exploit the possibilities
Showing 1 - 25 of 7,413 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-5073-2
Posted Sep 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5073-2 - Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2021-34693, CVE-2021-3612, CVE-2021-3653, CVE-2021-3656, CVE-2021-38160
MD5 | c3297d493181bb59c2baaa6fb729067b
Ubuntu Security Notice USN-5083-1
Posted Sep 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5083-1 - It was discovered that Python incorrectly handled certain RFCs. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM. It was discovered that Python incorrectly handled certain server responses. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, python
systems | linux, ubuntu
advisories | CVE-2021-3733, CVE-2021-3737
MD5 | 233fdbc97ed81e36ee68a0797ee978f1
Ubuntu Security Notice USN-5081-1
Posted Sep 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5081-1 - It was discovered that Qt incorrectly handled certain XBM image files. If a user or automated system were tricked into opening a specially crafted PPM file, a remote attacker could cause Qt to crash, resulting in a denial of service. It was discovered that Qt incorrectly handled certain graphics operations. If a user or automated system were tricked into performing certain graphics operations, a remote attacker could cause Qt to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2020-17507, CVE-2021-38593
MD5 | 381dbcda1045691e3b44c5b7ccf396b0
Ubuntu Security Notice USN-5071-2
Posted Sep 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5071-2 - USN-5071-1 fixed vulnerabilities in the Linux kernel for Ubuntu 20.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 20.04 LTS for Ubuntu 18.04 LTS. Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2020-36311, CVE-2021-22543, CVE-2021-3612, CVE-2021-3653, CVE-2021-3656
MD5 | cf12af9abbb4d82883beda62aa53329a
Ubuntu Security Notice USN-5082-1
Posted Sep 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5082-1 - Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2021-3609, CVE-2021-3653, CVE-2021-3656
MD5 | 7d50225e29094ecb862c6223c5b6d1d2
Ubuntu Security Notice USN-5080-2
Posted Sep 17, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5080-2 - USN-5080-1 fixed several vulnerabilities in Libgcrypt. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An attacker could possibly use this issue to recover sensitive information.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-33560
MD5 | 260071d69f58b4f7ae80a17219122f52
Ubuntu Security Notice USN-5080-1
Posted Sep 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5080-1 - It was discovered that Libgcrypt incorrectly handled ElGamal encryption. An attacker could possibly use this issue to recover sensitive information.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2021-33560
MD5 | 8ba3b45688985f61948d6439afa102b3
Ubuntu Security Notice USN-5078-2
Posted Sep 16, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5078-2 - USN-5078-1 fixed several vulnerabilities in Squashfs-Tools. This update provides the corresponding update for Ubuntu 16.04 ESM. Etienne Stalmans discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem. Various other issues were also addressed.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-40153, CVE-2021-41072
MD5 | a588bff99e1ad294d4c0a837675bd039
Ubuntu Security Notice USN-5079-2
Posted Sep 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5079-2 - USN-5079-1 fixed several vulnerabilities in curl. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl would continue without TLS even when the option to require a successful upgrade to TLS was specified. Patrick Monnerat discovered that curl incorrectly handled responses received before STARTTLS. A remote attacker could possibly use this issue to inject responses and intercept communications. Various other issues were also addressed.

tags | advisory, remote, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-22946, CVE-2021-22947
MD5 | 8dc34c18f171dde2c9ffa8935bcbe7c4
Ubuntu Security Notice USN-5079-1
Posted Sep 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5079-1 - It was discovered that curl incorrect handled memory when sending data to an MQTT server. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. Patrick Monnerat discovered that curl incorrectly handled upgrades to TLS. When receiving certain responses from servers, curl would continue without TLS even when the option to require a successful upgrade to TLS was specified. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-22945, CVE-2021-22946, CVE-2021-22947
MD5 | 86a50e5b74b582a69ac5dae745acba84
Ubuntu Security Notice USN-5078-1
Posted Sep 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5078-1 - Richard Weinberger discovered that Squashfs-Tools mishandled certain malformed SQUASHFS files. An attacker could use this vulnerability to write arbitrary files to the filesystem.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-41072
MD5 | 2233bb5f32da527afee0b0e4fa9525ad
Ubuntu Security Notice USN-5077-2
Posted Sep 15, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5077-2 - USN-5077-1 fixed several vulnerabilities in Apport. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Maik M

tags | advisory, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-3709
MD5 | 9b7c13e0f8c97336957240f068c12cdd
Ubuntu Security Notice USN-5077-1
Posted Sep 14, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5077-1 - Maik M√ľnch and Stephen Roettger discovered that Apport incorrectly handled certain information gathering operations. A local attacker could use this issue to gain read access to arbitrary files, possibly containing sensitive information.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2021-3709
MD5 | 4e361a457f37e5470649f38e31214110
Ubuntu Security Notice USN-5076-1
Posted Sep 13, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5076-1 - It was discovered that Git allowed newline characters in certain repository paths. An attacker could potentially use this issue to perform cross-protocol requests.

tags | advisory, protocol
systems | linux, ubuntu
advisories | CVE-2021-40330
MD5 | a4378bbff2d364923e4ed80e69a778d3
Ubuntu Security Notice USN-5075-1
Posted Sep 12, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5075-1 - It was discovered that Ghostscript incorrectly handled certain PostScript files. If a user or automated system were tricked into processing a specially crafted file, a remote attacker could possibly use this issue to access arbitrary files, execute arbitrary code, or cause a denial of service.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3781
MD5 | 8212a2bf855aa3d13a0fd58791b087b2
Ubuntu Security Notice USN-5073-1
Posted Sep 11, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5073-1 - Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2021-34693, CVE-2021-3612, CVE-2021-3653, CVE-2021-3656, CVE-2021-38160
MD5 | 350ffd4f04c829b19a2c90b53d06c2e5
Ubuntu Security Notice USN-5074-1
Posted Sep 10, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5074-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass mixed content blocking, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-38491
MD5 | 307ff9b456915ff0c2e87a7ff73a8a35
Ubuntu Security Notice USN-5069-2
Posted Sep 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5069-2 - USN-5069-1 fixed a vulnerability in mod-auth-mellon. This update provides the corresponding updates for Ubuntu 21.04. It was discovered that mod-auth-mellon incorrectly filtered certain URLs. A remote attacker could possibly use this issue to perform an open redirect attack. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-3639
MD5 | e835e357a9054ed753d1b48bfc5b9fc7
Ubuntu Security Notice USN-5070-1
Posted Sep 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5070-1 - Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-26541, CVE-2021-22543, CVE-2021-34693, CVE-2021-3612, CVE-2021-3653, CVE-2021-3656, CVE-2021-38198, CVE-2021-38200, CVE-2021-38206, CVE-2021-38207
MD5 | f73e3b6b69f5d871bd66cd0b99c3e764
Ubuntu Security Notice USN-5072-1
Posted Sep 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5072-1 - Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2021-3653, CVE-2021-3656
MD5 | 0350ce26f20ac8312bc7350281de77a6
Ubuntu Security Notice USN-5071-1
Posted Sep 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5071-1 - Maxim Levitsky and Paolo Bonzini discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel allowed a guest VM to disable restrictions on VMLOAD/VMSAVE in a nested guest. An attacker in a guest VM could use this to read or write portions of the host's physical memory. Maxim Levitsky discovered that the KVM hypervisor implementation for AMD processors in the Linux kernel did not properly prevent a guest VM from enabling AVIC in nested guest VMs. An attacker in a guest VM could use this to write to portions of the host's physical memory. Various other issues were also addressed.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2020-36311, CVE-2021-22543, CVE-2021-3612, CVE-2021-3653, CVE-2021-3656
MD5 | af725e19f386bcc26f9eaa9c79c05b53
Ubuntu Security Notice USN-5066-2
Posted Sep 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5066-2 - USN-5066-1 fixed a vulnerability in PySAML2. This update provides the corresponding update for Ubuntu 16.04 ESM. Brian Wolff discovered that PySAML2 incorrectly validated cryptographic signatures. A remote attacker could possibly use this issue to alter SAML documents. Various other issues were also addressed.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-21239
MD5 | 6a8d93d3ad8af2cdc53e1268b02f87cf
Ubuntu Security Notice USN-5069-1
Posted Sep 9, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5069-1 - It was discovered that mod-auth-mellon incorrectly filtered certain URLs. A remote attacker could possibly use this issue to perform an open redirect attack.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2021-3639
MD5 | c6d787fc2cafb7abb19a587f0a3398ce
Ubuntu Security Notice USN-5068-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5068-1 - It was discovered that GD Graphics Library incorrectly handled certain GD and GD2 files. An attacker could possibly use this issue to cause a crash or expose sensitive information. This issue only affected Ubuntu 20.04 LTS, Ubuntu 18.04 LTS, Ubuntu 16.04 ESM, and Ubuntu 14.04 ESM. It was discovered that GD Graphics Library incorrectly handled certain TGA files. An attacker could possibly use this issue to cause a denial of service or expose sensitive information. Various other issues were also addressed.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2017-6363, CVE-2021-40145
MD5 | 55cde79fc8fad14bd21ede9844621f85
Ubuntu Security Notice USN-5067-1
Posted Sep 8, 2021
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5067-1 - Jakub Hrozek discovered that SSSD incorrectly handled file permissions. A local attacker could possibly use this issue to read the sudo rules available for any user. This issue only affected Ubuntu 18.04 LTS. It was discovered that SSSD incorrectly handled Group Policy Objects. When SSSD is configured with too strict permissions causing the GPO to not be readable, SSSD will allow all authenticated users to login instead of being denied, contrary to expectations. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2018-10852, CVE-2018-16838, CVE-2019-3811, CVE-2021-3621
MD5 | 1b35eb77b4627b8a0afc682c590e7003
Page 1 of 297
Back12345Next

File Archive:

September 2021

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Sep 1st
    14 Files
  • 2
    Sep 2nd
    19 Files
  • 3
    Sep 3rd
    9 Files
  • 4
    Sep 4th
    1 Files
  • 5
    Sep 5th
    2 Files
  • 6
    Sep 6th
    3 Files
  • 7
    Sep 7th
    12 Files
  • 8
    Sep 8th
    22 Files
  • 9
    Sep 9th
    17 Files
  • 10
    Sep 10th
    19 Files
  • 11
    Sep 11th
    3 Files
  • 12
    Sep 12th
    2 Files
  • 13
    Sep 13th
    15 Files
  • 14
    Sep 14th
    16 Files
  • 15
    Sep 15th
    15 Files
  • 16
    Sep 16th
    7 Files
  • 17
    Sep 17th
    13 Files
  • 18
    Sep 18th
    0 Files
  • 19
    Sep 19th
    0 Files
  • 20
    Sep 20th
    0 Files
  • 21
    Sep 21st
    0 Files
  • 22
    Sep 22nd
    0 Files
  • 23
    Sep 23rd
    0 Files
  • 24
    Sep 24th
    0 Files
  • 25
    Sep 25th
    0 Files
  • 26
    Sep 26th
    0 Files
  • 27
    Sep 27th
    0 Files
  • 28
    Sep 28th
    0 Files
  • 29
    Sep 29th
    0 Files
  • 30
    Sep 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close