Gentoo Linux Security Advisory 201904-9 - Multiple vulnerabilities have been found in Xen, the worst of which could result in privilege escalation. Versions less than 4.10.3-r2 are affected.
bb20a6ef08ff0872451ca9fe79100fb3Debian Linux Security Advisory 4423-1 - Multiple vulnerabilities were found in the PuTTY SSH client, which could result in denial of service and potentially the execution of arbitrary code. In addition, in some situations random numbers could potentially be re-used.
275bce06f569381caffe03f4077eb7f2Ubuntu Security Notice 3935-1 - Tyler Hicks discovered that BusyBox incorrectly handled symlinks inside tar archives. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could overwrite arbitrary files outside of the current directory. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. Mathias Krause discovered that BusyBox incorrectly handled kernel module loading restrictions. A local attacker could possibly use this issue to bypass intended restrictions. This issue only affected Ubuntu 14.04 LTS. Various other issues were also addressed.
537cbc38c3f21a909d462cda7acf5390Ubuntu Security Notice 3934-1 - It was discovered that PolicyKit incorrectly relied on the fork system call in the Linux kernel being atomic. A local attacker could possibly use this issue to gain access to services that have cached authorizations.
7bcf3c55b5d0c03de851971d584765dcDebian Linux Security Advisory 4422-1 - Several vulnerabilities have been found in the Apache HTTP server.
79f884c8d6e40c65c035fb404d7b9ed4Slackware Security Advisory - New wget packages are available for Slackware 14.2 and -current to fix security issues.
6646522c822af5780adb0ddd54480385Ubuntu Security Notice 3933-2 - USN-3933-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that an information leak vulnerability existed in the Bluetooth implementation of the Linux kernel. An attacker within Bluetooth range could possibly expose sensitive information. Various other issues were also addressed.
b78fefb193ca299bd8798a3f0e9cfc39Ubuntu Security Notice 3933-1 - It was discovered that an information leak vulnerability existed in the Bluetooth implementation of the Linux kernel. An attacker within Bluetooth range could possibly expose sensitive information. It was discovered that the USB serial device driver in the Linux kernel did not properly validate baud rate settings when debugging is enabled. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
c6a1e9ef0ee7cd623c284d5d2c87b9a1Ubuntu Security Notice 3932-2 - USN-3932-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a race condition existed in the f2fs file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
c8aeb128181b7d8ea050f623d95a395eUbuntu Security Notice 3932-1 - It was discovered that a race condition existed in the f2fs file system implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Wen Xu discovered that the f2fs file system implementation in the Linux kernel did not properly validate metadata. An attacker could use this to construct a malicious f2fs image that, when mounted, could cause a denial of service. Various other issues were also addressed.
8a7e323053a3b6c044afbb4d8c0594bbUbuntu Security Notice 3931-2 - USN-3931-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS and for the Linux Azure kernel for Ubuntu 14.04 LTS. M. Vefa Bicakci and Andy Lutomirski discovered that the kernel did not properly set up all arguments to an error handler callback used when running as a paravirtualized guest. An unprivileged attacker in a paravirtualized guest VM could use this to cause a denial of service. Various other issues were also addressed.
9df4a9429f2b343c6821c2ba1bac6165Ubuntu Security Notice 3931-1 - M. Vefa Bicakci and Andy Lutomirski discovered that the kernel did not properly set up all arguments to an error handler callback used when running as a paravirtualized guest. An unprivileged attacker in a paravirtualized guest VM could use this to cause a denial of service. It was discovered that the KVM implementation in the Linux kernel on ARM 64bit processors did not properly handle some ioctls. An attacker with the privilege to create KVM-based virtual machines could use this to cause a denial of service or execute arbitrary code in the host. Various other issues were also addressed.
9f1f75dea510a42aad60524b705fc805Ubuntu Security Notice 3930-2 - USN-3930-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.10. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.10 for Ubuntu 18.04 LTS. Mathias Payer and Hui Peng discovered a use-after-free vulnerability in the Advanced Linux Sound Architecture subsystem. A physically proximate attacker could use this to cause a denial of service. Various other issues were also addressed.
9c768824f53a303a95665d17f07a9caeUbuntu Security Notice 3930-1 - Mathias Payer and Hui Peng discovered a use-after-free vulnerability in the Advanced Linux Sound Architecture subsystem. A physically proximate attacker could use this to cause a denial of service. Shlomi Oberman, Yuli Shapiro, and Ran Menscher discovered an information leak in the Bluetooth implementation of the Linux kernel. An attacker within Bluetooth range could use this to expose sensitive information. Various other issues were also addressed.
44762295a5d4aa774924b5f20c9e3872Slackware Security Advisory - New ghostscript packages are available for Slackware 14.2 and -current to fix security issues.
2b5adab9a573677e4a76e4a4c7f512b5Ubuntu Security Notice 3929-1 - It was discovered that Firebird incorrectly handled certain malformed packets. A remote attacker could possibly use this issue with a specially crafted network packet to cause Firebird to crash, resulting in a denial of service. It was discovered that Firebird incorrectly handled certain UDF libraries. A remote attacker could possibly use this issue to execute arbitrary code. Various other issues were also addressed.
b41996266f4689cc392a2ce45fbb3b56Red Hat Security Advisory 2019-0697-01 - FreeRDP is a free implementation of the Remote Desktop Protocol, released under the Apache license. The xfreerdp client can connect to RDP servers such as Microsoft Windows machines, xrdp, and VirtualBox. Issues addressed include a buffer overflow vulnerability.
ab435ae6bcf13a53967e864439c14546Gentoo Linux Security Advisory 201904-8 - A vulnerability in Subversion could lead to a Denial of Service condition. Versions less than 1.10.4 are affected.
6c8c7f6f4851f81aebb377bff87dcabdGentoo Linux Security Advisory 201904-7 - Multiple vulnerabilities have been found in Mozilla Thunderbird and Firefox, the worst of which could lead to the execution of arbitrary code. Versions less than 60.6.1 are affected.
92ba9e8ee880006ba890f285ed44030dGentoo Linux Security Advisory 201904-6 - Multiple vulnerabilities have been found in GlusterFS, the worst of which could result in the execution of arbitrary code. Versions less than 4.1.8 are affected.
4f7bf045fe625a82e45fe0a5e297deeeGentoo Linux Security Advisory 201904-5 - A vulnerability was discovered in Gentoo's ebuild for BURP which could lead to root privilege escalation. Versions less than 2.1.32-r1 are affected.
a9e833ac3a325a615c7b7ce2873ec7b3Gentoo Linux Security Advisory 201904-4 - Multiple vulnerabilities have been found in Poppler, the worst of which could allow a Denial of Service. Versions less than 0.70.0 are affected.
f5bb9b7bea3fd56304aacf1bbf44026dGentoo Linux Security Advisory 201904-3 - Multiple vulnerabilities have been found in Unbound, the worst of which could lead to privilege escalation. Versions less than 1.8.3 are affected.
7b47ec54a8b69216dcaaba9f5031b4afGentoo Linux Security Advisory 201904-2 - Multiple vulnerabilities have been found in Libical, the worst of which could result in a Denial of Service condition. Versions less than 3.0.0 are affected.
ce3588b4e2578efcd0dfffc0bcb5ac7fGentoo Linux Security Advisory 201904-1 - Multiple vulnerabilities were found in Cairo, the worst of which could cause a Denial of Service condition. Versions less than 1.16.0-r3 are affected.
3086400c020907ee750a5d5599bbb367
© 2019 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed