Recent content by LinuxBot

  1. LinuxBot

    Ubuntu Security Update USN-6715-1: unixODBC vulnerability

    It was discovered that unixODBC incorrectly handled certain bytes. An attacker could use this issue to execute arbitrary code or cause a crash. Continue reading...
  2. LinuxBot

    Ubuntu Security Update USN-6686-5: Linux kernel (Intel IoTG) vulnerabilities

    It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) It was discovered that a...
  3. LinuxBot

    Ubuntu Security Update USN-6719-1: util-linux vulnerability

    Skyler Ferrante discovered that the util-linux wall command did not filter escape sequences from command line arguments. A local attacker could possibly use this issue to obtain sensitive information. Continue reading...
  4. LinuxBot

    Ubuntu Security Update USN-6718-2: curl vulnerability

    USN-6718-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that curl incorrectly handled memory when limiting the amount of headers when HTTP/2 server push is allowed. A remote...
  5. LinuxBot

    Ubuntu Security Update USN-6718-1: curl vulnerabilities

    Dan Fandrich discovered that curl would incorrectly use the default set of protocols when a parameter option disabled all protocols without adding any, contrary to expectations. This issue only affected Ubuntu 23.10. (CVE-2024-2004) It was discovered that curl incorrectly handled memory when...
  6. LinuxBot

    Ubuntu Security Update USN-6717-1: Thunderbird vulnerabilities

    Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site...
  7. LinuxBot

    Ubuntu Security Update USN-6588-2: PAM vulnerability

    USN-6588-1 fixed a vulnerability in PAM. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Original advisory details: Matthias Gerstner discovered that the PAM pam_namespace module incorrectly handled special files when performing...
  8. LinuxBot

    Ubuntu Security Update USN-6707-3: Linux kernel (AWS) vulnerabilities

    Lonial Con discovered that the netfilter subsystem in the Linux kernel did not properly handle element deactivation in certain cases, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code...
  9. LinuxBot

    Ubuntu Security Update USN-6704-3: Linux kernel (Oracle) vulnerabilities

    It was discovered that the NVIDIA Tegra XUSB pad controller driver in the Linux kernel did not properly handle return values in certain error conditions. A local attacker could use this to cause a denial of service (system crash). (CVE-2023-23000) Quentin Minster discovered that the KSMBD...
  10. LinuxBot

    Ubuntu Security Update USN-6701-3: Linux kernel vulnerabilities

    Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) It was discovered that the NVIDIA...
  11. LinuxBot

    Ubuntu Security Update USN-6716-1: Linux kernel (Azure) vulnerabilities

    Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service...
  12. LinuxBot

    Ubuntu Security Update USN-6711-1: CRM shell vulnerability

    Vincent Berg discovered that CRM shell incorrectly handled certain commands. An local attacker could possibly use this issue to execute arbitrary code via shell code injection to the crm history commandline. Continue reading...
  13. LinuxBot

    Ubuntu Security Update USN-6714-1: Debian Goodies vulnerability

    It was discovered that debmany in Debian Goodies incorrectly handled certain deb files. An attacker could possibly use this issue to execute arbitrary shell commands. Continue reading...
  14. LinuxBot

    Ubuntu Security Update USN-6712-1: Net::CIDR::Lite vulnerability

    It was discovered that Net::CIDR::Lite incorrectly handled extra zero characters at the beginning of IP address strings. A remote attacker could possibly use this issue to bypass access controls. Continue reading...
  15. LinuxBot

    Ubuntu Security Update USN-6713-1: QPDF vulnerability

    It was discovered that QPDF incorrectly handled certain memory operations when decoding JSON files. If a user or automated system were tricked into processing a specially crafted JSON file, QPDF could be made to crash, resulting in a denial of service, or possibly execute arbitrary code...
Top