Ubuntu Security Update USN-7588-1: GSS NTLMSSP vulnerabilities

LinuxBot

LinuxBot

Member
Joined
Apr 25, 2017
Messages
5,810
Reaction score
74
Credits
-1,257
Phil Turnbull discovered that GSS NTLMSSP may perform out-of-bounds reads when decoding NTLM fields and target information. An attacker could possibly use this issue to cause GSS NTLMSSP to crash, resulting in a denial of service. (CVE-2023-25563, CVE-2023-25567) Phil Turnbull discovered that GSS NTLMSSP did not properly initialize memory when decoding UTF16 strings. An attacker could possibly use this issue to trigger an out-of-bounds write, resulting in a crash. (CVE-2023-25564) Phil Turnbull discovered that GSS NTLMSSP did not properly handle memory cleanup. An attacker could possibly use this issue to cause an assertion failure, resulting in a denial of service. (CVE-2023-25565)

Continue reading...
 
You must log in or register to reply here.

Similar threads

LinuxBot
Ubuntu Security Update USN-8205-1: GStreamer Bad Plugins vulnerabilities
Replies
0
Views
133
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8069-1: ImageMagick vulnerabilities
Replies
0
Views
169
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8259-1: OpenEXR vulnerabilities
Replies
0
Views
134
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8282-1: Unbound vulnerabilities
Replies
0
Views
111
LinuxBot
LinuxBot
LinuxBot
Ubuntu Security Update USN-8248-1: NASM vulnerabilities
Replies
0
Views
85
LinuxBot
LinuxBot


Follow Linux.org

Staff online

Members online

Total: 2,937 (members: 2, guests: 2,935)

Latest posts

Top