what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 8,287 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-5794-1
Posted Jan 9, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5794-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-3643, CVE-2022-42896, CVE-2022-43945, CVE-2022-45934
SHA-256 | f94cebf0ea6c3ab3da6d1994df82f1a6cfce5dea6344042ba9c85491090964a9
Ubuntu Security Notice USN-5793-1
Posted Jan 9, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5793-1 - It was discovered that the io_uring subsystem in the Linux kernel did not properly perform reference counting in some situations, leading to a use- after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20421, CVE-2022-2663, CVE-2022-3303, CVE-2022-3541, CVE-2022-3543, CVE-2022-3586, CVE-2022-3623, CVE-2022-3646, CVE-2022-3649, CVE-2022-3910, CVE-2022-3977, CVE-2022-40307, CVE-2022-4095, CVE-2022-41849
SHA-256 | 91ba98c3c9637a1d31736093e5bfd37579c41aaa5e5abbbbc4396e2e20bfe7e1
Ubuntu Security Notice USN-5792-1
Posted Jan 9, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5792-1 - Mingwei Zhang discovered that the KVM implementation for AMD processors in the Linux kernel did not properly handle cache coherency with Secure Encrypted Virtualization. A local attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-0171, CVE-2022-20421, CVE-2022-2663, CVE-2022-3061, CVE-2022-3303, CVE-2022-3586, CVE-2022-3646, CVE-2022-3649, CVE-2022-39188, CVE-2022-39842, CVE-2022-40307, CVE-2022-4095, CVE-2022-43750
SHA-256 | 0d471b882265b05e21d7d5364395548bdfdb7aabb60f28ba0290bf97ec7175cb
Ubuntu Security Notice USN-5791-1
Posted Jan 9, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5791-1 - It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering.

tags | advisory, remote, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2022-20421, CVE-2022-2663, CVE-2022-3061, CVE-2022-3303, CVE-2022-3586, CVE-2022-3646, CVE-2022-39842, CVE-2022-40307, CVE-2022-4095, CVE-2022-43750
SHA-256 | c620604793b568d88ed5f96e800d17e391508664ad2fb783107dcfa6afb9a3f2
Ubuntu Security Notice USN-5790-1
Posted Jan 9, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5790-1 - It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information. It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-4159, CVE-2022-20421, CVE-2022-3061, CVE-2022-3586, CVE-2022-39188, CVE-2022-40307, CVE-2022-4095
SHA-256 | 1d9560d5aef2cc859cd9a37a38fc80172a6ac7361f6977f86ca4cee9c00d13a5
Ubuntu Security Notice USN-5788-1
Posted Jan 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5788-1 - Hiroki Kurosawa discovered that curl incorrectly handled HSTS support when certain hostnames included IDN characters. A remote attacker could possibly use this issue to cause curl to use unencrypted connections. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. It was discovered that curl incorrectly handled denials when using HTTP proxies. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-43551, CVE-2022-43552
SHA-256 | 3ef92df63b6493af5d8bf8786dd0e272eec83c93043b706adf9ec6157dddd4d6
Ubuntu Security Notice USN-5789-1
Posted Jan 6, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5789-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-26365, CVE-2022-33743, CVE-2022-3524, CVE-2022-3564, CVE-2022-3566, CVE-2022-3567, CVE-2022-3594, CVE-2022-3621, CVE-2022-42703, CVE-2022-43945
SHA-256 | 5e4425ebefc70941701f4366636f5c56c410100f8702999238e1ca79db767665
Ubuntu Security Notice USN-5782-2
Posted Jan 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5782-2 - USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem.

