what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 26 - 50 of 8,285 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-5828-1
Posted Jan 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5828-1 - It was discovered that Kerberos incorrectly handled certain S4U2Self requests. An attacker could possibly use this issue to cause a denial of service. This issue was only addressed in Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. Greg Hudson discovered that Kerberos PAC implementation incorrectly handled certain parsing operations. A remote attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2018-20217, CVE-2022-42898
SHA-256 | 172f865df6482a98eeb5142645b6b3d004e0fcbb18be188deb32de7ee6994283
Ubuntu Security Notice USN-5827-1
Posted Jan 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5827-1 - Rob Schulhof discovered that Bind incorrectly handled a large number of UPDATE messages. A remote attacker could possibly use this issue to cause Bind to consume resources, resulting in a denial of service. Borja Marcos discovered that Bind incorrectly handled certain RRSIG queries. A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-3094, CVE-2022-3736, CVE-2022-3924
SHA-256 | 4a6c45a34899a51b8553be1c11bf1f2681e171dfab7a353c92f318d006c4067a
Ubuntu Security Notice USN-5826-1
Posted Jan 26, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5826-1 - Joshua Rogers discovered that Privoxy incorrectly handled memory allocation. An attacker could possibly use this issue to cause a denial of service. Artem Ivanov discovered that Privoxy incorrectly handled input validations. An attacker could possibly use this issue to perform cross-site scripting attacks.

tags | advisory, denial of service, xss
systems | linux, ubuntu
advisories | CVE-2021-44540, CVE-2021-44543
SHA-256 | 26dcdfbc6a1704af91932f4ccb7779f56ce61ff6271ade94d4ca02945ed18c5a
Ubuntu Security Notice USN-5825-1
Posted Jan 25, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5825-1 - It was discovered that PAM did not correctly restrict login from an IP address that is not resolvable via DNS. An attacker could possibly use this issue to bypass authentication.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2022-28321
SHA-256 | f13db8e65182ef2c2505daf3f7d5118b02318c3c4f7eef88e5d1a4893e03d2ea
Ubuntu Security Notice USN-5823-2
Posted Jan 25, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5823-2 - USN-5823-1 fixed a vulnerability in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to MySQL 5.7.41.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2023-21840
SHA-256 | ae4d61884d7160c67fe92dd104fa1371e4484d0e71d0fcd7d959ca82681556d7
Ubuntu Security Notice USN-5823-1
Posted Jan 25, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5823-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.32 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.41. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2022-32221, CVE-2023-21867, CVE-2023-21871, CVE-2023-21877, CVE-2023-21881
SHA-256 | b0f3b18c5632a48be6c234086a99abb8c553415fb83f3c6b9cb3966adfb715eb
Ubuntu Security Notice USN-5822-1
Posted Jan 24, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5822-1 - It was discovered that Samba incorrectly handled the bad password count logic. A remote attacker could possibly use this issue to bypass bad passwords lockouts. This issue was only addressed in Ubuntu 22.10. Evgeny Legerov discovered that Samba incorrectly handled buffers in certain GSSAPI routines of Heimdal. A remote attacker could possibly use this issue to cause Samba to crash, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-20251, CVE-2022-3437, CVE-2022-38023, CVE-2022-42898, CVE-2022-45141
SHA-256 | 7e28dc77ffbc9a0bdb6d12d1db8027cea88238b892667a9f4f8b17fd154d8b4f
Ubuntu Security Notice USN-5821-1
Posted Jan 24, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5821-1 - Sebastian Chnelik discovered that wheel incorrectly handled certain file names when validated against a regex expression. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2022-40898
SHA-256 | 2c6733a62e41392a9c0d37ac84e393c4cc856937d815f7c35eb217b8d0dc9764
Ubuntu Security Notice USN-5820-1
Posted Jan 24, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5820-1 - Lorenz Hipp discovered a flaw in exuberant-ctags handling of the tag filename command-line argument. A crafted tag filename specified in the command line or in the configuration file could result in arbitrary command execution.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-4515
SHA-256 | 83fe1f7fd58f639ff5df45480b668fb1d931fe81a5cd949993c0591fb8a70b7e
Ubuntu Security Notice USN-5806-2
Posted Jan 24, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5806-2 - USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.10. Hiroshi Tokumaru discovered that Ruby did not properly handle certain user input for applications which generate HTTP responses using cgi gem. An attacker could possibly use this issue to maliciously modify the response a user would receive from a vulnerable application.

tags | advisory, web, cgi, vulnerability, ruby
systems | linux, ubuntu
advisories | CVE-2021-33621
SHA-256 | 5e9eaa591a250702e16d36f855a65138db55f846075d60d7208d9a3e346086a8
Ubuntu Security Notice USN-5819-1
Posted Jan 24, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5819-1 - It was discovered that HAProxy incorrectly handled certain messages. A remote attacker could possibly use this issue to cause HAProxy to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-0056
SHA-256 | e2bf436b60c508d262ad69a2706052e2eadcc7a75787b15644d15128b332346d
Ubuntu Security Notice USN-5818-1
Posted Jan 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5818-1 - It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary, php
systems | linux, ubuntu
advisories | CVE-2022-31631
SHA-256 | 5e3f991b525cb556d7f98923b6dc146a9a8e1bee769113d7ded701c12dd365aa
Ubuntu Security Notice USN-5817-1
Posted Jan 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5817-1 - Sebastian Chnelik discovered that setuptools incorrectly handled certain regex inputs. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2022-40897
SHA-256 | f82b3d260dca66839e621a2104eb18fd5c047279619e89a3ca320ae5ea48dfaf
Ubuntu Security Notice USN-5816-1
Posted Jan 23, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5816-1 - Niklas Baumstark discovered that a compromised web child process of Firefox could disable web security opening restrictions, leading to a new child process being spawned within the file:// context. An attacker could potentially exploits this to obtain sensitive information. Tom Schuster discovered that Firefox was not performing a validation check on GTK drag data. An attacker could potentially exploits this to obtain sensitive information.

