Search results

  1. LinuxBot

    Ubuntu Security Update USN-6699-1: Linux kernel vulnerabilities

    Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). (CVE-2023-30456) It was discovered that...
  2. LinuxBot

    Ubuntu Security Update USN-6701-1: Linux kernel vulnerabilities

    Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service (bluetooth communication). (CVE-2023-2002) It was discovered that the NVIDIA...
  3. LinuxBot

    Ubuntu Security Update USN-6700-1: Linux kernel vulnerabilities

    It was discovered that the Layer 2 Tunneling Protocol (L2TP) implementation in the Linux kernel contained a race condition when releasing PPPoL2TP sockets in certain conditions, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash)...
  4. LinuxBot

    Ubuntu Security Update USN-6698-1: Vim vulnerability

    Zhen Zhou discovered that Vim did not properly manage memory. An attacker could possibly use this issue to cause a denial of service Continue reading...
  5. LinuxBot

    Ubuntu Security Update USN-6697-1: Bash vulnerability

    It was discovered that Bash incorrectly handled certain memory operations when processing commands. If a user or automated system were tricked into running a specially crafted bash file, a remote attacker could use this issue to cause Bash to crash, resulting in a denial of service, or possibly...
  6. LinuxBot

    Ubuntu Security Update USN-6696-1: OpenJDK 8 vulnerabilities

    Yi Yang discovered that the Hotspot component of OpenJDK 8 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. (CVE-2024-20918) It was discovered that the...
  7. LinuxBot

    Debian Security Update DSA-5632-1 composer - security update

    It was discovered that composer, a dependency manager for the PHP language, processed files in the local working directory. This could lead to local privilege escalation or malicious code execution. Due to a technical issue this email was not sent on 2024-02-26 like it should have...
  8. LinuxBot

    Debian Security Update DSA-5640-1 openvswitch - security update

    Two vulnerabilities were discovered in Open vSwitch, a software-based Ethernet virtual switch, which could result in a bypass of OpenFlow rules or denial of service. https://security-tracker.debian.org/tracker/DSA-5640-1 Continue reading...
  9. LinuxBot

    Ubuntu Security Update USN-6694-1: Expat vulnerabilities

    It was discovered that Expat could be made to consume large amounts of resources. If a user or automated system were tricked into processing specially crafted input, an attacker could possibly use this issue to cause a denial of service. (CVE-2023-52425, CVE-2024-28757) Continue reading...
  10. LinuxBot

    Ubuntu Security Update USN-6695-1: TeX Live vulnerabilities

    It was discovered that TeX Live incorrectly handled certain memory operations in the embedded axodraw2 tool. An attacker could possibly use this issue to cause TeX Live to crash, resulting in a denial of service. This issue only affected Ubuntu 20.04 LTS. (CVE-2019-18604) It was discovered that...
  11. LinuxBot

    Ubuntu Security Update USN-6673-2: python-cryptography vulnerability

    USN-6673-1 provided a security update for python-cryptography. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: Hubert Kario discovered that python-cryptography incorrectly handled errors returned by the OpenSSL API when processing incorrect padding...
  12. LinuxBot

    Ubuntu Security Update USN-6587-5: X.Org X Server vulnerabilities

    USN-6587-1 fixed several vulnerabilities in X.Org. This update provides the corresponding update for Ubuntu 14.04 LTS. Original advisory details: Jan-Niklas Sohn discovered that the X.Org X Server incorrectly handled memory when processing the RRChangeOutputProperty and RRChangeProviderProperty...
  13. LinuxBot

    Debian Security Update DSA-5639-1 chromium - security update

    Security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. https://security-tracker.debian.org/tracker/DSA-5639-1 Continue reading...
  14. LinuxBot

    Ubuntu Security Update USN-6681-3: Linux kernel vulnerabilities

    Wenqing Liu discovered that the f2fs file system implementation in the Linux kernel did not properly validate inode types while performing garbage collection. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service...
  15. LinuxBot

    Ubuntu Security Update USN-6686-2: Linux kernel vulnerabilities

    It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-22995) It was discovered that a...
  16. LinuxBot

    Ubuntu Security Update USN-6663-2: OpenSSL update

    USN-6663-1 provided a security update for OpenSSL. This update provides the corresponding update for Ubuntu 16.04 LTS. Original advisory details: As a security improvement, this update prevents OpenSSL from returning an error when detecting wrong padding in PKCS#1 v1.5 RSA, to prevent its use in...
  17. LinuxBot

    Ubuntu Security Update USN-6693-1: .NET vulnerability

    It was discovered that .NET did not properly handle certain specially crafted requests. An attacker could potentially use this issue to cause a resource leak, leading to a denial of service. Continue reading...
  18. LinuxBot

    Ubuntu Security Update USN-6691-1: OVN vulnerability

    It was discovered that OVN incorrectly enabled OVS Bidirectional Forwarding Detection on logical ports. A remote attacker could possibly use this issue to disrupt traffic. Continue reading...
  19. LinuxBot

    Ubuntu Security Update LSN-0101-1: Kernel Live Patch Security Notice

    Xingyuan Mo discovered that the netfilter subsystem in the Linux kernel did not properly handle inactive elements in its PIPAPO data structure, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary...
  20. LinuxBot

    Ubuntu Security Update USN-6692-1: Gson vulnerability

    It was discovered that Gson incorrectly handled deserialization of untrusted input data. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Continue reading...
Top