what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 9,316 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-6663-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6663-1 - As a security improvement, this update prevents OpenSSL from returning an error when detecting wrong padding in PKCS#1 v1.5 RSA, to prevent its use in possible Bleichenbacher timing attacks.

tags | advisory
systems | linux, ubuntu
SHA-256 | 70e2a3a25cb4e59a313bc99a88541c5d7f7f7e5852ffa537238da422d39d2f0d
Ubuntu Security Notice USN-6305-2
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6305-2 - USN-6305-1 fixed several vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that PHP incorrectly handled certain XML files. An attacker could possibly use this issue to expose sensitive information.

tags | advisory, php, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-3823, CVE-2023-3824
SHA-256 | caacfeb4e539a353abe770f6325dbffce7919a619b169957ffad81b1917bb00b
Ubuntu Security Notice USN-6662-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6662-1 - Yi Yang discovered that the Hotspot component of OpenJDK 21 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 21 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.

tags | advisory, java, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20945, CVE-2024-20952
SHA-256 | aaa047aaea8cde67a241170dbe81023fa98342d4dfece4d36d5b5774c741bb8a
Ubuntu Security Notice USN-6661-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6661-1 - Yi Yang discovered that the Hotspot component of OpenJDK 17 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 17 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.

tags | advisory, java, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20932, CVE-2024-20945, CVE-2024-20952
SHA-256 | 074c45f3f5391055a9a621cd01f94fecea05dd020da0763a507bf083917efb09
Ubuntu Security Notice USN-6660-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6660-1 - Yi Yang discovered that the Hotspot component of OpenJDK 11 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. It was discovered that the Hotspot component of OpenJDK 11 did not properly verify bytecode in certain situations. An attacker could possibly use this issue to bypass Java sandbox restrictions.

tags | advisory, java, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-20918, CVE-2024-20919, CVE-2024-20921, CVE-2024-20926, CVE-2024-20945, CVE-2024-20952
SHA-256 | aa34f5f90f10131d0c663071adccbab36c202d5d64988d18d500f490c20b7cab
Ubuntu Security Notice USN-6659-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6659-1 - It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that libde265 could be made to read out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-43244, CVE-2022-43245, CVE-2022-43250, CVE-2022-47665, CVE-2023-24755, CVE-2023-24756, CVE-2023-25221
SHA-256 | d962c76a1595f5d14d9bd9c4c43a02311f732979462f52580a68633ddd9b343e
Ubuntu Security Notice USN-6658-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6658-1 - It was discovered that libxml2 incorrectly handled certain XML documents. A remote attacker could possibly use this issue to cause libxml2 to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-25062
SHA-256 | ef37288d1a6aa550f0abd5b82938c289b9e7762e12b39439453f8081d9ac4abd
Ubuntu Security Notice USN-6657-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6657-1 - Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Dnsmasq icorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. It was discovered that Dnsmasq incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-28450, CVE-2023-50387, CVE-2023-50868
SHA-256 | 46f1a09bc8e779b0877ec272386957a7de5ad50e209a3024756ed199c3923006
Ubuntu Security Notice USN-6656-1
Posted Feb 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6656-1 - It was discovered that PostgreSQL incorrectly handled dropping privileges when handling REFRESH MATERIALIZED VIEW CONCURRENTLY commands. If a user or automatic system were tricked into running a specially crafted command, a remote attacker could possibly use this issue to execute arbitrary SQL functions.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-0985
SHA-256 | 6797b8612873d00de8c6c855d9749b296bac7e6a4b0d216f58b119fed0c03bc5
Ubuntu Security Notice USN-6653-1
Posted Feb 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6653-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-51780, CVE-2023-51781, CVE-2023-6915, CVE-2024-0565, CVE-2024-0646
SHA-256 | 7264b1489787bd2aa4f01e0965296f2e2b95a382b4da17e044109efb8286489e
Ubuntu Security Notice USN-6652-1
Posted Feb 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6652-1 - Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service. Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2023-34324, CVE-2023-35827, CVE-2023-46813, CVE-2023-46862, CVE-2023-51780, CVE-2023-51781, CVE-2023-5972, CVE-2023-6176, CVE-2023-6531, CVE-2023-6622, CVE-2023-6915, CVE-2024-0565, CVE-2024-0582, CVE-2024-0641
SHA-256 | 4f6741e6cd2ec7ebe45095a33d68bec179ca45c931ff0896b24a5a24f2017966
Ubuntu Security Notice USN-6651-1
Posted Feb 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6651-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-51780, CVE-2023-51781, CVE-2023-6915, CVE-2024-0565, CVE-2024-0582, CVE-2024-0646
SHA-256 | 50ce129d01fba83dc1f23444d3644122297a10313ae31301b92dca3ee8a5400e
Ubuntu Security Notice USN-6650-1
Posted Feb 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6650-1 - Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-6915
SHA-256 | 3f6fd7285de278b165f5be6af2312c053a9e4c1e747410d3f389b749466cebe9
Ubuntu Security Notice USN-6655-1
Posted Feb 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6655-1 - It was discovered that GNU binutils was not properly handling the logic behind certain memory management related operations, which could lead to an invalid memory access. An attacker could possibly use this issue to cause a denial of service. It was discovered that GNU binutils was not properly performing bounds checks when dealing with memory allocation operations, which could lead to excessive memory consumption. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2022-47695, CVE-2022-48063, CVE-2022-48065
SHA-256 | 396cf437b25e5fb094de4260df060587d374c3a0672e376e0ad2c3f2a679ccc0
Ubuntu Security Notice USN-6654-1
Posted Feb 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6654-1 - It was discovered that Roundcube Webmail incorrectly sanitized characters in the linkrefs text messages. An attacker could possibly use this issue to execute a cross-site scripting attack.

