Ubuntu Security Notice 5018-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code. Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
4c1acb01997501488d94e4f295f9a8b096b13216c5f32c0bc98642127cd2ea8aUbuntu Security Notice 5017-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. Various other issues were also addressed.
2eeefb31a25b77fe7591b7712630bbf4e79e970217c6805c3eafc7c444d44c09Ubuntu Security Notice 5016-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code. Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
df70a721f7fb5de200a155149e97844791763fb3ad0f300b9d557dfe0afc8fd2Ubuntu Security Notice 5015-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code. Michael Brown discovered that the Xen netback driver in the Linux kernel did not properly handle malformed packets from a network PV frontend, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
938c07de4b780e3bfb12805558bfd4d0031ce2064450b55479b032547a6502ecUbuntu Security Notice 5014-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code.
882accf7540cff2ee1cec3ed2d182536a3ac2fe3f2953cfe343075c9a2bbeb1dRed Hat Security Advisory 2021-2727-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
0044402a8af57531c5c661603d2f4345f464d35ba72ffc0fa6257a02e425c795Red Hat Security Advisory 2021-2714-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
23baa67510cfc5c168ec56f506752176e3272153219e21029be09872aa18a07aRed Hat Security Advisory 2021-2721-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups.
b434204d13d7e57c7c834c8075051a3e5bd7194369cfa679d2f7ce2d3662fe1aRed Hat Security Advisory 2021-2724-01 - The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. It provides aggressive parallelism capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, and keeps track of processes using Linux cgroups.
d91867261d30b47df42a330032e8ef1ae59753ce7866bbd5a19f346561012513Red Hat Security Advisory 2021-2723-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel.
8e0a97b52d733962f5debacf494c658744d1438aff922ef0cee4503b8ba71a93Red Hat Security Advisory 2021-2718-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass and use-after-free vulnerabilities.
b5d2a86d6368571ef0d34128c40be52cab5354d30a4e4bbfcba727bd7eef99d6Red Hat Security Advisory 2021-2790-01 - The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot environments. The fwupd packages provide a service that allows session software to update device firmware. Issues addressed include buffer overflow, out of bounds write, and use-after-free vulnerabilities.
be86abea103ec8d84e6360a6a41a211ab4c23cd15a420ca6d9cd3a53deafd4cdRed Hat Security Advisory 2021-2791-01 - The RPM Package Manager is a command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. Issues addressed include a bypass vulnerability.
7bdcd8248de2008bbc533c36de1408b0389f98b8912caba743c77b9600da41feRed Hat Security Advisory 2021-2792-01 - Perl is a high-level programming language that is commonly used for system administration utilities and web programming. Issues addressed include buffer overflow, denial of service, and integer overflow vulnerabilities.
8b46a01477fa390843cfc31845101431a1f72dbeef5d4fb8e12a245d16b27a88Red Hat Security Advisory 2021-2786-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. Issues addressed include an out of bounds read vulnerability.
f268e25fce643231cb735cf3786ad5ec170dd2a9e4254f178dc95bdc8351d210Red Hat Security Advisory 2021-2719-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass and use-after-free vulnerabilities.
e26fe41b898fa5fb54eb09bbc4300aeb69f3300632f9ea6b618e57cc39619d3aRed Hat Security Advisory 2021-2730-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
07b4ce1a7f36788e6e18670bf06262ba67435c493f6f7f38252b8546a9833bdfRed Hat Security Advisory 2021-2722-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.
d669165ceb438c7f3c99197406abf2130aca0151fcb91ce843c23914b8ea9bb8Red Hat Security Advisory 2021-2813-01 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a buffer overflow vulnerability.
6e2f08f13b0c0650452f1425202f7cd20cc874085bbe98b1854221c5da493431Red Hat Security Advisory 2021-2732-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
0ae2089bc9085202733263eabe1826d5a267dff310b38d9b7973e70e4d251579Red Hat Security Advisory 2021-2715-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.
b80631911b84eaaf5a2237e235f9755bd1e8cd1d191b9111a4d7958da9ce28c5Red Hat Security Advisory 2021-2735-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include integer overflow and use-after-free vulnerabilities.
ff1d4a6c47cccdd4122b28caf122e846547d69d96aac7c84018a10628851d1e4Red Hat Security Advisory 2021-2733-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
ca38ab42ac4f33858c1d5edee5152754975974c2c92cbb706d97793270597de5CSZ CMS version 1.2.9 suffers from an arbitrary file deletion vulnerability.
8df23b57005e825721dd10ab97928c0cfd872018d576cb42f57f009138e7dd93News Portal Project version 3.1 suffers from multiple remote time-based SQL injection vulnerabilities.
3f56ebd1b9bbf5e77165fd6880d47dc10e5c4c00a42cb8ff45cb77a53362d347
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed