what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 30 RSS Feed

Files Date: 2023-02-10 to 2023-02-11

Ubuntu Security Notice USN-5865-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5865-1 - It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20369, CVE-2022-26373, CVE-2022-2663, CVE-2022-29900, CVE-2022-29901, CVE-2022-3646, CVE-2022-3649, CVE-2022-39842, CVE-2022-41849, CVE-2022-41850, CVE-2022-43750
SHA-256 | d470ee0d49375b5701a19573e03e2dabc5173524202dbcc89774cd1d5590bbfe
Ubuntu Security Notice USN-5862-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5862-1 - It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20369, CVE-2022-26373, CVE-2022-2663, CVE-2022-29900, CVE-2022-29901, CVE-2022-3646, CVE-2022-3649, CVE-2022-39842, CVE-2022-41849, CVE-2022-41850, CVE-2022-43750
SHA-256 | 30558a6a34be9f92661ed604b38720c7d76ed2b73de252692dc001bb4777618d
Ubuntu Security Notice USN-5861-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5861-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-20369, CVE-2022-26373, CVE-2022-2663, CVE-2022-29900, CVE-2022-29901, CVE-2022-3643, CVE-2022-3646, CVE-2022-3649, CVE-2022-39842, CVE-2022-41849, CVE-2022-41850, CVE-2022-42896, CVE-2022-43750, CVE-2022-43945
SHA-256 | d2fb9a59a66f131a423fca0f0ab291edb8792fba719dc2691f62ec8cdeb36057
Ubuntu Security Notice USN-5860-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5860-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-3543, CVE-2022-3619, CVE-2022-3623, CVE-2022-3628, CVE-2022-3640, CVE-2022-3643, CVE-2022-41849, CVE-2022-41850, CVE-2022-42895, CVE-2022-42896, CVE-2022-4378, CVE-2022-45934, CVE-2022-47940, CVE-2023-0590
SHA-256 | ddfdd9987ae627c84773cb27f52fc662daaa72f400184df374fa400b21d58d13
Ubuntu Security Notice USN-5863-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5863-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-3643, CVE-2022-42896, CVE-2022-43945, CVE-2022-45934
SHA-256 | a6bf566d40808c8a3ee6f31220f77a9b9f80194ceb2190c1da740e6f0679c487
Ubuntu Security Notice USN-5848-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5848-1 - David Leadbeater discovered that less was not properly handling escape sequences when displaying raw control characters. A maliciously formed OSC 8 hyperlink could possibly be used by an attacker to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2022-46663
SHA-256 | 029c82663b352358a88495efb28a33914977507cb3c9027ef6e758d61b28179b
Ubuntu Security Notice USN-5858-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5858-1 - Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-3545, CVE-2022-42895, CVE-2022-45934, CVE-2023-0179
SHA-256 | 5f05eb08ca982c765b038c8ff34ba022dc6c769e12eb23f7f5bc01dc292fe43f
Ubuntu Security Notice USN-5859-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5859-1 - Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Netronome Ethernet driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-3545, CVE-2022-4139, CVE-2022-42895, CVE-2023-0179
SHA-256 | 24736893d69134f8c0d402d5d07ca7f1b3711c3a394ab082784aee41f9879906
Ubuntu Security Notice USN-5857-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5857-1 - Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-0179
SHA-256 | 89a67bf46dac784476ed4ab174bb4d9e5f3b7fd95ac25942c5901af229200b33
Ubuntu Security Notice USN-5856-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5856-1 - Davide Ornaghi discovered that the netfilter subsystem in the Linux kernel did not properly handle VLAN headers in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Hu Jiahui discovered that multiple race conditions existed in the Advanced Linux Sound Architecture framework, leading to use-after-free vulnerabilities. A local attacker could use these to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-1048, CVE-2022-3424, CVE-2023-0179
SHA-256 | dc89f36ec866f1954f306f04eb4cd17b78d6a959eed5b2e2b257b008b8898a0f
Ubuntu Security Notice USN-5855-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5855-1 - It was discovered that ImageMagick incorrectly handled certain PNG images. If a user or automated system were tricked into opening a specially crafted PNG file, an attacker could use this issue to cause ImageMagick to stop responding, resulting in a denial of service, or possibly obtain the contents of arbitrary files by including them into images.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-44267
SHA-256 | 0f07dd88b01c79ab622efd18fa17fde989bb7e3b33fb811a3372d92d22cbf3f4
Red Hat Security Advisory 2023-0713-01
Posted Feb 10, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0713-01 - Red Hat Data Grid is an in-memory, distributed, NoSQL datastore solution. Data Grid 8.4.1 replaces Data Grid 8.4.0 and includes bug fixes and enhancements. Issues addressed include denial of service and deserialization vulnerabilities.

tags | advisory, denial of service, vulnerability
systems | linux, redhat
advisories | CVE-2022-36313, CVE-2022-37603, CVE-2022-41881, CVE-2022-42003, CVE-2022-42004, CVE-2022-45047
SHA-256 | 2acb2904db98d931918c873c17d581f7132a594103bc8c9c8f4f52ecc4578aac
Red Hat Security Advisory 2023-0573-01
Posted Feb 10, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0573-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.9.55. Issues addressed include a code execution vulnerability.

tags | advisory, code execution
systems | linux, redhat
advisories | CVE-2022-29599
SHA-256 | 09a357d5322ba538d4b7c4214c339806cdafe8725bb048dbac2c559012a83b2c
Red Hat Security Advisory 2023-0708-01
Posted Feb 10, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0708-01 - Red Hat OpenShift Serverless Client kn 1.27.0 provides a CLI to interact with Red Hat OpenShift Serverless 1.27.0. The kn CLI is delivered as an RPM package for installation on RHEL platforms, and as binaries for non-Linux platforms.

tags | advisory
systems | linux, redhat
advisories | CVE-2022-27664, CVE-2022-2879, CVE-2022-2880, CVE-2022-41715
SHA-256 | a7f61628f925dce8f7ba29e0a2af7ce40b3edbbe3491dbcaf244b881463e6b4a
GNU Transport Layer Security Library 3.7.9
Posted Feb 10, 2023
Authored by Simon Josefsson, Nikos Mavrogiannopoulos | Site gnu.org

GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.

Changes: Fixed a Bleichenbacher oracle in the TLS RSA key exchange for libgnutls.
tags | protocol, library
advisories | CVE-2023-0361
SHA-256 | aaa03416cdbd54eb155187b359e3ec3ed52ec73df4df35a0edd49429ff64d844
Red Hat Security Advisory 2023-0709-01
Posted Feb 10, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0709-01 - Version 1.27.0 of the OpenShift Serverless Operator is supported on Red Hat OpenShift Container Platform versions 4.8, 4.9, 4.10, 4.11 and 4.12. This release includes security and bug fixes, and enhancements.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-3709, CVE-2021-46848, CVE-2022-1304, CVE-2022-22624, CVE-2022-22628, CVE-2022-22629, CVE-2022-22662, CVE-2022-2509, CVE-2022-26700, CVE-2022-26709, CVE-2022-26710, CVE-2022-26716, CVE-2022-26717, CVE-2022-26719
SHA-256 | d74c2b6b1c62d693d57db76c63de91764880b79a4290536d13c383c06f3ce55d
Red Hat Security Advisory 2023-0634-01
Posted Feb 10, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-0634-01 - Logging Subsystem 5.6.1 - Red Hat OpenShift. Issues addressed include a denial of service vulnerability.

tags | advisory, denial of service
systems | linux, redhat
advisories | CVE-2021-35065, CVE-2021-46848, CVE-2022-35737, CVE-2022-3821, CVE-2022-40303, CVE-2022-40304, CVE-2022-42010, CVE-2022-42011, CVE-2022-42012, CVE-2022-42898, CVE-2022-43680, CVE-2022-44617, CVE-2022-46175, CVE-2022-46285
SHA-256 | 46da8df8c00fedcfa94c9d28bd8cfa0801cbda6294e238eab09ed4d5fe39686d
ChiKoi 1.0 Directory Traversal
Posted Feb 10, 2023
Authored by indoushka

