Ubuntu Security Notice 6871-1 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.
e75c6514be3def7ee16cbaf589851843d91fcd8e70e2336b1bfdafd70dc0a30e
Siemens CP-8000, CP-8021, CP8-022, CP-8031, CP-8050, and SICORE products suffer from buffer overread, privilege escalation, and unsafe storage vulnerabilities.
210325d821a98d66d87a72d0c8a73147b1c6fa89ca3315050b61035edfb74955
Ubuntu Security Notice 6305-3 - USN-6305-2 fixed a vulnerability in PHP. The update caused a regression in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update fix it. It was discovered that PHP incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.
ad22d50a191a26737bb8ed7b11d3a481ebda4793801d086baee4dde89121e4b8
Apple Security Advisory 06-25-2024-1 - AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8 address a spoofing vulnerability.
0432e0cfd91ca3a03d24ccaa0452df46e95955cfe0150107644c220f7a7668a3
Ubuntu Security Notice 6870-1 - It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
8297d860aedfe5f02103d927bdf58b523c23b777b45040d42a1f4b2f76933254
Ubuntu Security Notice 6869-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
0f9f7bb4421bfeafa5b71b445c672e024a4813b8f18b3b03d3e97db9b5cc7f9f
Ubuntu Security Notice 6868-1 - Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
a6a1299457b306656d5716534fbd1974c45ed85e2a890ace0c14b3bf9820c9b3
Ubuntu Security Notice 6867-1 - It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
506db995df2c248bed792eaf0becbeaceea3a3e99f1587120c1d464551b3e8c6
Ubuntu Security Notice 6866-1 - It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on write operations. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service. It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
a65af3943392f41a1f25fbd47f49e95bd580bdcb4dd7f0b1758fd82d6b6b6921
Ubuntu Security Notice 6865-1 - It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on write operations. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service. It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
6364780b1fc74e18429c1df704b6975dccfb0ef136fec0a55ad4192decc3c852
Red Hat Security Advisory 2024-4312-03 - An update for openssh is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.
50bd726e6074eba030143271c28bc2c4b0b8fe98c3b8a838ad0431f3b3235889
Red Hat Security Advisory 2024-4159-03 - Red Hat OpenShift Container Platform release 4.16.1 is now available with updates to packages and images that fix several bugs and add enhancements.
4cd55f516d615b04d579ad13bb1c69f84131a1b5dd1d3ad31d06c70ae2997ce9
Red Hat Security Advisory 2024-4156-03 - Red Hat OpenShift Container Platform release 4.16.1 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a bypass vulnerability.
901d2d335961305bfd2ccefd855d5807c42c386ca1f4d02f67d6dd99f09ce305
Deep Sea Electronics DSE855 is vulnerable to configuration disclosure when direct object reference is made to the Backup.bin file using an HTTP GET request. This will enable an attacker to disclose sensitive information and help her in authentication bypass, privilege escalation, and full system access.
1d64431803bd77f94436581379685f0abf2c49f8bdfd5eec2c904d237a7b2ac3
GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
2e1588aae53cb32d43937f1f4eca28febd9c0c7aa1734fc5dd61a7e81e0ebcdd
Ubuntu Security Notice 6862-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Lukas Bernhard discovered that Firefox did not properly manage memory during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code.
6e34df5ece453b17083ec3b4016fc12bd53c7e6fdf765084d10f90292d57929c
Ubuntu Security Notice 6860-1 - Reynir Bjoernsson discovered that OpenVPN incorrectly handled terminating client connections. A remote authenticated client could possibly use this issue to keep the connection active, bypassing certain security policies. This issue only affected Ubuntu 23.10, and Ubuntu 24.04 LTS. Reynir Bjoernsson discovered that OpenVPN incorrectly handled certain control channel messages with nonprintable characters. A remote attacker could possibly use this issue to cause OpenVPN to consume resources, or fill up log files with garbage, leading to a denial of service.
496f635c86e76b8ea747fc5e465a38dbd3f3acbe79c9c0a00419bd226171a1e9
Red Hat Security Advisory 2024-4278-03 - An update for qemu-kvm is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
024d08d418dce22b0e25ed7909a18a70a464cc3e87c909b87fdea3878e5470d9
Red Hat Security Advisory 2024-4277-03 - An update for qemu-kvm is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
3de73c7232c27157bef2ab744d1a86fe59210ef663fee41be9728be0b5afa3c3
Red Hat Security Advisory 2024-4276-03 - An update for qemu-kvm is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
b9e96195361e7442fc8b860cfe13d2ff3478d5f2e502ca83d29f74aa48170958
Red Hat Security Advisory 2024-4274-03 - An update for openstack-nova is now available for Red Hat OpenStack Platform 17.1.
9d8a9c6ddd29977ebc1887ad88def50f3b812f8269c38a8a0c5601aef87485ac
Red Hat Security Advisory 2024-4273-03 - An update for openstack-cinder, openstack-glance, and openstack-nova is now available for Red Hat OpenStack Platform 16.2.
0e6aeed53eec1997e147d4390dc6a15a84fca7e7cc2f0cb0b6b5cfbf3ac49045
Red Hat Security Advisory 2024-4272-03 - An update for openstack-nova, openstack-glance, and openstack-cinder is now available for Red Hat OpenStack Platform 17.1.
dbb37863cd5b3623f80c24688cbb3f6309c77625f1e2e211b772271f0cea9206
Red Hat Security Advisory 2024-4271-03 - Red Hat AMQ Broker 7.12.1 is now available from the Red Hat Customer Portal. Issues addressed include a denial of service vulnerability.
6341901041ac4438616974c7810176985f007fbfc1eb0276ca679ab5dbe88dd4
Red Hat Security Advisory 2024-4269-03 - Red Hat OpenShift Virtualization release 4.12.12 is now available with updates to packages and images that fix several bugs and add enhancements.
fc814e0f3f28043d60818aec0a721b69312f9585058626b5c3bdbb8a797d435c