exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 9,330 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-6617-1
Posted Jan 31, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6617-1 - It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code. This issue only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that libde265 could be made to write out of bounds. If a user or automated system were tricked into opening a specially crafted file, an attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-21594, CVE-2020-21598, CVE-2020-21599, CVE-2020-21600, CVE-2020-21602, CVE-2020-21603, CVE-2020-21604, CVE-2020-21606
SHA-256 | 9e3e8cbd9c3a3debf8e66f4b40678f8bde1c3f0e39247249c77cb21c1b7d84c0
Ubuntu Security Notice USN-6618-1
Posted Jan 31, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6618-1 - It was discovered that Pillow incorrectly handled certain long text arguments. An attacker could possibly use this issue to cause Pillow to consume resources, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. Duarte Santos discovered that Pillow incorrectly handled the environment parameter to PIL.ImageMath.eval. An attacker could possibly use this issue to execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2023-44271, CVE-2023-50447
SHA-256 | 6448149912590caa887d2ebc19423b952b66138a002ef70624bb7db6564df7f6
Ubuntu Security Notice USN-6587-3
Posted Jan 31, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6587-3 - USN-6587-1 fixed vulnerabilities in X.Org X Server. The fix was incomplete resulting in a possible regression. This update fixes the problem. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the DeviceFocusEvent and ProcXIQueryPointer APIs. An attacker could possibly use this issue to cause the X Server to crash, obtain sensitive information, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled reattaching to a different master device. An attacker could use this issue to cause the X Server to crash, leading to a denial of service, or possibly execute arbitrary code. Olivier Fourdan and Donn Seeley discovered that the X.Org X Server incorrectly labeled GLX PBuffers when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. Olivier Fourdan discovered that the X.Org X Server incorrectly handled the curser code when used with SELinux. An attacker could use this issue to cause the X Server to crash, leading to a denial of service. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the XISendDeviceHierarchyEvent API. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code. Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled devices being disabled. An attacker could possibly use this issue to cause the X Server to crash, or execute arbitrary code.

tags | advisory, denial of service, arbitrary, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-6816, CVE-2024-0229, CVE-2024-0408, CVE-2024-0409, CVE-2024-21885, CVE-2024-21886
SHA-256 | b4b93cec425e2cc7f4d786e873efc8d2eb7ef34f9060a322512d712a2d7cef3d
Ubuntu Security Notice USN-6616-1
Posted Jan 31, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6616-1 - It was discovered that OpenLDAP was not properly performing bounds checks when executing functions related to LDAP URLs. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2023-2953
SHA-256 | 58feec907b4e16ef949d9778289eb726ad1bb84fbd2113fcdc82d8e1f2846cca
Ubuntu Security Notice USN-6615-1
Posted Jan 31, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6615-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.36 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2024-20960, CVE-2024-20964, CVE-2024-20969, CVE-2024-20973, CVE-2024-20978, CVE-2024-20984
SHA-256 | bd770e0968e25cce6026743b39dc98126dd79d99593c23336f6af6d650a7c809
Ubuntu Security Notice USN-6614-1
Posted Jan 30, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6614-1 - It was discovered that amanda did not properly check certain arguments. A local unprivileged attacker could possibly use this issue to perform a privilege escalation attack.

tags | advisory, local
systems | linux, ubuntu
advisories | CVE-2023-30577
SHA-256 | 9b106327afefa541eb88d19eb52149874dc4ff55f761323d7fd9100033444bab
Ubuntu Security Notice USN-6612-1
Posted Jan 30, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6612-1 - It was discovered that TinyXML incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted XML file, a remote attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2023-34194
SHA-256 | babdcc80bf00e41b4e7aa5167cb90fe8dfec3f6236be8066fc247dd2afb8d0de
Ubuntu Security Notice USN-6605-2
Posted Jan 30, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6605-2 - Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-6040, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932
SHA-256 | 3524f7db7b0463e6485d6224f046d239cbfe56762aedd26a06ba65129c0a6080
Ubuntu Security Notice USN-6604-2
Posted Jan 30, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6604-2 - It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1079, CVE-2023-20588, CVE-2023-45863, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932
SHA-256 | 87adb9a0dd630857bb46668b561ed587d03265f1d69126841b1f12420169e7bc
Ubuntu Security Notice USN-6613-1
Posted Jan 30, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6613-1 - Lucas Henry discovered that Ceph incorrectly handled specially crafted POST requests. An unprivileged user could use this to bypass Ceph's authorization checks and upload a file to any bucket.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2023-43040
SHA-256 | dea0ef831400997642252a550e02200a9abf58a74817bc281c5715f96a9a5da3
Ubuntu Security Notice USN-6610-1
Posted Jan 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6610-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Cornel Ionce discovered that Firefox did not properly manage memory when opening the print preview dialog. An attacker could potentially exploit this issue to cause a denial of service.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-0741, CVE-2024-0742, CVE-2024-0743, CVE-2024-0745, CVE-2024-0746, CVE-2024-0748, CVE-2024-0749, CVE-2024-0754, CVE-2024-0755
SHA-256 | 59de047fed13f57d487a09e3a35571ae533675ac173887fe4ec52f395bb8d405
Ubuntu Security Notice USN-6611-1
Posted Jan 29, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6611-1 - It was discovered that Exim incorrectly handled certain requests. A remote attacker could possibly use a published exploitation technique to inject e-mail messages with a spoofed MAIL FROM address, allowing bypass of an SPF protection mechanism.

tags | advisory, remote, spoof
systems | linux, ubuntu
advisories | CVE-2023-51766
SHA-256 | b33d9594531fb5ded7e43cda39e1b8b5720e24099cccb39fd5e09998a9663739
Ubuntu Security Notice USN-6609-1
Posted Jan 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6609-1 - Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-6040, CVE-2023-6606, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932, CVE-2024-0193
SHA-256 | 7817da0f85320897d02f798d322e3d70452b6ca00073b6296b4b4ddb3c2ca762
Ubuntu Security Notice USN-6608-1
Posted Jan 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6608-1 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information. Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-6606, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932, CVE-2024-0193
SHA-256 | 53d012190f358505aba80f3efda1bdc41b32100cecfe3ea36a9fb9da7a26ed55
Ubuntu Security Notice USN-6607-1
Posted Jan 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6607-1 - It was discovered that the SMB network file sharing protocol implementation in the Linux kernel did not properly handle certain error conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2023-5345, CVE-2023-6040, CVE-2023-6606, CVE-2023-6817, CVE-2023-6931, CVE-2023-6932, CVE-2024-0193
SHA-256 | 129bf8e03fcff7ad53aea0dbb1617e402b728e93911e0d73e3c75fb0e9b25fd1
Ubuntu Security Notice USN-6606-1
Posted Jan 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6606-1 - It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-51779, CVE-2023-6606, CVE-2023-6817, CVE-2023-6931, CVE-2024-0193
SHA-256 | 7b9d61bb626e469fa6a211001e9c00d7fdd18aa20f3fbf87c320c90b5853f103
Ubuntu Security Notice USN-6605-1
Posted Jan 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6605-1 - Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-6040, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932
SHA-256 | cdb12864a59aff826d39ce99319286459b3c2cc26a55968cce8994e8c4d8d20d
Ubuntu Security Notice USN-6604-1
Posted Jan 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6604-1 - It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-1079, CVE-2023-20588, CVE-2023-45863, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932
SHA-256 | d17c6353365258970841d80fc94ccc64beed6a1122b15a1bc1be29121160ed39
Ubuntu Security Notice USN-6603-1
Posted Jan 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6603-1 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information. Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-6606, CVE-2023-6931, CVE-2023-6932
SHA-256 | 9fe186eef0aa6e0a6c7c161754052e49f62293ba385d9ccd44897abc7326341d
Ubuntu Security Notice USN-6602-1
Posted Jan 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6602-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-20588, CVE-2023-45863, CVE-2023-6606, CVE-2023-6931, CVE-2023-6932
SHA-256 | e4ea46e063ed7320c58795d9803e3ac6d7fa5f331537b1801175adb5167bb09e
Ubuntu Security Notice USN-6601-1
Posted Jan 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6601-1 - It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, kernel, local, protocol
systems | linux, ubuntu
advisories | CVE-2023-6932
SHA-256 | cca79625b03d2bb1e94883b9d350917c326da4fe2ad588949119d92376aebd76
Ubuntu Security Notice USN-6600-1
Posted Jan 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6600-1 - Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.39 in Ubuntu 20.04 LTS, 10.6.16 in Ubuntu 22.04 LTS and 10.11.6 in Ubuntu 23.10. CVE-2022-47015 only affected the MariaDB packages in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2022-47015
SHA-256 | 16c1095a14d9614f39b8bb44a170521da170553a595595a6e28eea3b61004115
Ubuntu Security Notice USN-6599-1
Posted Jan 26, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6599-1 - Yeting Li discovered that Jinja incorrectly handled certain regex. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that Jinja incorrectly handled certain HTML passed with xmlatter filter. An attacker could inject arbitrary HTML attributes keys and values potentially leading to XSS.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2020-28493, CVE-2024-22195
SHA-256 | c4598e532c545a8d7a06e60082eca74ab86406a361138570c7495e31b23944fd
Ubuntu Security Notice USN-6598-1
Posted Jan 25, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6598-1 - Fabian Bäumer, Marcus Brinkmann, Joerg Schwenk discovered that the SSH protocol was vulnerable to a prefix truncation attack. If a remote attacker was able to intercept SSH communications, extension negotiation messages could be truncated, possibly leading to certain algorithms and features being downgraded. This issue is known as the Terrapin attack. This update adds protocol extensions to mitigate this issue.

tags | advisory, remote, protocol
systems | linux, ubuntu
advisories | CVE-2023-48795
SHA-256 | dd8a1a95b3a16c6fe45623db4f26f252a81bb8e5b368cdbaffd76de031b0e0fd
Ubuntu Security Notice USN-6597-1
Posted Jan 25, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6597-1 - It was discovered that Puma incorrectly handled parsing chunked transfer encoding bodies. A remote attacker could possibly use this issue to cause Puma to consume resources, leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2024-21647
SHA-256 | f722ab69e1eded50b862e921c6aca68c583685cad9f6349ed5f4cf1959a7216c
Page 4 of 374
Back23456Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    0 Files
  • 5
    Mar 5th
    0 Files
  • 6
    Mar 6th
    0 Files
  • 7
    Mar 7th
    0 Files
  • 8
    Mar 8th
    0 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    0 Files
  • 12
    Mar 12th
    0 Files
  • 13
    Mar 13th
    0 Files
  • 14
    Mar 14th
    0 Files
  • 15
    Mar 15th
    0 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    0 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close