tags | advisory, xss
systems | linux, ubuntu
advisories | CVE-2023-43770
SHA-256 | 460026cc73cc6675127f73b71d11e0359570d321c9e013f075f7ee551cfcf679
Ubuntu Security Notice USN-6649-1
Posted Feb 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6649-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Alfred Peters discovered that Firefox did not properly manage memory when storing and re-accessing data on a networking channel. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-1546, CVE-2024-1548, CVE-2024-1549, CVE-2024-1550, CVE-2024-1551, CVE-2024-1552, CVE-2024-1554, CVE-2024-1555, CVE-2024-1556, CVE-2024-1557
SHA-256 | 915d1dd9c871ef5fa18727920f32a507f24302608c703c4e810bc2c237c6b315
Ubuntu Security Notice USN-6648-1
Posted Feb 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6648-1 - It was discovered that a race condition existed in the AppleTalk networking subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Zhenghan Wang discovered that the generic ID allocator implementation in the Linux kernel did not properly check for null bitmap when releasing IDs. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-51781, CVE-2023-6915, CVE-2024-0565, CVE-2024-0646
SHA-256 | 74220a0b0c8b546e1843028c546fb7b9f332ab5279db8baa8ddaf07d3915746e
Ubuntu Security Notice USN-6647-1
Posted Feb 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6647-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2023-51780, CVE-2023-51782, CVE-2023-7192
SHA-256 | dc6419bae3374862f7e099238c6f62915d628b60e52c658d5d47d2442058067e
Ubuntu Security Notice USN-6646-1
Posted Feb 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6646-1 - It was discovered that a race condition existed in the ATM subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the Rose X.25 protocol implementation in the Linux kernel, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2023-51780, CVE-2023-51782, CVE-2023-7192
SHA-256 | 263643db87a6432edb065900eea41c3a1d8ae0e9c08508a673c02ef018cf394a
Ubuntu Security Notice USN-6584-2
Posted Feb 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6584-2 - USN-6584-1 fixed several vulnerabilities in Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. This update provides the corresponding updates for CVE-2021-33912 andCVE-2021-33913 in Ubuntu 16.04 LTS. Philipp Jeitner and Haya Shulman discovered that Libspf2 incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2021-20314, CVE-2021-33912
SHA-256 | c72593cd020b70c074deb6be89fd467cc478f83334792bd3c97e0f5753dae9cd
Ubuntu Security Notice USN-6645-1
Posted Feb 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6645-1 - It was discovered that the netfilter connection tracker for netlink in the Linux kernel did not properly perform reference counting in some error conditions. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-7192
SHA-256 | c31a439fa6efc6f45ddf70895ddbcdb15a0d2f1e6ccdfe2e0e752da89b5c1bb2
Ubuntu Security Notice USN-6644-1
Posted Feb 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6644-1 - It was discovered that LibTIFF incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause the application to crash, resulting in a denial of service. It was discovered that LibTIFF incorrectly handled certain image files with the tiffcp utility. If a user were tricked into opening a specially crafted image file, an attacker could possibly use this issue to cause tiffcp to crash, resulting in a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-52356, CVE-2023-6228, CVE-2023-6277
SHA-256 | ef3f4db4f26363a7b6f29905c846ae44e713361a0326d73013b608026cee7283
Ubuntu Security Notice USN-6643-1
Posted Feb 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6643-1 - Emre Durmaz discovered that NPM IP package incorrectly distinguished between private and public IP addresses. A remote attacker could possibly use this issue to perform Server-Side Request Forgery attacks.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2023-42282
SHA-256 | c16ecfe30134498bd139552611380f432fae442982648114d6b239d58d36cbcb
Ubuntu Security Notice USN-6625-3
Posted Feb 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6625-3 - Marek Marczykowski-Górecki discovered that the Xen event channel infrastructure implementation in the Linux kernel contained a race condition. An attacker in a guest VM could possibly use this to cause a denial of service. Zheng Wang discovered a use-after-free in the Renesas Ethernet AVB driver in the Linux kernel during device removal. A privileged attacker could use this to cause a denial of service.

tags | advisory, denial of service, kernel
systems | linux, ubuntu
advisories | CVE-2023-34324, CVE-2023-35827, CVE-2023-45863, CVE-2023-46343
SHA-256 | 52bdeffe5f0a9bcabf5888bdf230cc21b6b378f00b6361fdcb2347a717f725ef
Ubuntu Security Notice USN-6642-1
Posted Feb 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6642-1 - Shoham Danino, Anat Bremler-Barr, Yehuda Afek, and Yuval Shavitt discovered that Bind incorrectly handled parsing large DNS messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-4408, CVE-2023-50387, CVE-2023-50868, CVE-2023-5517, CVE-2023-6516
SHA-256 | 59690fe75ddf72adb23e500a05f4e810c75b29c755af18781f7010d4def3deac
Page 1 of 373
Back12345Next

File Archive:

February 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    16 Files
  • 2
    Feb 2nd
    19 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    24 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    10 Files
  • 8
    Feb 8th
    25 Files
  • 9
    Feb 9th
    37 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    17 Files
  • 13
    Feb 13th
    20 Files
  • 14
    Feb 14th
    25 Files
  • 15
    Feb 15th
    15 Files
  • 16
    Feb 16th
    6 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    35 Files
  • 20
    Feb 20th
    25 Files
  • 21
    Feb 21st
    18 Files
  • 22
    Feb 22nd
    15 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    10 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    37 Files
  • 27
    Feb 27th
    34 Files
  • 28
    Feb 28th
    0 Files
  • 29
    Feb 29th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close