tags | advisory, web
systems | linux, ubuntu
advisories | CVE-2023-23597, CVE-2023-23598, CVE-2023-23599, CVE-2023-23601, CVE-2023-23602, CVE-2023-23603, CVE-2023-23604, CVE-2023-23606
SHA-256 | fc001643a6e5b7c0b2a05ecbee48a78fcb234cb56c2c6ca5347f8ad3e4ce89ab
Ubuntu Security Notice USN-5815-1
Posted Jan 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5815-1 - It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering.

tags | advisory, remote, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-20421, CVE-2022-2663, CVE-2022-3061, CVE-2022-3303, CVE-2022-3586, CVE-2022-3646, CVE-2022-39842, CVE-2022-40307, CVE-2022-4095, CVE-2022-43750
SHA-256 | 7f3d477e507b66b0daafcca7953d74f1ea4a8753942924b204034c093c0c71b0
Ubuntu Security Notice USN-5814-1
Posted Jan 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5814-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-3643, CVE-2022-42896, CVE-2022-4378, CVE-2022-45934
SHA-256 | dbfe665f3a1513799bf58ebfb34bae00253cc650f33bcb40256da98c77f5d57d
Ubuntu Security Notice USN-5813-1
Posted Jan 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5813-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-3643, CVE-2022-42896, CVE-2022-43945, CVE-2022-45934
SHA-256 | c8585d9310f20472858a349154e922f465a23afb78b9d227cd2a5767b334c7ee
Ubuntu Security Notice USN-5810-2
Posted Jan 20, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5810-2 - USN-5810-1 fixed vulnerabilities in Git. This update introduced a regression as it was missing some commit lines. This update fixes the problem. Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-23521, CVE-2022-41903
SHA-256 | b5fab749008935221b1bf0197a160b355dbb3e8f9cdbf378963579f0d01ceb9d
Ubuntu Security Notice USN-5812-1
Posted Jan 19, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5812-1 - It was discovered that urllib3 incorrectly handled certain characters in URLs. A remote attacker could possibly use this issue to cause urllib3 to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2021-33503
SHA-256 | 96678a2b7c716e36fc6c1e5b770de64662a5334ab9bf447b923f25cf5ed77932
Ubuntu Security Notice USN-5811-2
Posted Jan 19, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5811-2 - USN-5811-1 fixed a vulnerability in Sudo. This update provides the corresponding update for Ubuntu 16.04 ESM. Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has permission to use the sudoedit command could possibly use this issue to edit arbitrary files.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2023-22809
SHA-256 | f19b382d858b5863b61a5edd257365608bbeb7c1fc83c6f466832025a74367fa
Ubuntu Security Notice USN-5811-1
Posted Jan 19, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5811-1 - Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly handled user-specified editors when using the sudoedit command. A local attacker that has permission to use the sudoedit command could possibly use this issue to edit arbitrary files. It was discovered that the Protobuf-c library, used by Sudo, incorrectly handled certain arithmetic shifts. An attacker could possibly use this issue to cause Sudo to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS.

tags | advisory, denial of service, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2022-33070, CVE-2023-22809
SHA-256 | 125a5a2bfed966c929abe10855d93636c2099a6516997eefaa81b2d2f0f7af69
Ubuntu Security Notice USN-5810-1
Posted Jan 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5810-1 - Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain gitattributes. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to cause a crash or execute arbitrary code.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-23521, CVE-2022-41903
SHA-256 | 627bebe84775f4cd1e3f5920298365c831d43f9c8472f94776ba92729a11210a
Ubuntu Security Notice USN-5807-1
Posted Jan 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5807-1 - Martin Ettl discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could possibly use this issue to cause libXpm to stop responding, resulting in a denial of service. Marco Ivaldi discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could possibly use this issue to cause libXpm to stop responding, resulting in a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-44617, CVE-2022-46285, CVE-2022-4883
SHA-256 | e1de9f68822448486e9a30c411c9bff69ec6ebfad7e02d2b2d311e75c7cca79f
Ubuntu Security Notice USN-5809-1
Posted Jan 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5809-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary, kernel, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-42896, CVE-2022-4378, CVE-2022-45934
SHA-256 | 9c7806fd2b27e8bf93c0572476e6a6a7bfd1fc39e41c523db32a80f8b535e96e
Ubuntu Security Notice USN-5808-1
Posted Jan 18, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5808-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-3643, CVE-2022-42896, CVE-2022-43945, CVE-2022-45934
SHA-256 | cc4443f00c1b80d3578f83459d2dcc84a73bd15607e61dc8a6a55c30a1f95a47
Page 2 of 332
Back12345Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    2 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close