ChiKoi version 1.0 suffers from a directory traversal vulnerability.

tags | exploit, file inclusion
SHA-256 | f6f4c9a329aacc62158437feb049e556fbc94806ccce29cccc65207d028728aa
ChiKoi 1.0 Cross Site Scripting
Posted Feb 10, 2023
Authored by indoushka

ChiKoi version 1.0 suffers from a cross site scripting vulnerability.

tags | exploit, xss
SHA-256 | f67deeb9d12b4a0678f26903a77c5df3f616702c5c3e70e6cd4d8df83f516ee1
Ubuntu Security Notice USN-5853-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5853-1 - It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service or possibly execute arbitrary code. It was discovered that a use-after-free vulnerability existed in the Bluetooth stack in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-3628, CVE-2022-3640, CVE-2022-3649, CVE-2022-41849, CVE-2022-41850, CVE-2022-42895
SHA-256 | 45f5382f94cc91b47ce4278fb2eee1a5e998241a202a5ef49e853ba90703ceed
Ubuntu Security Notice USN-5854-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5854-1 - It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20369, CVE-2022-26373, CVE-2022-2663, CVE-2022-29900, CVE-2022-29901, CVE-2022-3646, CVE-2022-3649, CVE-2022-39842, CVE-2022-41849, CVE-2022-41850, CVE-2022-43750
SHA-256 | 2832ff03fd27cf1a07103d10c1ca9190a19b928b6cb2673fff075eb47255b809
Monitorr 1.7.6 Shell Upload
Posted Feb 10, 2023
Authored by Achuth V P

Monitorr version 1.7.6 remote shell upload proof of concept exploit written in Python.

tags | exploit, remote, shell, proof of concept, python
advisories | CVE-2023-26775
SHA-256 | 01595757eb8db499b07b46be3566c6b8bae226e88e11b02fea9bef8418392389
Ubuntu Security Notice USN-5850-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5850-1 - It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service. It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform bounds checking in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel
systems | linux, ubuntu
advisories | CVE-2022-3619, CVE-2022-3628, CVE-2022-3640, CVE-2022-42895, CVE-2023-0590
SHA-256 | f50a53d05385c1aa8549a065fff2b79b08f0366882912bfe06fc4251df296e41
Ubuntu Security Notice USN-5851-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5851-1 - It was discovered that a memory leak existed in the Unix domain socket implementation of the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service.

tags | advisory, denial of service, kernel, local, memory leak
systems | linux, unix, ubuntu
advisories | CVE-2022-3543, CVE-2022-3619, CVE-2022-3623, CVE-2022-3628, CVE-2022-3640, CVE-2022-41849, CVE-2022-41850, CVE-2022-42895, CVE-2022-47940, CVE-2023-0590
SHA-256 | 92ad50278dde36d5e8ed66f598969f2ef0aa529a9e66290f6e6053efea81d457
Ubuntu Security Notice USN-5852-1
Posted Feb 10, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5852-1 - It was discovered that OpenStack Swift incorrectly handled certain XML files. A remote authenticated user could possibly use this issue to obtain arbitrary file contents containing sensitive information from the server.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-47950
SHA-256 | 89cb800963f3fb763fc105f5af16d04f15f25e67af13c2ecdd9a74da09ca9c50
Page 1 of 2
Back12Next

File Archive:

June 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    0 Files
  • 2
    Jun 2nd
    0 Files
  • 3
    Jun 3rd
    18 Files
  • 4
    Jun 4th
    21 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    57 Files
  • 7
    Jun 7th
    6 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    12 Files
  • 11
    Jun 11th
    27 Files
  • 12
    Jun 12th
    38 Files
  • 13
    Jun 13th
    16 Files
  • 14
    Jun 14th
    14 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close