Ubuntu Security Notice 5030-1 - It was discovered that the Perl DBI module incorrectly opened files outside of the folder specified in the data source name. A remote attacker could possibly use this issue to obtain sensitive information. It was discovered that the Perl DBI module incorrectly handled certain long strings. A local attacker could possibly use this issue to cause the DBI module to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS. Various other issues were also addressed.
7f74d57c3fa809b85251ccf934c074e1This whitepaper discusses chain session upload progress to remote code execution when taking advantage of local file inclusion.
30b82ecd437ab784ec81665a82576757It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when performing div and mod operations. A local attacker could use this to possibly execute arbitrary code. It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service (system crash) or execute arbitrary code.
3d25210f32b7ce386710ced319ba74bcQualys discovered a size_t-to-int conversion vulnerability in the Linux kernel's filesystem layer: by creating, mounting, and deleting a deep directory structure whose total path length exceeds 1GB, an unprivileged local attacker can write the 10-byte string "//deleted" to an offset of exactly -2GB-10B below the beginning of a vmalloc()ated kernel buffer. They successfully exploited this uncontrolled out-of-bounds write, and obtained full root privileges on default installations of Ubuntu 20.04, Ubuntu 20.10, Ubuntu 21.04, Debian 11, and Fedora 34 Workstation; other Linux distributions are certainly vulnerable, and probably exploitable. A basic proof of concept (a crasher) is attached to this advisory.
2739ab8c7448e7ea41f28d5e97efa32aUbuntu Security Notice 5019-1 - It was discovered that an assert could be triggered in the NVIDIA graphics drivers. A local attacker could use this to cause a denial of service. It was discovered that the NVIDIA graphics drivers permitted an out-of-bounds array access. A local attacker could use this to cause a denial of service or possibly expose sensitive information. Various other issues were also addressed.
9b14b7386bfe0d3b7c97a0be131a2b1cUbuntu Security Notice 5018-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code. Piotr Krysiuk discovered that the eBPF implementation in the Linux kernel did not properly enforce limits for pointer operations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
5689144ce247f58cfe35aa8184a61e3fUbuntu Security Notice 5017-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code. It was discovered that the bluetooth subsystem in the Linux kernel did not properly perform access control. An authenticated attacker could possibly use this to expose sensitive information. Various other issues were also addressed.
0873c6cc3ecce256f668e9fe41464f0eUbuntu Security Notice 5016-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code. Or Cohen and Nadav Markus discovered a use-after-free vulnerability in the nfc implementation in the Linux kernel. A privileged local attacker could use this issue to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
31d29e3a9e3c3cdcef9c9a76db4909d8Ubuntu Security Notice 5015-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code. Michael Brown discovered that the Xen netback driver in the Linux kernel did not properly handle malformed packets from a network PV frontend, leading to a use-after-free vulnerability. An attacker in a guest VM could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
e0afe945c2de058eec0a91d5407a9356Ubuntu Security Notice 5014-1 - It was discovered that the virtual file system implementation in the Linux kernel contained an unsigned to signed integer conversion error. A local attacker could use this to cause a denial of service or execute arbitrary code.
40868080c6dd49f2545379648cd8a90eRed Hat Security Advisory 2021-2786-01 - The libldb packages provide an extensible library that implements an LDAP-like API to access remote LDAP servers, or use local TDB databases. Issues addressed include an out of bounds read vulnerability.
956e6704bc672abed71a02163843b1c0Ubuntu Security Notice 5013-2 - USN-5013-1 fixed several vulnerabilities in systemd. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that systemd incorrectly handled certain mount paths. A local attacker could possibly use this issue to cause systemd to crash, resulting in a denial of service. Various other issues were also addressed.
2292db61aa7aa7a29cce8f3e68387db3Ubuntu Security Notice 5013-1 - It was discovered that systemd incorrectly handled certain mount paths. A local attacker could possibly use this issue to cause systemd to crash, resulting in a denial of service. Mitchell Frank discovered that systemd incorrectly handled DHCP FORCERENEW packets. A remote attacker could possibly use this issue to reconfigure servers.
7874a80a96e6739b9bcfc28b5e49c853Norbert Slusarek discovered a race condition in the CAN BCM networking protocol of the Linux kernel leading to multiple use-after-free vulnerabilities. A local attacker could use this issue to execute arbitrary code.
253344ca4d57ea28bccc4904f8ebf52dGentoo Linux Security Advisory 202107-31 - A vulnerability in polkit could lead to local root privilege escalation. Versions less than 0.119 are affected.
ce9a4968c78b1f7a6e75b5e89c26d6c6A vulnerability exists within the polkit system service that can be leveraged by a local, unprivileged attacker to perform privileged operations. In order to leverage the vulnerability, the attacker invokes a method over D-Bus and kills the client process. This will occasionally cause the operation to complete without being subjected to all of the necessary authentication. The exploit module leverages this to add a new user with a sudo access and a known password. The new account is then leveraged to execute a payload with root privileges.
c913dad2bd458ed34f93845cd04f9bafUbuntu Security Notice 5008-2 - USN-5008-1 fixed a vulnerability in avahi. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Thomas Kremer discovered that Avahi incorrectly handled termination signals on the Unix socket. A local attacker could possibly use this issue to cause Avahi to hang, resulting in a denial of service. Various other issues were also addressed.
e1c4e764357e853688e9af68baaed741Ubuntu Security Notice 5008-1 - Thomas Kremer discovered that Avahi incorrectly handled termination signals on the Unix socket. A local attacker could possibly use this issue to cause Avahi to hang, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 20.10. It was discovered that Avahi incorrectly handled certain hostnames. A local attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service. This issue only affected Ubuntu 20.10 and Ubuntu 21.04. Various other issues were also addressed.
5db45203baefabb1f31e4332da1e0620Gentoo Linux Security Advisory 202107-10 - A bug in TCG TPM2 Software Stack may result in information disclosure to a local attacker. Versions less than 2.4.3 are affected.
ace381835ae63e109ca33eb3f4bd88d7Black Box Kvm Extender version 3.4.31307 suffers from a local file inclusion vulnerability.
6fe8c1691d468a9bf6c2ebd9e15d6affVisual Tools DVR VX16 version 4.2.28 suffers from a local privilege escalation vulnerability.
5de46b08cc144d6d68dc6d3754aad651Gentoo Linux Security Advisory 202107-3 - An insecure temporary file usage has been reported in libqb possibly allowing local code execution. Versions less than 1.0.5 are affected.
9ab5f229d9667a143fb8f62508182c9bTor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.
7cc00f21c6da776da98d6b92de89e23eWinWaste.NET version 1.0.6183.16475 allows a local unprivileged user to replace the executable with a malicious file that will be executed with LocalSystem privileges.
8bfb28d74e827558dd843fd417bf057aSecurepoint SSL VPN Client version 2.0.30 suffers from a local privilege escalation vulnerability.
208329c265e24386a862dffeddea96d3
© 2020 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed