly handled memory access. An attacker could potentially use this issue to cause the corruption of sensitive information, a crash, or arbitrary code execution.
2b35eeb66aef7e55d752dd27f31a559819f3baf5fd488d27ad4db3303002c760Ubuntu Security Notice 5515-1 - Eric Biederman discovered that the cgroup process migration implementation in the Linux kernel did not perform permission checks correctly in some situations. A local attacker could possibly use this to gain administrative privileges. Jann Horn discovered that the FUSE file system in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
607828c0173295b7304238c1ba6a68d70125e76fff2677aed7ef8c8395239929Ubuntu Security Notice 5514-1 - It was discovered that the implementation of the 6pack and mkiss protocols in the Linux kernel did not handle detach events properly in some situations, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service. Duoming Zhou discovered that the AX.25 amateur radio protocol implementation in the Linux kernel did not handle detach events properly in some situations. A local attacker could possibly use this to cause a denial of service or execute arbitrary code.
57f18d33e31674ee2b1fda073a26676d20983cc7b5df415b6451b89470142d6eUbuntu Security Notice 5513-1 - Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code. Likang Luo discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
aa2f261521982c7e98a19c7fd5782db12c5ec4499d9b70d7f939a2a3877280a6Ubuntu Security Notice 5473-2 - USN-5473-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 16.04 ESM. The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.50 version of the Mozilla certificate authority bundle.
a352098b4865549fe54f2dfae86cbdd22a3320acea82ed26f8546761899ace8aUbuntu Security Notice 5511-1 - Carlo Marcelo Arenas Belon discovered that an issue related to CVE-2022-24765 still affected Git. An attacker could possibly use this issue to run arbitrary commands as administrator.
2187042902f29974eefb77be62b823733a9b3d98380581f7bb2aa7ceb8e00186WordPress Kaswara Modern WPBakery Page Builder plugin versions 3.0.1 and below suffer from an arbitrary file upload vulnerability.
cda2f52f6b43d9a253406aa83b3d7934624dc39c1c6c8f9a0240d741e6ae5fa3PrestaShop version 1.7.6.7 suffers from a cross site scripting vulnerability via the file upload functionality.
fd8caaa9cec4a7055dd238f60bb28982f0acab62605c410f5808fff8eccaa174
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed