Red Hat Security Advisory 2023-7467-01 - An update for samba is now available for Red Hat Enterprise Linux 8. Issues addressed include a denial of service vulnerability.
5e70af2312295b1b0ca486b20e09ebe94e6f89064e7c4c3770f0bdec3ad9fadfRed Hat Security Advisory 2023-7465-01 - An update for squid is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.
5dd80d3d5e680c6c94d1c016ee7bf8a14fcaa027b6e8ce0b89ed589131891e96Red Hat Security Advisory 2023-7464-01 - An update for samba is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.
a0770b85c2510927a2e9af35426ec77edecaa48a7db9d7a3236b379c6521feb2Ubuntu Security Notice 6506-1 - David Shoon discovered that the Apache HTTP Server mod_macro module incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause the server to crash, resulting in a denial of service. Prof. Sven Dietrich, Isa Jafarov, Prof. Heejo Lee, and Choongin Lee discovered that the Apache HTTP Server incorrectly handled certain HTTP/2 connections. A remote attacker could possibly use this issue to cause the server to consume resources, leading to a denial of service. This issue only affected Ubuntu 23.04, and Ubuntu 23.10.
8a919d1a4d307c69872670d645ac6969f558a3c26282d75583807e9eb42825c5Ubuntu Security Notice 6505-1 - It was discovered that nghttp2 incorrectly handled request cancellation. A remote attacker could possibly use this issue to cause nghttp2 to consume resources, leading to a denial of service.
03d107d2cf8ab399de40a112a24a0819d324fa4dda506f874f6f670d8e52d1fcUbuntu Security Notice 6503-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.
f49422348439f73d6b38b42749f79884cebe5eadebb4f303ea755ef60d55b31dUbuntu Security Notice 6502-1 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.
8b281c71f5499aa0d9babf8be280fa9bfb686118750a8a2f47909b213297ce1dUbuntu Security Notice 6501-1 - It was discovered that RabbitMQ incorrectly handled certain HTTP requests. An attacker could possibly use this issue to cause a denial of service.
2d3249c3745b8f65d72b1d274eb24d24152b2af6f363f93db9cc96d2f62e1dcbUbuntu Security Notice 6497-1 - Maxim Levitsky discovered that the KVM nested virtualization implementation for AMD processors in the Linux kernel did not properly handle x2AVIC MSRs. An attacker in a guest VM could use this to cause a denial of service. Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code.
1cc01b285543877683c581f44bf9007094b8fb6f7d0a6dae46f3076858904e22Ubuntu Security Notice 6496-1 - Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for zero-length STAG or MR registration. A remote attacker could possibly use this to execute arbitrary code. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.
fdc60d8e003a09f361ff5ac07a415ab8ebfa403348d5e5c0f06215ad1ca095ceUbuntu Security Notice 6495-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Manfred Rudigier discovered that the Intel PCI-Express Gigabit Ethernet driver in the Linux kernel did not properly validate received frames that are larger than the set MTU size, leading to a buffer overflow vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
0038b4a53931aed559aad4f7b7dc878297fdaf2901ec90a9d676eb3e2302139eUbuntu Security Notice 6494-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service or possibly expose sensitive information.
b8155c22b0aee7834c05ed29a1774d0847591054fd409c28e4a01741d747e025Ubuntu Security Notice 6500-1 - Joshua Rogers discovered that Squid incorrectly handled validating certain SSL certificates. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. This issue only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Gopher support has been disabled in this update. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04.
89e080ec0dca666e58acac5a17ad942076e2d2723e487a8ff043ca16623f5d78Ubuntu Security Notice 6498-1 - It was discovered that FRR incorrectly handled certain BGP messages. A remote attacker could possibly use this issue to cause FRR to crash, resulting in a denial of service.
8ffb58b4fdeecb594ce52be5a964442b10c2448f7272166e562fe6adb101bd85Red Hat Security Advisory 2023-7408-01 - An update for samba is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.
bab361794e0de30d927a13401bc5e34f0a717ba134aab4f6fa356b379239fe0fRed Hat Security Advisory 2023-7395-01 - An update for python-setuptools is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.
bf38009f8b0a4a351eabfe83cace1587367fb7ca806850d2c736af6f3f6aac9eRed Hat Security Advisory 2023-7371-01 - An update for samba is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a denial of service vulnerability.
6aa7e78c8d8f765e55758a9a76b6ed41f377419b694e8a55417f1caa1b82780eRed Hat Security Advisory 2023-7325-01 - Red Hat OpenShift Container Platform release 4.13.23 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
0e0cf9a34585e3e85326412fd3556227ef6e7fee021fbcad7c53267c88383bc3Red Hat Security Advisory 2023-7315-01 - Red Hat OpenShift Container Platform release 4.14.3 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include cross site scripting and denial of service vulnerabilities.
724e7acc646fc8c685953a97cad2685bbcecca1025fd6603ed1b05fb830d0b16Ubuntu Security Notice 6492-1 - Kathrin Kleinhammer discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. Zhanxiang Song discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause an authorisation bypass. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04.
8afa51ddd6fc11641b55e0d1a848ec61be70bbc1dbd56775c52c42cf1a85cb07Ubuntu Security Notice 6490-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
d35bfaa2f5bcc9080ab733d02c9fe09161108b6505edc3ee149515eb5f62da3aUbuntu Security Notice 6488-1 - Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code.
7ffb104625b55bdf8d0c050ca960b947b669a817f6f1d3a5c481c108244fc04dUbuntu Security Notice 6487-1 - Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. An attacker could possibly use this issue to cause a denial of service.
9cc9f38ae6308173c22d92fc8859b403636eeb52e789ea698e5b0d9b2fea95b2Debian Linux Security Advisory 5559-1 - A vulnerability was discovered in the SSH dissector of Wireshark, a network protocol analyzer, which could result in denial of service or potentially the execution of arbitrary code.
f53cfd0c26249d59a5bc7c2d494baef81ce35819cea5f655aec41b69b294b168Red Hat Security Advisory 2023-7345-01 - An update is now available for Red Hat OpenShift GitOps 1.9. Issues addressed include a denial of service vulnerability.
7f590d3a92f6ce15ac98a79e4571a8c30ee7f3e6aff78e8619d203362f7d12b5
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed