Ubuntu Security Notice 6871-1 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.
e75c6514be3def7ee16cbaf589851843d91fcd8e70e2336b1bfdafd70dc0a30eSiemens CP-8000, CP-8021, CP8-022, CP-8031, CP-8050, and SICORE products suffer from buffer overread, privilege escalation, and unsafe storage vulnerabilities.
210325d821a98d66d87a72d0c8a73147b1c6fa89ca3315050b61035edfb74955Ubuntu Security Notice 6305-3 - USN-6305-2 fixed a vulnerability in PHP. The update caused a regression in Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. This update fix it. It was discovered that PHP incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.
ad22d50a191a26737bb8ed7b11d3a481ebda4793801d086baee4dde89121e4b8Apple Security Advisory 06-25-2024-1 - AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8 address a spoofing vulnerability.
0432e0cfd91ca3a03d24ccaa0452df46e95955cfe0150107644c220f7a7668a3Ubuntu Security Notice 6870-1 - It was discovered that the Intel Data Streaming and Intel Analytics Accelerator drivers in the Linux kernel allowed direct access to the devices for unprivileged users and virtual machines. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
8297d860aedfe5f02103d927bdf58b523c23b777b45040d42a1f4b2f76933254Ubuntu Security Notice 6869-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
0f9f7bb4421bfeafa5b71b445c672e024a4813b8f18b3b03d3e97db9b5cc7f9fUbuntu Security Notice 6868-1 - Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
a6a1299457b306656d5716534fbd1974c45ed85e2a890ace0c14b3bf9820c9b3Ubuntu Security Notice 6867-1 - It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
506db995df2c248bed792eaf0becbeaceea3a3e99f1587120c1d464551b3e8c6Ubuntu Security Notice 6866-1 - It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on write operations. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service. It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
a65af3943392f41a1f25fbd47f49e95bd580bdcb4dd7f0b1758fd82d6b6b6921Ubuntu Security Notice 6865-1 - It was discovered that the ext4 file system implementation in the Linux kernel did not properly validate data state on write operations. An attacker could use this to construct a malicious ext4 file system image that, when mounted, could cause a denial of service. It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
6364780b1fc74e18429c1df704b6975dccfb0ef136fec0a55ad4192decc3c852Red Hat Security Advisory 2024-4312-03 - An update for openssh is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.
50bd726e6074eba030143271c28bc2c4b0b8fe98c3b8a838ad0431f3b3235889Red Hat Security Advisory 2024-4159-03 - Red Hat OpenShift Container Platform release 4.16.1 is now available with updates to packages and images that fix several bugs and add enhancements.
4cd55f516d615b04d579ad13bb1c69f84131a1b5dd1d3ad31d06c70ae2997ce9Red Hat Security Advisory 2024-4156-03 - Red Hat OpenShift Container Platform release 4.16.1 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a bypass vulnerability.
901d2d335961305bfd2ccefd855d5807c42c386ca1f4d02f67d6dd99f09ce305Deep Sea Electronics DSE855 is vulnerable to configuration disclosure when direct object reference is made to the Backup.bin file using an HTTP GET request. This will enable an attacker to disclose sensitive information and help her in authentication bypass, privilege escalation, and full system access.
1d64431803bd77f94436581379685f0abf2c49f8bdfd5eec2c904d237a7b2ac3GnuTLS is a secure communications library implementing the SSL and TLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols, as well as APIs to parse and write X.509, PKCS #12, OpenPGP, and other required structures. It is intended to be portable and efficient with a focus on security and interoperability.
2e1588aae53cb32d43937f1f4eca28febd9c0c7aa1734fc5dd61a7e81e0ebcddUbuntu Security Notice 6862-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Lukas Bernhard discovered that Firefox did not properly manage memory during garbage collection. An attacker could potentially exploit this issue to cause a denial of service, or execute arbitrary code.
6e34df5ece453b17083ec3b4016fc12bd53c7e6fdf765084d10f90292d57929cUbuntu Security Notice 6860-1 - Reynir Bjoernsson discovered that OpenVPN incorrectly handled terminating client connections. A remote authenticated client could possibly use this issue to keep the connection active, bypassing certain security policies. This issue only affected Ubuntu 23.10, and Ubuntu 24.04 LTS. Reynir Bjoernsson discovered that OpenVPN incorrectly handled certain control channel messages with nonprintable characters. A remote attacker could possibly use this issue to cause OpenVPN to consume resources, or fill up log files with garbage, leading to a denial of service.
496f635c86e76b8ea747fc5e465a38dbd3f3acbe79c9c0a00419bd226171a1e9Red Hat Security Advisory 2024-4278-03 - An update for qemu-kvm is now available for Red Hat Enterprise Linux 9.4 Extended Update Support.
024d08d418dce22b0e25ed7909a18a70a464cc3e87c909b87fdea3878e5470d9Red Hat Security Advisory 2024-4277-03 - An update for qemu-kvm is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
3de73c7232c27157bef2ab744d1a86fe59210ef663fee41be9728be0b5afa3c3Red Hat Security Advisory 2024-4276-03 - An update for qemu-kvm is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.
b9e96195361e7442fc8b860cfe13d2ff3478d5f2e502ca83d29f74aa48170958Red Hat Security Advisory 2024-4274-03 - An update for openstack-nova is now available for Red Hat OpenStack Platform 17.1.
9d8a9c6ddd29977ebc1887ad88def50f3b812f8269c38a8a0c5601aef87485acRed Hat Security Advisory 2024-4273-03 - An update for openstack-cinder, openstack-glance, and openstack-nova is now available for Red Hat OpenStack Platform 16.2.
0e6aeed53eec1997e147d4390dc6a15a84fca7e7cc2f0cb0b6b5cfbf3ac49045Red Hat Security Advisory 2024-4272-03 - An update for openstack-nova, openstack-glance, and openstack-cinder is now available for Red Hat OpenStack Platform 17.1.
dbb37863cd5b3623f80c24688cbb3f6309c77625f1e2e211b772271f0cea9206Red Hat Security Advisory 2024-4271-03 - Red Hat AMQ Broker 7.12.1 is now available from the Red Hat Customer Portal. Issues addressed include a denial of service vulnerability.
6341901041ac4438616974c7810176985f007fbfc1eb0276ca679ab5dbe88dd4Red Hat Security Advisory 2024-4269-03 - Red Hat OpenShift Virtualization release 4.12.12 is now available with updates to packages and images that fix several bugs and add enhancements.
fc814e0f3f28043d60818aec0a721b69312f9585058626b5c3bdbb8a797d435c
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed