Ubuntu Security Notice 5865-1 - It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information.
d470ee0d49375b5701a19573e03e2dabc5173524202dbcc89774cd1d5590bbfe
Ubuntu Security Notice 5862-1 - It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information.
30558a6a34be9f92661ed604b38720c7d76ed2b73de252692dc001bb4777618d
Ubuntu Security Notice 5861-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
d2fb9a59a66f131a423fca0f0ab291edb8792fba719dc2691f62ec8cdeb36057
Ubuntu Security Notice 5860-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
ddfdd9987ae627c84773cb27f52fc662daaa72f400184df374fa400b21d58d13
Ubuntu Security Notice 5863-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
a6bf566d40808c8a3ee6f31220f77a9b9f80194ceb2190c1da740e6f0679c487
Ubuntu Security Notice 5848-1 - David Leadbeater discovered that less was not properly handling escape sequences when displaying raw control characters. A maliciously formed OSC 8 hyperlink could possibly be used by an attacker to cause a denial of service.
029c82663b352358a88495efb28a33914977507cb3c9027ef6e758d61b28179b
Ubuntu Security Notice 5858-1 - Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
5f05eb08ca982c765b038c8ff34ba022dc6c769e12eb23f7f5bc01dc292fe43f
Ubuntu Security Notice 5859-1 - Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
24736893d69134f8c0d402d5d07ca7f1b3711c3a394ab082784aee41f9879906
Ubuntu Security Notice 5857-1 - Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
89a67bf46dac784476ed4ab174bb4d9e5f3b7fd95ac25942c5901af229200b33
Ubuntu Security Notice 5856-1 - Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Hu Jiahui discovered that multiple race conditions existed in the Advanced Linux Sound Architecture framework, leading to use-after-free vulnerabilities. A local attacker could use these to cause a denial of service or possibly execute arbitrary code.
dc89f36ec866f1954f306f04eb4cd17b78d6a959eed5b2e2b257b008b8898a0f
Ubuntu Security Notice 5855-1 - It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the contents of arbitrary files by including them into images.
0f07dd88b01c79ab622efd18fa17fde989bb7e3b33fb811a3372d92d22cbf3f4
Red Hat Security Advisory 2023-0713-01 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. Data Grid 8.4.1 replaces Data Grid 8.4.0 and includes bug fixes and enhancements. Issues addressed include denial of service and deserialization vulnerabilities.
2acb2904db98d931918c873c17d581f7132a594103bc8c9c8f4f52ecc4578aac
Red Hat Security Advisory 2023-0573-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.55. Issues addressed include a code execution vulnerability.
09a357d5322ba538d4b7c4214c339806cdafe8725bb048dbac2c559012a83b2c
Red Hat Security Advisory 2023-0708-01 - Red Hat OpenShift Serverless Client kn 1.27.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.27.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms.
a7f61628f925dce8f7ba29e0a2af7ce40b3edbbe3491dbcaf244b881463e6b4a
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
aaa03416cdbd54eb155187b359e3ec3ed52ec73df4df35a0edd49429ff64d844
Red Hat Security Advisory 2023-0709-01 - Version 1.27.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.8, 4.9, 4.10, 4.11 and 4.12. This release includes security and bug fixes, and enhancements.
d74c2b6b1c62d693d57db76c63de91764880b79a4290536d13c383c06f3ce55d
Red Hat Security Advisory 2023-0634-01 - Logging Subsystem 5.6.1 - Red Hat OpenShift. Issues addressed include a denial of service vulnerability.
46da8df8c00fedcfa94c9d28bd8cfa0801cbda6294e238eab09ed4d5fe39686d
ChiKoi version 1.0 suffers from a directory traversal vulnerability.
f6f4c9a329aacc62158437feb049e556fbc94806ccce29cccc65207d028728aa
ChiKoi version 1.0 suffers from a cross site scripting vulnerability.
f67deeb9d12b4a0678f26903a77c5df3f616702c5c3e70e6cd4d8df83f516ee1
Ubuntu Security Notice 5853-1 - It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service or possibly execute arbitrary code. It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
45f5382f94cc91b47ce4278fb2eee1a5e998241a202a5ef49e853ba90703ceed
Ubuntu Security Notice 5854-1 - It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information.
2832ff03fd27cf1a07103d10c1ca9190a19b928b6cb2673fff075eb47255b809
Monitorr version 1.7.6 remote shell upload proof of concept exploit written in Python.
01595757eb8db499b07b46be3566c6b8bae226e88e11b02fea9bef8418392389
Ubuntu Security Notice 5850-1 - It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service. It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service or possibly execute arbitrary code.
f50a53d05385c1aa8549a065fff2b79b08f0366882912bfe06fc4251df296e41
Ubuntu Security Notice 5851-1 - It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service.
92ad50278dde36d5e8ed66f598969f2ef0aa529a9e66290f6e6053efea81d457
Ubuntu Security Notice 5852-1 - It was discovered that OpenStack Swift incorrectly handled certain XML files. A remote authenticated user could possibly use this issue to obtain arbitrary file contents containing sensitive information from the server.
89cb800963f3fb763fc105f5af16d04f15f25e67af13c2ecdd9a74da09ca9c50