tags | advisory, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-46871, CVE-2022-46872, CVE-2022-46873, CVE-2022-46874, CVE-2022-46877, CVE-2022-46879
SHA-256 | ebd08b45be21db4ad492c0e60cbca016872e3451b205834a99f7f305ab24904a
Ubuntu Security Notice USN-5787-1
Posted Jan 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5787-1 - It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-47629
SHA-256 | 0e5e030200ca6713e581aa4a294aafe60e1493612474cf24fbd553357caa714b
Ubuntu Security Notice USN-5786-1
Posted Jan 5, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5786-1 - It was discovered that GNOME Files incorrectly handled certain filenames. An attacker could possibly use this issue to cause GNOME Files to crash, leading to a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2022-37290
SHA-256 | c647f1bfbf35bb774abc888b4e8a19e6333e71d605f34d5ea5abde837963ab9f
Ubuntu Security Notice USN-5785-1
Posted Jan 4, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5785-1 - It was discovered that FreeRADIUS incorrectly handled multiple EAP-pwd handshakes. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. Shane Guan discovered that FreeRADIUS incorrectly handled memory when checking unknown SIM option sent by EAP-SIM supplicant. An attacker could possibly use this issue to cause a denial of service on the server. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2019-17185, CVE-2022-41860, CVE-2022-41861
SHA-256 | a7bd71afc6329ccb72ca453d36d94ee8283b47169870a31f511a50416559d346
Ubuntu Security Notice USN-5784-1
Posted Jan 3, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5784-1 - It was discovered that usbredir incorrectly handled memory when serializing large amounts of data in the case of a slow or blocked destination. An attacker could possibly use this issue to cause applications using usbredir to crash, resulting in a denial of service, or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2021-3700
SHA-256 | fd9ca84cec540a3bb0ec35959fdd292910f6e20932d87e2810d41a6d6bcc8550
Ubuntu Security Notice USN-5783-1
Posted Dec 19, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5783-1 - Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, vulnerability
systems | linux, ubuntu
advisories | CVE-2022-42896
SHA-256 | ded75e8ee910faa891b2c78070904a17a49f1586e664163f955990a82dbda6f2
Ubuntu Security Notice USN-5782-1
Posted Dec 15, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5782-1 - It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use this library to perform a reentrancy issue on Firefox. Nika Layzell discovered that Firefox was not performing a check on paste received from cross-processes. An attacker could potentially exploit this to obtain sensitive information. Pete Freitag discovered that Firefox did not implement the unsafe-hashes CSP directive. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject an executable script.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2022-46871, CVE-2022-46872, CVE-2022-46873, CVE-2022-46874, CVE-2022-46877, CVE-2022-46879
SHA-256 | f3ccaa7f348a63270b8c24298833e86d4b488a5b91902bcdcd7c58e1f093d058
Ubuntu Security Notice USN-5781-1
Posted Dec 15, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5781-1 - It was discovered that Emacs did not properly manage certain inputs. An attacker could possibly use this issue to execute arbitrary commands.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-45939
SHA-256 | ab26e0e7b78e192b9d2d10967306241fc4f89130ba0c59623a661edc8af7d422
Ubuntu Security Notice USN-5780-1
Posted Dec 15, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5780-1 - It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that the Bluetooth HCI implementation in the Linux kernel did not properly deallocate memory in some situations. An attacker could possibly use this cause a denial of service.

tags | advisory, denial of service, kernel, local, memory leak
systems | linux, ubuntu
advisories | CVE-2022-3524, CVE-2022-3619, CVE-2022-3628, CVE-2022-42895, CVE-2022-42896
SHA-256 | d3337c47fd67d37b0b8264e04a3c11dfe3161b7482b2c34e5ffa8cab3510d21a
Ubuntu Security Notice USN-5779-1
Posted Dec 15, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5779-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-3524, CVE-2022-3564, CVE-2022-3565, CVE-2022-3566, CVE-2022-3567, CVE-2022-3594, CVE-2022-3621, CVE-2022-42703, CVE-2022-43945
SHA-256 | ba7b8b98872da0e4960538c897fcbdd7ff852f2b1f366779a4fe2713505fd847
Ubuntu Security Notice USN-5778-1
Posted Dec 14, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5778-1 - Jan-Niklas Sohn discovered that X.Org X Server extensions contained multiple security issues. An attacker could possibly use these issues to cause the X Server to crash, execute arbitrary code, or escalate privileges.

tags | advisory, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-4283, CVE-2022-46343
SHA-256 | 45bd8f046a5c3b3fe01224d7f1fc7482e73313a6b94a4afb20ac0a98da235dee
Ubuntu Security Notice USN-5777-1
Posted Dec 14, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5777-1 - It was discovered that Pillow incorrectly handled the deletion of temporary files when using a temporary directory that contains spaces. An attacker could possibly use this issue to delete arbitrary files. This issue only affected Ubuntu 20.04 LTS. It was discovered that Pillow incorrectly handled the decompression of highly compressed GIF data. An attacker could possibly use this issue to cause Pillow to crash, resulting in a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-24303, CVE-2022-45198
SHA-256 | 1fdd4b6f8214292a55f7b3b2b5203bf1289da1e625bfb65db5b140f92230bd32
Ubuntu Security Notice USN-5776-1
Posted Dec 13, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5776-1 - It was discovered that containerd incorrectly handled memory when receiving certain faulty Exec or ExecSync commands. A remote attacker could possibly use this issue to cause a denial of service or crash containerd. It was discovered that containerd incorrectly set up inheritable file capabilities. An attacker could possibly use this issue to escalate privileges inside a container. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2022-23471, CVE-2022-24769, CVE-2022-24778
SHA-256 | a5c37b7f401bff2eeb24eea7d980ad8afb19a337b55dbc18b318e7e8ecd8d937
Ubuntu Security Notice USN-5775-1
Posted Dec 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5775-1 - It was discovered that Vim uses freed memory in recursive substitution of specially crafted patterns. An attacker could possibly use this to crash Vim and cause denial of service. It was discovered that Vim makes illegal memory calls when patterns start with an illegal byte. An attacker could possibly use this to crash Vim, access or modify memory, or execute arbitrary commands. It was discovered that Vim could be made to crash when parsing invalid line numbers. An attacker could possibly use this to crash Vim and cause denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-2345, CVE-2022-2581, CVE-2022-3099, CVE-2022-3256, CVE-2022-3324, CVE-2022-3591
SHA-256 | 86a76a57dca961e715fa59af00dc3256a194ac2f855e321e3ac71a71ca7500f1
Ubuntu Security Notice USN-5774-1
Posted Dec 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5774-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-20422, CVE-2022-2153, CVE-2022-2978, CVE-2022-3028, CVE-2022-3239, CVE-2022-3524, CVE-2022-3564, CVE-2022-3565, CVE-2022-3566, CVE-2022-3567, CVE-2022-3594, CVE-2022-3621, CVE-2022-3635, CVE-2022-36879
SHA-256 | 6e56ac06b223dab70c8cc4ea9d04b28dca6d246125512b3c713e93fc6e047549
Ubuntu Security Notice USN-5773-1
Posted Dec 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5773-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-26365, CVE-2022-33743, CVE-2022-3524, CVE-2022-3564, CVE-2022-3566, CVE-2022-3567, CVE-2022-3594, CVE-2022-3621, CVE-2022-42703, CVE-2022-43945
SHA-256 | c9100bb857d73facffc3ed971e6c37e8c37d3a1f109d8abca983cb6b5da72d80
Ubuntu Security Notice USN-5754-2
Posted Dec 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5754-2 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.

tags | advisory, remote, denial of service, overflow, arbitrary, kernel, local, memory leak
systems | linux, ubuntu
advisories | CVE-2022-3524, CVE-2022-3564, CVE-2022-3565, CVE-2022-3566, CVE-2022-3567, CVE-2022-3594, CVE-2022-3621, CVE-2022-43945
SHA-256 | f9146a5821e53563a635d3b6b5952eaba7b427e6602abe4a5c3b7d1c256b464b
Ubuntu Security Notice USN-5756-3
Posted Dec 12, 2022
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 5756-3 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local, memory leak
systems | linux, ubuntu
advisories | CVE-2022-3524, CVE-2022-3564, CVE-2022-3565, CVE-2022-3566, CVE-2022-3567, CVE-2022-3594, CVE-2022-3621, CVE-2022-42703
SHA-256 | be9aa22724ee89171ce95334acb4d6662e976fcbbe16b5ee394cfbc4d11d2a2f
Page 4 of 332
Back23456Next

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    9 Files
  • 3
    Feb 3rd
    5 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    9 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close