Ubuntu Security Notice 4752-1 - Daniele Antonioli, Nils Ole Tippenhauer, and Kasper Rasmussen discovered that legacy pairing and secure-connections pairing authentication in the Bluetooth protocol could allow an unauthenticated user to complete authentication without pairing credentials via adjacent access. A physically proximate attacker could use this to impersonate a previously paired Bluetooth device. Jay Shin discovered that the ext4 file system implementation in the Linux kernel did not properly handle directory access with broken indexing, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
9d423aca91d7f1b70463a45e888e4c441f17d4136f7beccf8bf581dc633b7a2eUbuntu Security Notice 4751-1 - It was discovered that the console keyboard driver in the Linux kernel contained a race condition. A local attacker could use this to expose sensitive information. Minh Yuan discovered that the tty driver in the Linux kernel contained race conditions when handling fonts. A local attacker could possibly use this to expose sensitive information. Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
e9d3e10fdaf8851fce0f2b40b30eae653fe05a491bcde750907baec6b6f2532bUbuntu Security Notice 4753-1 - It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data.
f8284728985d63a7673b46fbb9ce575d19caab6433c94973217809c8b4948e7dUbuntu Security Notice 4750-1 - Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service. Various other issues were also addressed.
244b492047de3dfc8cbaec49a7d3d8b2fa1ece0ca9975986a3b9ca7800cd6c3aUbuntu Security Notice 4749-1 - Bodong Zhao discovered a use-after-free in the Sun keyboard driver implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service. Various other issues were also addressed.
c63a6b0b35b3e71cc0cb6d6b81c4d7a6309dedb3ea47cd82b05b2a4b24f23b48Ubuntu Security Notice 4748-1 - It was discovered that the jfs file system implementation in the Linux kernel contained an out-of-bounds read vulnerability. A local attacker could use this to possibly cause a denial of service. It was discovered that the memory management subsystem in the Linux kernel did not properly handle copy-on-write operations in some situations. A local attacker could possibly use this to gain unintended write access to read-only memory pages. Various other issues were also addressed.
d67736e2a88e2a48fdcc199d6274d2ea8c794a2e8d9ad3c1542bb81b35eb62eaUbuntu Security Notice 4747-2 - USN-4747-1 fixed a vulnerability in screen. This update provides the corresponding update for Ubuntu 14.04 ESM. Felix Weinmann discovered that GNU Screen incorrectly handled certain character sequences. A remote attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.
1b3fb06c80115b5fd908c46bc9df0c0b72cf0a01e3ab16f2514b31da9f648478Red Hat Security Advisory 2021-0100-01 - The file-integrity-operator image update is now available for OpenShift Container Platform 4.7. Issues addressed include denial of service and integer overflow vulnerabilities.
82eabc6ce73e69f1fac8932d1d907c61cf61d4cd1d11a9de36145ec7c46e4fc9Red Hat Security Advisory 2020-5364-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the extra low-latency container images for Red Hat OpenShift Container Platform 4.7. Issues addressed include denial of service and integer overflow vulnerabilities.
55d65cdd1e74ffc602f8184565c2fb0d979bda7f287acaa6a93a7a50e730a8e6Red Hat Security Advisory 2021-0664-01 - Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred to managed machines automatically.
af2c8243af9107da566ce43226e01152ed278390ce4f6ff41b766efe1282175dRed Hat Security Advisory 2020-5633-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.7.0. Issues addressed include bypass, denial of service, integer overflow, man-in-the-middle, and memory leak vulnerabilities.
fb221a06159543a599ba784765449c2af09e02d8dd9f7f484c8b3584adabc4ceRed Hat Security Advisory 2021-0661-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0.
50249996a918e0a8b67786cc5650040baf73dcccebf1a227ffc9252490ef1bdcTrojan.Win32.Gofot.htx malware suffers from a buffer overflow vulnerability.
c5ae2398d25d74c8167d17ab5327fbca1934b8b0dd6644651e4d203affc64cceRed Hat Security Advisory 2021-0659-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR.
4f8a4f4e4706f83526d9856621f47c878dbc622ae32883c4c3d231f25a7bcf16Red Hat Security Advisory 2020-5634-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.7.0.
ef82b0a45d122831285715e3c2fe02915f988b7faa24e07a3b98338c1601ef91Red Hat Security Advisory 2021-0662-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0.
0a8539dd3a37778a73bf1a89b9d59db8ccfb12e8511162844f05283397d59412Red Hat Security Advisory 2021-0658-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0.
73a2c9174c20dc0e569929381870c75bdf573392ed64d37de59e3ab6498949feRed Hat Security Advisory 2021-0656-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR.
9db7074777b38e64083eec1c8c0a069948ee777e169a8f90f479140c47b94143Red Hat Security Advisory 2021-0660-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR.
9b507f66964ea88d30e11718b3e525463fec8e2ff5841ccad7830c369aad733bRed Hat Security Advisory 2021-0655-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 78.8.0 ESR.
faedb83733f505cf6130e1ee109bc6303d8527b3c3a83f8a69803417a99ea5adRed Hat Security Advisory 2021-0657-01 - Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 78.8.0.
b5448f767840a8b119e50ecc50ab5aee00ebaf6a81e6a47af7492b7b88a697a4Red Hat Security Advisory 2020-5635-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.
23387ed15eb48e5caa33e84d1d1f448ae0975ff4cbd03b845ab00f376efc838aUbuntu Security Notice 4698-2 - USN-4698-1 fixed vulnerabilities in Dnsmasq. The updates introduced regressions in certain environments related to issues with multiple queries, and issues with retries. This update fixes the problem. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled memory when sorting RRsets. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled extracting certain names. A remote attacker could use this issue to cause Dnsmasq to hang, resulting in a denial of service, or possibly execute arbitrary code. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented address/port checks. A remote attacker could use this issue to perform a cache poisoning attack. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly implemented query resource name checks. A remote attacker could use this issue to perform a cache poisoning attack. Moshe Kol and Shlomi Oberman discovered that Dnsmasq incorrectly handled multiple query requests for the same resource name. A remote attacker could use this issue to perform a cache poisoning attack. It was discovered that Dnsmasq incorrectly handled memory during DHCP response creation. A remote attacker could possibly use this issue to cause Dnsmasq to consume resources, leading to a denial of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. Various other issues were also addressed.
e42a5bdd054f191f80e2ffa56b1efcc9969c7a22e49b0f34c75af8093966adecUbuntu Security Notice 4746-1 - Tavis Ormandy discovered that xterm incorrectly handled certain character sequences. A remote attacker could use this issue to cause xterm to crash, resulting in a denial of service, or possibly execute arbitrary code.
dca22ebab01af410b9b1cff846bb2da09e3a499a5ec697984dc183630f2f7b64Ubuntu Security Notice 4747-1 - Felix Weinmann discovered that GNU Screen incorrectly handled certain character sequences. A remote attacker could use this issue to cause GNU Screen to crash, resulting in a denial of service, or possibly execute arbitrary code.
c7e39b4cc6a8374b5105fdeaf15ac4721ecb333b3d2e2e62995f2f27a11fdb3b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed