Gentoo Linux Security Advisory 201812-11 - Multiple vulnerabilities have been found in Rust, the worst which may allow local attackers to execute arbitrary code. Versions less than 1.29.1 are affected.
c2570adfc5cdff440bb017fd397bdb75834b5a50c3ad30045a8e3c1b93679cfaGentoo Linux Security Advisory 201812-10 - A vulnerability in GKSu might allow attackers to execute arbitrary commands. Versions less than or equal to 2.0.2 are affected.
77c78b36e0b1a9cfe7e16ae3f6fd54c12fe5d152c653d7d8a205a55b861af831Debian Linux Security Advisory 4361-1 - Several vulnerabilities were discovered in libextractor, a library to extract arbitrary meta-data from files, which may lead to denial of service or memory disclosure if a malformed OLE file is processed.
d950b4d7929cb9669efb988cbc5ec89d3abe6ef04b39e103580b0ad68bfa6007Debian Linux Security Advisory 4360-1 - Multiple security issues were found in libarchive, a multi-format archive in denial of service or the execution of arbitrary code and malformed WARC, LHarc, ISO, Xar or CAB archives could result in denial of service.
4ca78c1aca3d7538b998511ad79830ff0f91bc94448ecc1564153a6b33bfe80fDebian Linux Security Advisory 4359-1 - Multiple vulnerabilities have been discovered in Wireshark, a network protocol analyzer, which could result in denial of service or the execution of arbitrary code.
e65574a27d9a4df1d7727205093f828922aab4ced4ee9f6258e8e7f79a332809Debian Linux Security Advisory 4358-1 - The Shopify Application Security Team discovered that ruby-sanitize, a whitelist-based HTML sanitizer, is prone to a HTML injection vulnerability. A specially crafted HTML fragment can cause to allow non- whitelisted attributes to be used on a whitelisted HTML element.
40a3126031a021ed1604bc09ac2d9b39a41e33cd6fb5c6d278a6de68d833df59Debian Linux Security Advisory 4346-2 - The update for ghostscript issued as DSA-4346-1 caused a regression when used with certain options (cf. Debian bug #915832). Updated packages are now available to correct this issue.
440c0e22267075085f31140b95c4ad43be14dd8a98bd71ea6f9f3bd74a6d7115Slackware Security Advisory - New netatalk packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
a3e5670c48444a33470b9c8c68191b67a8043115ff484e3b4b730f1eb7d80399Gentoo Linux Security Advisory 201812-9 - Multiple vulnerabilities have been found in Go, the worst which could lead to the execution of arbitrary code. Versions less than 1.10.7 are affected.
0d1fc3fb1ddb7972eefe107b9e4e8695b642669377a39229fd062eedc72169a5LibTIFF version 4.0.8 suffers from multiple memory leak vulnerabilities.
99b39c7e3e305f25232c535712f3fc0ca2051fdcf102d69777eda04623c5b380Ubuntu Security Notice 3849-1 - It was discovered that a NULL pointer dereference existed in the keyring subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
8af550c56d88e940bd49fc37b8e96986f53f118dc0a33f1ef43ae042d260ae9fUbuntu Security Notice 3849-2 - USN-3849-1 fixed vulnerabilities in the Linux kernel for Ubuntu 14.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 14.04 LTS for Ubuntu 12.04 ESM. It was discovered that a NULL pointer dereference existed in the keyring subsystem of the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
bdd2087e5d8c2e6ea3ea9fbd008a48c85005b8014c5200920d37f2ee93426078Ubuntu Security Notice 3847-3 - USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux kernel for Microsoft Azure Cloud systems for Ubuntu 14.04 LTS. It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
88ddcb277ba792306a56a051e1a6ea3b2df9a11ba6f4d4f0bb790bd6664c4b64Ubuntu Security Notice 3848-2 - USN-3848-1 fixed vulnerabilities in the Linux kernel for Ubuntu 16.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 16.04 LTS for Ubuntu 14.04 LTS. It was discovered that a double free existed in the AMD GPIO driver in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
0e01790258c142284e2a185f6b24d6e1b1322200ec802bdf3976255b1f7553f0Ubuntu Security Notice 3848-1 - It was discovered that a double free existed in the AMD GPIO driver in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that an integer overrun vulnerability existed in the POSIX timers implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Kanda Motohiro discovered that writing extended attributes to an XFS file system in the Linux kernel in certain situations could cause an error condition to occur. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
ef32f46b101a860f44706fee0448815aa83426a298a340332abb7bab4d753836It was discovered that an integer overflow vulnerability existed in the CDRom driver of the Linux kernel. A local attacker could use this to expose sensitive information (kernel memory). It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Various other issues were also addressed.
054a56994c9bd62549cd29e0464ca1a0a7be22a3004cc645c80c0b65070bbdc0Ubuntu Security Notice 3847-2 - USN-3847-1 fixed vulnerabilities in the Linux kernel for Ubuntu 18.04 LTS. This update provides the corresponding updates for the Linux Hardware Enablement kernel from Ubuntu 18.04 LTS for Ubuntu 16.04 LTS. It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Various other issues were also addressed.
f686a26622bf753cbbb760351f7a2649c795917011883eab629db03a6b1b546fUbuntu Security Notice 3847-1 - It was discovered that a race condition existed in the raw MIDI driver for the Linux kernel, leading to a double free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that an integer overrun vulnerability existed in the POSIX timers implementation in the Linux kernel. A local attacker could use this to cause a denial of service. Various other issues were also addressed.
ab186e3e3caa72822140697919f42bea4149fc7ebd5e687a8c7c58306f58d45eUbuntu Security Notice 3846-1 - It was discovered that an integer overflow vulnerability existed in the CDROM driver of the Linux kernel. A local attacker could use this to expose sensitive information.
8581b2a2d1444d9cf46ee164418a9983be851c41453802a02eafe79465cc1dedDebian Linux Security Advisory 4357-1 - Raphael Arrouas and Jean Lejeune discovered an access control bypass vulnerability in mod_jk, the Apache connector for the Tomcat Java servlet engine. The vulnerability is addressed by upgrading mod_jk to the new upstream version 1.2.46, which includes additional changes.
b24a38ef4323cc06b46c0a586485f0b2275b750231ac7d0ea19237ede56eb97cDebian Linux Security Advisory 4356-1 - Jacob Baines discovered a flaw in the handling of the DSI Opensession command in Netatalk, an implementation of the AppleTalk Protocol Suite, allowing an unauthenticated user to execute arbitrary code with root privileges.
9f43e90f4658db9594afe845e426a1e0baffea9dcc9c0620456466712e121a2dDebian Linux Security Advisory 4355-1 - Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit.
b913df49694577978d9065ec818547f4d3d6619f2cbbc393194fc7e2ac40992aFreeBSD Security Advisory - Due to insufficient validation of network-provided data it may be possible for a malicious attacker to craft a bootp packet which could cause a stack buffer overflow. It is possible that the buffer overflow could lead to a Denial of Service or remote code execution.
c02904f0ef3015af27b497e26383079f1472a0876e7c3cbb2cc3a462525449dfRed Hat Security Advisory 2018-3854-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
ecccca8405ce1ae112c4c9ef8699c52acaa7349eacd9444e706b1cc606052122Red Hat Security Advisory 2018-3853-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
7d67828682276999308ce93378cd3811edc0d9b3565bdbef85add8ef9bf3f2bf
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed