Red Hat Security Advisory 2021-4139-03 - The resource-agents packages provide the Pacemaker and RGManager service managers with a set of scripts. These scripts interface with several services to allow operating in a high-availability environment. Issues addressed include a denial of service vulnerability.
7a4d21faefe736f098c96b0d584a641fRed Hat Security Advisory 2021-4154-03 - The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Issues addressed include a denial of service vulnerability.
73057b1d11f86dc51d120b90b73849bbRed Hat Security Advisory 2021-4140-02 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, bypass, denial of service, double free, heap overflow, information leakage, null pointer, out of bounds read, and use-after-free vulnerabilities.
079c6c1769544376cbb35c9f98bef974Red Hat Security Advisory 2021-4151-06 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include code execution, cross site scripting, denial of service, and traversal vulnerabilities.
bbdcbb8a6e7f541b1f1df6973fbaec39Red Hat Security Advisory 2021-4149-03 - The python-pillow packages contain a Python image processing library that provides extensive file format support, an efficient internal representation, and powerful image-processing capabilities. Issues addressed include buffer over-read, buffer overflow, denial of service, and out of bounds read vulnerabilities.
f9aa161b895ce30b107ea4f4e2b59cf8Red Hat Security Advisory 2021-4319-03 - Exiv2 is a C++ library to access image metadata, supporting read and write access to the Exif, IPTC and XMP metadata, Exif MakerNote support, extract and delete methods for Exif thumbnails, classes to access Ifd, and support for various image formats. Issues addressed include buffer overflow, denial of service, integer overflow, and out of bounds read vulnerabilities.
c79f386ba086631df82f476b138615e7Red Hat Security Advisory 2021-4292-02 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Issues addressed include denial of service and integer overflow vulnerabilities.
17c5f6823890d502656a5f264bb66c6fRed Hat Security Advisory 2021-4160-03 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include cross site scripting, denial of service, and information leakage vulnerabilities.
48557f611f5f0e158c885a3630b6563cRed Hat Security Advisory 2021-4251-04 - OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Issues addressed include buffer overflow, code execution, denial of service, double free, integer overflow, null pointer, out of bounds read, out of bounds write, and use-after-free vulnerabilities.
7a80ac7d3d66e51f184a31f8a3306097Red Hat Security Advisory 2021-4161-02 - The python-jinja2 package contains Jinja2, a template engine written in pure Python. Jinja2 provides a Django inspired non-XML syntax but supports inline expressions and an optional sandboxed environment. Issues addressed include a denial of service vulnerability.
4b937fa003f7c97b963fb97b7f57d9e4Red Hat Security Advisory 2021-4356-28 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, bypass, denial of service, double free, heap overflow, information leakage, null pointer, out of bounds read, and use-after-free vulnerabilities.
c2cf9316a3bb0fe13d054e77a4f7c8d8Red Hat Security Advisory 2021-4396-02 - SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server. Issues addressed include denial of service, null pointer, and out of bounds access vulnerabilities.
08a86612b85ede0017de315d248dcb4dRed Hat Security Advisory 2021-4150-02 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a denial of service vulnerability.
562ed56016a3f1ca14eb5f2d770894f6Red Hat Security Advisory 2021-4162-05 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include code execution, cross site scripting, denial of service, double free, information leakage, and traversal vulnerabilities.
a1abf157e747ff42fc2816f1b50912ddUbuntu Security Notice 5137-1 - It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service or possibly execute arbitrary code. It was discovered that the Infiniband RDMA userspace connection manager implementation in the Linux kernel contained a race condition leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possible execute arbitrary code. Various other issues were also addressed.
fb8d78bbc2a41015b3e2b12d748ed458Ubuntu Security Notice 5136-1 - It was discovered that the f2fs file system in the Linux kernel did not properly validate metadata in some situations. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service or possibly execute arbitrary code. It was discovered that the FUSE user space file system implementation in the Linux kernel did not properly handle bad inodes in some situations. A local attacker could possibly use this to cause a denial of service. Various other issues were also addressed.
88e089c4a6f3eccfd93bbd0eed04318eUbuntu Security Notice 5135-1 - It was discovered that the Linux kernel did not properly account for the memory usage of certain IPC objects. A local attacker could use this to cause a denial of service.
d9820f169198a88c02d3751e33929633Ubuntu Security Notice 5130-1 - Jann Horn discovered a race condition in the tty subsystem of the Linux kernel in the locking for the TIOCSPGRP ioctl, leading to a use-after- free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered that the tty subsystem of the Linux kernel did not use consistent locking in some situations, leading to a read-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly expose sensitive information. Various other issues were also addressed.
2fe25d8899cd45229393c4b7f1c59d02HEUR.Backdoor.Win32.Denis.gen malware suffers from a denial of service vulnerability.
6b54a986706ebc1d2576bb8f48845722Ubuntu Security Notice 5133-1 - It was discovered that ICU contains a use after free issue. An attacker could use this issue to cause a denial of service with crafted input.
11cc76d033f04e13e12c6b7b3f51f8cdUbuntu Security Notice 5132-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, spoof another origin, or execute arbitrary code.
ccfbeb0810785bbc79f93fb6c4473790Ubuntu Security Notice 5131-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, bypass security restrictions, spoof the browser UI, confuse the user, conduct phishing attacks, or execute arbitrary code. It was discovered that the 'Copy Image Link' context menu action would copy the final image URL after redirects. If a user were tricked into copying and pasting a link for an embedded image that triggered authentication flows back to the page, an attacker could potentially exploit this to steal authentication tokens. Various other issues were also addressed.
4d601c0fd06e59512ff2fc6250eb8b4eRed Hat Security Advisory 2021-4103-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.9.0 RPMs. Issues addressed include a denial of service vulnerability.
c6337bf5be0c2bcd76a59777fed90bcbUbuntu Security Notice 5128-1 - Goutham Pacha Ravi, Jahson Babel, and John Garbutt discovered that user credentials in Ceph could be manipulated in certain environments. An attacker could use this to gain unintended access to resources. This issue only affected Ubuntu 18.04 LTS. It was discovered that Ceph contained an authentication flaw, leading to key reuse. An attacker could use this to cause a denial of service or possibly impersonate another user. This issue only affected Ubuntu 21.04. Various other issues were also addressed.
2995b9f052f1682434589f2a69919adaRed Hat Security Advisory 2021-4057-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a denial of service vulnerability.
39c23ecee2e539fa8f746c5d051985d5
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed