what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 9,962 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-7041-2
Posted Oct 2, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7041-2 - USN-7041-1 fixed a vulnerability in CUPS. This update provides the corresponding update for Ubuntu 18.04 LTS. Simone Margaritelli discovered that CUPS incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-47175
SHA-256 | 00bb0d1161c328ea5fca70221a0d2f5a610de947f48d9998a0783ca4b84436f0
Ubuntu Security Notice USN-7003-5
Posted Oct 2, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7003-5 - It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-52803, CVE-2024-36894, CVE-2024-36978, CVE-2024-38619, CVE-2024-39487, CVE-2024-39495, CVE-2024-39502, CVE-2024-39506, CVE-2024-39509, CVE-2024-40902, CVE-2024-40904, CVE-2024-40905, CVE-2024-40934, CVE-2024-40941
SHA-256 | e57d853b0390f83094b938450c8016f8fb2162c14c9c0b034d166c25cbb6646a
Ubuntu Security Notice USN-7048-1
Posted Oct 1, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7048-1 - Suyue Guo discovered that Vim incorrectly handled memory when flushing the typeahead buffer, leading to heap-buffer-overflow. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service, overflow
systems | linux, ubuntu
advisories | CVE-2024-43802
SHA-256 | bcaa966b946ebbac60b29bd722b6caa356f8d815ffea551ffb97ecb1e1d02926
Ubuntu Security Notice USN-7015-3
Posted Oct 1, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7015-3 - USN-7015-1 fixed several vulnerabilities in Python. This update provides the corresponding updates for CVE-2023-27043 for python2.7 in Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS, and for python3.5 in Ubuntu 16.04 LTS. It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. It was discovered that the Python email module incorrectly quoted newlines for email headers. A remote attacker could possibly use this issue to perform header injection. It was discovered that the Python http.cookies module incorrectly handled parsing cookies that contained backslashes for quoted characters. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. It was discovered that the Python zipfile module incorrectly handled certain malformed zip files. A remote attacker could possibly use this issue to cause Python to stop responding, resulting in a denial of service.

tags | advisory, remote, web, denial of service, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2023-27043, CVE-2024-6232, CVE-2024-6923, CVE-2024-7592, CVE-2024-8088
SHA-256 | 0390e83a0739fcfacc6a5629ced929a50e15b96cabb5e32ff94afb187b1335a3
Ubuntu Security Notice USN-7046-1
Posted Oct 1, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7046-1 - It was discovered that Flatpak incorrectly handled certain persisted directories. An attacker could possibly use this issue to read and write files in locations it would not normally have access to. A patch was also needed to Bubblewrap in order to avoid race conditions caused by this fix.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2024-42472
SHA-256 | 01a084264fd2fb9f4288cdb3292854813991efd6cef3d7e5731bff2eba86f5b4
Ubuntu Security Notice USN-7045-1
Posted Sep 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7045-1 - Simone Margaritelli discovered that libppd incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-47175
SHA-256 | bf4f72cb2a0114f2a6d19b477f97c7eb0a712f8749eaa5247abaa3041eece5f7
Ubuntu Security Notice USN-7044-1
Posted Sep 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7044-1 - Simone Margaritelli discovered that libcupsfilters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-47076
SHA-256 | d4563f3697d6676917894763df709e3f207c74657933f144dfdf4c80edeb0d33
Ubuntu Security Notice USN-7043-1
Posted Sep 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7043-1 - Simone Margaritelli discovered that the cups-filters cups-browsed component could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol. Simone Margaritelli discovered that cups-filters incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used.

tags | advisory, remote, arbitrary, local, protocol
systems | linux, ubuntu
advisories | CVE-2024-47076, CVE-2024-47176
SHA-256 | 6be885c667c90d4d917930789e9acf48c114374ee951a31c9a59128bb6d62679
Ubuntu Security Notice USN-7042-1
Posted Sep 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7042-1 - Simone Margaritelli discovered that cups-browsed could be used to create arbitrary printers from outside the local network. In combination with issues in other printing components, a remote attacker could possibly use this issue to connect to a system, created manipulated PPD files, and execute arbitrary code when a printer is used. This update disables support for the legacy CUPS printer discovery protocol.

tags | advisory, remote, arbitrary, local, protocol
systems | linux, ubuntu
advisories | CVE-2024-47176
SHA-256 | 8c8231298308822cc8beedd5cd69958dccdfd1f68c38b57cf1fdd39eb50a1837
Ubuntu Security Notice USN-7041-1
Posted Sep 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7041-1 - Simone Margaritelli discovered that CUPS incorrectly sanitized IPP data when creating PPD files. A remote attacker could possibly use this issue to manipulate PPD files and execute arbitrary code when a printer is used.

tags | advisory, remote, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-47175
SHA-256 | e5ac6f65f7096ae4c156e6a41cc1408139e3a65bfe2e71e56de04bf59b46dc71
Ubuntu Security Notice USN-7040-1
Posted Sep 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7040-1 - It was discovered that ConfigObj contains regex that is susceptible to catastrophic backtracking. An attacker could possibly use this issue to cause a regular expression denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-26112
SHA-256 | b7a9695e1a539b2a2397638ea60e4a3a921efb9955b7cfec0d417487f211931e
Ubuntu Security Notice USN-7039-1
Posted Sep 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7039-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2021-47181, CVE-2022-48791, CVE-2022-48838, CVE-2022-48850, CVE-2022-48851, CVE-2022-48863, CVE-2023-52809, CVE-2024-26677, CVE-2024-26733, CVE-2024-27437, CVE-2024-38570, CVE-2024-42154, CVE-2024-42228
SHA-256 | dfba7d8e80b84fb47dc725d81c166af93f650cff7e694ffb3bd882ed52b39a79
Ubuntu Security Notice USN-7021-3
Posted Sep 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7021-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2024-26677, CVE-2024-39496, CVE-2024-41009, CVE-2024-42160
SHA-256 | 69d8a00cc33c644b5218146c25ae3a8c80c5889b997d63ea9e1c79f9b9d8e330
Ubuntu Security Notice USN-7020-3
Posted Sep 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7020-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2024-41009, CVE-2024-42154, CVE-2024-42224, CVE-2024-42228
SHA-256 | f5bcc60a1714fa022b4b4445bed98eea0eebfc6ffb87470f6e025f80790de5ab
Ubuntu Security Notice USN-7034-2
Posted Sep 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7034-2 - USN-7034-1 updated ca-certificates. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.64 version of the Mozilla certificate authority bundle.

tags | advisory
systems | linux, ubuntu
SHA-256 | 697a9ba977b6fa8a3a1b2fd17bfb44bf55fd6b4c1b7d95ad6392f9ffbed0e2ff
Ubuntu Security Notice USN-7003-4
Posted Sep 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7003-4 - It was discovered that the JFS file system contained an out-of-bounds read vulnerability when printing xattr debug information. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-52803, CVE-2023-52887, CVE-2024-36974, CVE-2024-36978, CVE-2024-37078, CVE-2024-38619, CVE-2024-39469, CVE-2024-39487, CVE-2024-39499, CVE-2024-39502, CVE-2024-39505, CVE-2024-39506, CVE-2024-39509, CVE-2024-40902
SHA-256 | c85181693b4ae184acd8611269c3c7857764f26f86f84d4df3a4650c59c7d69d
Ubuntu Security Notice USN-7037-1
Posted Sep 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7037-1 - It was discovered that OpenJPEG could enter a large loop and continuously print warning messages when given specially crafted input. An attacker could potentially use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-39327
SHA-256 | 81b6eb730c0ee7967ac3037f5a6565c45a7035ff9d03a4513c0353b44a6b4a72
Ubuntu Security Notice USN-7038-1
Posted Sep 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7038-1 - Thomas Stangner discovered a permission vulnerability in the Apache Portable Runtime library. A local attacker could possibly use this issue to read named shared memory segments, potentially exposing sensitive application data.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2023-49582
SHA-256 | 4bc9ae4d066ade2386768445712f54f05bbaee490eb4829d2fe9fdbeacc1200d
Ubuntu Security Notice USN-7036-1
Posted Sep 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7036-1 - It was discovered that Rack was not properly parsing data when processing multipart POST requests. If a user or automated system were tricked into sending a specially crafted multipart POST request to an application using Rack, a remote attacker could possibly use this issue to cause a denial of service. It was discovered that Rack was not properly escaping untrusted data when performing logging operations, which could cause shell escaped sequences to be written to a terminal. If a user or automated system were tricked into sending a specially crafted request to an application using Rack, a remote attacker could possibly use this issue to execute arbitrary code in the machine running the application.

tags | advisory, remote, denial of service, arbitrary, shell
systems | linux, ubuntu
advisories | CVE-2022-30122, CVE-2022-30123, CVE-2022-44572, CVE-2023-27530, CVE-2023-27539, CVE-2024-25126, CVE-2024-26141, CVE-2024-26146
SHA-256 | c4acd1ffc8ca871047fb8a39618d9c0b95465770474d22abee717b0b2de788ad
Ubuntu Security Notice USN-7035-1
Posted Sep 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7035-1 - It was discovered that the AppArmor policy compiler incorrectly generated looser restrictions than expected for rules allowing mount operations. A local attacker could possibly use this to bypass AppArmor restrictions in applications where some mount operations were permitted.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2016-1585
SHA-256 | 18e6675296e9bfadfac2c11a124d64d6e37cdc0a0120690b5b56b0de4b34dee9
Ubuntu Security Notice USN-7034-1
Posted Sep 25, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7034-1 - The ca-certificates package contained outdated CA certificates. This update refreshes the included certificates to those contained in the 2.64 version of the Mozilla certificate authority bundle.

tags | advisory
systems | linux, ubuntu
SHA-256 | 07051ae013dc2a27ea346908afccf5a1bad6728d7ac5c5a8b7c95220ee1faf34
Ubuntu Security Notice USN-7032-1
Posted Sep 25, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7032-1 - It was discovered that Tomcat incorrectly handled HTTP trailer headers. A remote attacker could possibly use this issue to perform HTTP request smuggling.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2023-46589
SHA-256 | 19ad4cab25b37facba8c59f772004773b63724edac1ac9aadf381cd6bd195897
Ubuntu Security Notice USN-7009-2
Posted Sep 25, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7009-2 - Chenyuan Yang discovered that the CEC driver driver in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2022-48772, CVE-2023-52887, CVE-2024-23848, CVE-2024-25741, CVE-2024-31076, CVE-2024-34027, CVE-2024-35247, CVE-2024-36015, CVE-2024-36032, CVE-2024-36489, CVE-2024-36894, CVE-2024-36972, CVE-2024-36974, CVE-2024-37356
SHA-256 | bc022d142c18a55625e63d62b56d8f76cf8e0a79f3f0ed802474777c8cbc4817
Ubuntu Security Notice USN-7033-1
Posted Sep 25, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7033-1 - It was discovered that some Intel Processors did not properly restrict access to the Running Average Power Limit interface. This may allow a local privileged attacker to obtain sensitive information. It was discovered that some Intel Processors did not properly implement finite state machines in hardware logic. This may allow a local privileged attacker to cause a denial of service.

tags | advisory, denial of service, local
systems | linux, ubuntu
advisories | CVE-2024-23984, CVE-2024-24968
SHA-256 | f8ba90a3153c8d619b3a6dea5959ad86e6310426029496d99414b1e5ad0e97b7
Ubuntu Security Notice USN-7031-2
Posted Sep 25, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7031-2 - USN-7031-1 fixedCVE-2024-45614 in Puma for Ubuntu 24.04 LTS. This update fixes theCVE for Ubuntu 22.04 LTS and Ubuntu 20.04 LTS. It was discovered that Puma incorrectly handled parsing certain headers. A remote attacker could possibly use this issue to overwrite header values set by intermediate proxies by providing duplicate headers containing underscore characters.

tags | advisory, remote
systems | linux, ubuntu
advisories | CVE-2024-45614
SHA-256 | 2a95508137a492aa4ffc4ab11704adb45120cf04c6fa0b177a2ef7e6efbb066d
Page 4 of 399
Back23456Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    0 Files
  • 7
    Nov 7th
    0 Files
  • 8
    Nov 8th
    0 Files
  • 9
    Nov 9th
    0 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close