Ubuntu Security Notice 5829-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
aad823e9a2aa345a90ba89b0bbadac4b45a7aad04940b487e28febdc9f15b3ffApple Security Advisory 2023-01-23-6 - macOS Big Sur 11.7.3 addresses buffer overflow, bypass, and code execution vulnerabilities.
aac95eb2a84296b6abbfaf3eadfc9a29430c5a2f313ef8710e3d5be26cb06bdbApple Security Advisory 2023-01-23-5 - macOS Monterey 12.6.3 addresses buffer overflow, bypass, code execution, and information leakage vulnerabilities.
86dd9b786a0318174acd539801f6e3fe6a86591529277185d71eb7e9e3237c4dApple Security Advisory 2023-01-23-4 - macOS Ventura 13.2 addresses buffer overflow, bypass, code execution, information leakage, and use-after-free vulnerabilities.
0cd5bf89e176e4c213da4d53018a83b92e2203a6e71bf12d7a356eea1213909bRed Hat Security Advisory 2023-0334-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and privilege escalation vulnerabilities.
270a2d5624a45b16560c8e641883158312e61364d19ffad747cdf8e699ae8f52Red Hat Security Advisory 2023-0338-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Issues addressed include an integer overflow vulnerability.
d6d03c20c35deb47e34d193e9d67a97356f77a53870998350717673f550850f1Red Hat Security Advisory 2023-0300-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and privilege escalation vulnerabilities.
8d37c7d8ee1ca4cb5709e9609fb377f17f1c4bb3ae3c63a34fc4b21cff595e3bRed Hat Security Advisory 2023-0348-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include buffer overflow and privilege escalation vulnerabilities.
e864895bb1b66157dffd89917ce2ff48ada4cdb215dc53916ad302cda3d20852Red Hat Security Advisory 2023-0302-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include buffer overflow, denial of service, and double free vulnerabilities.
77a102c672ecfb5e9f34cbefa8f6c86bad324e2a7521e008cb68f55f50d75cddRed Hat Security Advisory 2023-0340-01 - The bash packages provide Bash, which is the default shell for Red Hat Enterprise Linux. Issues addressed include a buffer overflow vulnerability.
c4175fcaf8e760446048b0702a788a15a9b75b05bd2cee9ae422f72e0f822ceeSolaris 10 CDE local privilege escalation exploit that achieves root by injecting a fake printer via lpstat and uses a buffer overflow in libXM ParseColors().
8fed0e704e1d7fbb2603ba2f25e66d64bafc8105967e5ce69f807ea920fafcb1Ubuntu Security Notice 5814-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
dbfe665f3a1513799bf58ebfb34bae00253cc650f33bcb40256da98c77f5d57dNetChess version 2.1 suffers from a buffer overflow vulnerability.
c6fdd4b94e87f3c84000707b8cce619ac638e110f19ad46abe98381756c280c7Ubuntu Security Notice 5813-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
c8585d9310f20472858a349154e922f465a23afb78b9d227cd2a5767b334c7eeUbuntu Security Notice 5809-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
9c7806fd2b27e8bf93c0572476e6a6a7bfd1fc39e41c523db32a80f8b535e96eUbuntu Security Notice 5808-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
cc4443f00c1b80d3578f83459d2dcc84a73bd15607e61dc8a6a55c30a1f95a47Red Hat Security Advisory 2023-0173-01 - The libxml2 library is a development toolbox providing the implementation of various XML standards. Issues addressed include an integer overflow vulnerability.
b614bc7e3ac9e42c9f9c7d2e54984ff85d209825487f4f858d59d325942fa8dcUbuntu Security Notice 5804-2 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
432e44d00c7370626def9020ff038a803fee945c7cfa7c1e5694ed4a2e964793Ubuntu Security Notice 5804-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamas Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
eaaf2b382821a29f0cd1289ad47e022031258f5e6b7b5ad1a6f618862dfb5a67Ubuntu Security Notice 5803-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code. Tamas Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
4a901d23fe04ca230ee9b786ae58b58154f66077be0ff2e81efffbae06b991afUbuntu Security Notice 5802-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation in the Linux kernel contained multiple use-after-free vulnerabilities. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.
34428fdea7c82ae5cc1b2570fe09a946f45222b5e8de50755c8c2bd32c0ca4ffDebian Linux Security Advisory 5316-1 - Several out-of-memory, stack overflow or HTTP request smuggling vulnerabilities have been discovered in Netty, a Java NIO client/server socket framework, which may allow attackers to cause a denial of service or bypass restrictions when used as a proxy.
d79e44dc740a4bdba61067f17bc2f8d1870d872798afcbc0a4bdd6ffab09ccddDebian Linux Security Advisory 5315-1 - XStream serializes Java objects to XML and back again. Versions prior to 1.4.15-3+deb11u2 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation of the processed input stream. The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. This update handles the stack overflow and raises an InputManipulationException instead.
442616c277f5fe435b492c064fd24a02dc319b343463ace4afb9427f04df76b8Red Hat Security Advisory 2023-0095-01 - The libtiff packages contain a library of functions for manipulating Tagged Image File Format files. Issues addressed include buffer overflow, denial of service, double free, and out of bounds read vulnerabilities.
c03e05a4c41c6aa72e39ed4d6f02c63f8fb0a53726b2f3fa368e44b6da42afe5Ubuntu Security Notice 5799-1 - Kyle Zeng discovered that the sysctl implementation in the Linux kernel contained a stack-based buffer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.
ce4998fbf8aa90d0155c6a2ddebcdd951316a5e7ef8f07cd60cd721cb26a6117
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed