Red Hat Security Advisory 2024-1675-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 8. Issues addressed include memory exhaustion and spoofing vulnerabilities.
e9aec56c841ee5780b5d12fc9f1e0d123236bbab4454d1f197a567e33821ae1aRed Hat Security Advisory 2024-1674-03 - An update is now available for Red Hat JBoss Enterprise Application Platform 7.4 for Red Hat Enterprise Linux 7. Issues addressed include memory exhaustion and spoofing vulnerabilities.
3f6d23937d9d13152cb271b30a3885276ea14e2fa58bf7c02682208c95ed59a8Red Hat Security Advisory 2024-1665-03 - Red Hat Advanced Cluster Management for Kubernetes 2.8.6 is now available.
1107e3216401d51825ebcb0cdf2da83cc6f9acd859a5009677096df282296584Red Hat Security Advisory 2024-1567-03 - Red Hat OpenShift Container Platform release 4.14.19 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory leak vulnerability.
05a1cbe893be49827492114fcf2c9a3d278750da5ef71daee534c6bb1a053164Red Hat Security Advisory 2024-1566-03 - Red Hat build of MicroShift release 4.14.19 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a memory leak vulnerability.
62b6b98106e275200c7461bddbe6b22d9fb8e0748120dc9302b6d521809b7da6Debian Linux Security Advisory 5667-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
4b5ad87c90c9f2a81b7b85903e923bd1ef5858810aaf4daa3aa058bfa455c207Debian Linux Security Advisory 5666-1 - Gergo Koteles discovered that sandbox restrictions in Flatpak, an application deployment framework for desktop apps, could by bypassed in combination with xdg-desktop-portal.
d4f8e7d8fdbaa5f16964c5a67372ac10c12ec22b2f4145483f1b0040d1910fd8Debian Linux Security Advisory 5668-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
9f120f241f69e89a87048439ebf297321291e0322dc11b8f0a150b792d26785cDebian Linux Security Advisory 5669-1 - It was discovered that insufficient restriction of unix daemon sockets in the GNU Guix functional package manager could result in sandbox bypass.
b5492ee7913aac805b810eb199120b74b7940e09b5a74900b06cbdd74ddc9d0dUbuntu Security Notice 6743-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
5e5f229563e3c429730da05f62649d804fe5fcc3df71db82f33e6fe0ba5299c1Ubuntu Security Notice 6742-1 - Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
234102586def229a208c315fa397cd1db7c7bc4c31eab695d1718ef42f88ce93Ubuntu Security Notice 6741-1 - Daniele Antonioli discovered that the Secure Simple Pairing and Secure Connections pairing in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials. A physically proximate attacker placed between two Bluetooth devices could use this to subsequently impersonate one of the paired devices. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
c6b3855c5a30ae98458ae3e5b1858440f9d4c3d136432f67ecdd3beeeb05fc11Ubuntu Security Notice 6740-1 - Wei Chen discovered that a race condition existed in the TIPC protocol implementation in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. It was discovered that the virtio network implementation in the Linux kernel did not properly handle file references in the host, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information.
444f68d723cc469e212afdb8cada5cf6504c7f71ead1646805559424b443f87eUbuntu Security Notice 6739-1 - It was discovered that a race condition existed in the instruction emulator of the Linux kernel on Arm 64-bit systems. A local attacker could use this to cause a denial of service. Wei Chen discovered that a race condition existed in the TIPC protocol implementation in the Linux kernel, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.
5f4dadac1f0ffbad1948bc44ea21d9526e86681e856c3a3cb7fb406e90965bf4Debian Linux Security Advisory 5665-1 - Several security vulnerabilities have been discovered in the Tomcat servlet and JSP engine.
f71a2704a09d499ccfe3d1492004ddcb7f2429e9761b62b167df8ac3625763b8Debian Linux Security Advisory 5664-1 - Jetty 9 is a Java based web server and servlet engine. It was discovered that remote attackers may leave many HTTP/2 connections in ESTABLISHED state (not closed), TCP congested and idle. Eventually the server will stop accepting new connections from valid clients which can cause a denial of service.
f811fdb59918d1ff6c0f69e7c41be61c5a9681f083aca6ccdb106ccc1fb89b43Ubuntu Security Notice 6737-1 - Charles Fol discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code.
a2193ea8debdc56e5db177fb9a7501493c0c605992b026d6d4b0041034023456Ubuntu Security Notice 6729-2 - USN-6729-1 fixed several vulnerabilities in Apache. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Orange Tsai discovered that the Apache HTTP Server incorrectly handled validating certain input. A remote attacker could possibly use this issue to perform HTTP request splitting attacks.
48e8f6ab38e454ffe37a65ae74aa96cb5b3942a28276a0cc0f3a974d4716ae83Red Hat Security Advisory 2024-1904-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Issues addressed include a use-after-free vulnerability.
ae4aac2e36e264d0ac979954cc68c2d0ef6012f9dc1cfa22f4b5b5d67359850fRed Hat Security Advisory 2024-1901-03 - OpenShift container images for the Red Hat Service Interconnect 1.5 release.
bf7cf6d6fa915b2733b85e8d1e76d765cad3f8214eae02a05f9c286f01f5edf4Red Hat Security Advisory 2024-1883-03 - An update for shim is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include buffer overflow, bypass, integer overflow, and out of bounds read vulnerabilities.
c1ea6025a858fac3737458660132784a8297331282060c087e38da04b57eae15Red Hat Security Advisory 2024-1882-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.
9e10ada3ddb528acb9ccbcfdd5961551f172a10a3b49d7e80a65876978d4f1f1Red Hat Security Advisory 2024-1881-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include null pointer and use-after-free vulnerabilities.
acea5cb9cd1b6c350fd4c7a2ed9b9beb19ec417f14f50e1f89fe7aea71333885Red Hat Security Advisory 2024-1880-03 - An update for the nodejs:18 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include denial of service and privilege escalation vulnerabilities.
c8fe117dd2af0c7d9a581ef6df81d035e6d25838717225cebb9f207af4fe0fd0Red Hat Security Advisory 2024-1879-03 - An update for gnutls is now available for Red Hat Enterprise Linux 9. Issues addressed include an information leakage vulnerability.
6d8e6f9e5dfba8b13a681f3c306557227f9eeac671925f3dcc514d4eb10f5e2e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed