Ubuntu Security Notice 6733-1 - It was discovered that GnuTLS had a timing side-channel when performing certain ECDSA operations. A remote attacker could possibly use this issue to recover sensitive information. It was discovered that GnuTLS incorrectly handled verifying certain PEM bundles. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.10.
dfebcedb7a860d4a621a8d974617128c42cd5bb110089a91567169351a2f584d
Ubuntu Security Notice 6732-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
de34dd341ebb6d403b4c828166ceeda34879902207f833c29fa8ffd18d7ee2ad
Debian Linux Security Advisory 5659-1 - Bartek Nowotarski discovered that Apache Traffic Server, a reverse and forward proxy server, was susceptible to denial of service via HTTP2 continuation frames.
29c5828b3902a593e3dfd49023a6bfae4f32fe5f978debd03b974b9c0db403e8
Debian Linux Security Advisory 5658-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.
37cefcc8693691a29ddc63f10ee46f6f0724bf622031a4c9c4bfc376d40acaae
Debian Linux Security Advisory 5657-1 - Several vulnerabilities were discovered in the Xorg X server, which may result in privilege escalation if the X server is running privileged or denial of service.
28ab9735e5a87ff285676269d50c238ee979e4049765f3ebddfb327aa4a63eef
Red Hat Security Advisory 2024-1812-03 - Custom Metrics Autoscaler Operator for Red Hat OpenShift including security updates. Issues addressed include denial of service and memory leak vulnerabilities.
b61dccacdb7ea0362167c7c5ba016b286a5a61e0de39f1d9b9408d4c69a810a8
Debian Linux Security Advisory 5656-1 - Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.
36d8ec32098862bd442312fd32c3ee1e040b8baf4b868bc51289c338d235032e
Red Hat Security Advisory 2024-1787-03 - An update for squid is now available for Red Hat Enterprise Linux 7. Issues addressed include buffer over-read, denial of service, and null pointer vulnerabilities.
015523c72701c6b4ebda8d02b7728a2600a97d861a8fdfed0767aa6829228f17
Red Hat Security Advisory 2024-1786-03 - An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
9838d3362a205bf95b6542e2c2caf6d6b03da8436f7ed6e2cd637f0e92a53504
Ubuntu Security Notice 6728-2 - USN-6728-1 fixed vulnerabilities in Squid. The fix for CVE-2023-5824 caused Squid to crash in certain environments on Ubuntu 20.04 LTS. The problematic fix has been reverted pending further investigation. Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Joshua Rogers discovered that Squid incorrectly handled certain structural elements. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Joshua Rogers discovered that Squid incorrectly handled Cache Manager error responses. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service. Joshua Rogers discovered that Squid incorrectly handled the HTTP Chunked decoder. A remote attacker could possibly use this issue to cause Squid to stop responding, resulting in a denial of service. Joshua Rogers discovered that Squid incorrectly handled HTTP header parsing. A remote trusted client can possibly use this issue to cause Squid to crash, resulting in a denial of service.
0856df025bfcd57e31eb05d1faef083bd5b30608db5b6bb659433042ad64ad67
Ubuntu Security Notice 6728-1 - Joshua Rogers discovered that Squid incorrectly handled collapsed forwarding. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Joshua Rogers discovered that Squid incorrectly handled certain structural elements. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service.
c9a980c32c2ef96069eee9285fdd53c5aa4c12d940c776810cbfff41a398c101
Red Hat Security Advisory 2024-1752-03 - An update is now available for Red Hat OpenShift GitOps v1.12.1 for Argo CD CLI and MicroShift GitOps. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include bypass and denial of service vulnerabilities.
de9bcfc1a39b972fb31a92ccaec98138bf8171d246dcc9513c296c444216e4d6
It was discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information (kernel memory). Various other issues were also addressed.
5d360530cd59a1d5483a776654fdfec33b0978f21c0af5d79f7f2f3fb4c9a39c
Ubuntu Security Notice 6701-4 - Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service. It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service.
d108bf63c9f6c68409d72c0c5efb406eb5a7df3eac89dd7759ede250d9eab4a6
Ubuntu Security Notice 6726-1 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service. It was discovered that the IPv6 implementation of the Linux kernel did not properly manage route cache memory usage. A remote attacker could use this to cause a denial of service.
9d8567a66a05e4472fe61be7f8a7bdb51155d4ee0ca5cf5cf863b32e3467a029
Ubuntu Security Notice 6725-1 - Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel did not properly validate certain data structure fields when parsing lease contexts, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause a denial of service or possibly expose sensitive information. Quentin Minster discovered that a race condition existed in the KSMBD implementation in the Linux kernel, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code.
8d6d30178b2854c30f04f5326a65af3d2a2ce39d0ff00d49cba1cfec2df9734b
Ubuntu Security Notice 6724-1 - Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service. It was discovered that the Habana's AI Processors driver in the Linux kernel did not properly initialize certain data structures before passing them to user space. A local attacker could use this to expose sensitive information.
17f21f1c2c15bedbf215674aeeaf3c011302ae40b61d80ae7857e89a3abea752
Ubuntu Security Notice 6723-1 - Elias Heftrig, Haya Schulmann, Niklas Vogel, and Michael Waidner discovered that Bind incorrectly handled validating DNSSEC messages. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service. It was discovered that Bind incorrectly handled preparing an NSEC3 closest encloser proof. A remote attacker could possibly use this issue to cause Bind to consume resources, leading to a denial of service.
6e047bb3283e58c0f8d840f22e9c0053696975f6a4992368ea7aec56ce6a4cc7
Red Hat Security Advisory 2024-1706-03 - An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 is now available. Red Hat Product Security has rated this update as having a security impact of Important. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Issues addressed include denial of service and memory leak vulnerabilities.
16469c2badc4f0cd858661226922435b35e0d3cf48d81c5d93b9800f2f8855f4
Red Hat Security Advisory 2024-1700-03 - An update is now available for Red Hat OpenShift GitOps v1.10.4. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include bypass and denial of service vulnerabilities.
d560bde6cc2d169dc796cdc566c2fd91080752bdc5278385de85157a4ab0cf26
Red Hat Security Advisory 2024-1697-03 - An update is now available for Red Hat OpenShift GitOps v1.11.3. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section. Issues addressed include bypass and denial of service vulnerabilities.
5166d3ef9f8b3b9a5c2bb9c8856f3171de214e9ca1fa5503277a975f821bde79
Red Hat Security Advisory 2024-1691-03 - An update for varnish is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
b730e9975f8aa0dcc58b220fdd9cb714578932b95a2a94d93fed1c1fca538e89
Red Hat Security Advisory 2024-1690-03 - An update for varnish is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
1b7455404c89f46a3de2f63da600692f1745a89d728b55a1abd02f8d463990b1
Red Hat Security Advisory 2024-1689-03 - An update for rh-varnish6-varnish is now available for Red Hat Software Collections. Issues addressed include a denial of service vulnerability.
744bb57884c49db1585fc95caae11a3e82f78a82bfd90ea77f3032f7f3536667
Red Hat Security Advisory 2024-1688-03 - An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass, denial of service, privilege escalation, and traversal vulnerabilities.
8a47da6a410f995e9176b64c70ea20b1b3e25888a506a6431ffb8f734d19e048