This archive contains all of the 69 exploits added to Packet Storm in November, 2022.
10d4085fbdba3d419d26c81bfaf764c2fc51340ab34556657890eb62b9eaa869Red Hat Security Advisory 2022-8750-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. Issues addressed include denial of service and out of bounds read vulnerabilities.
97a1315b0fbee0ce3f4d325b64ba96eef25047860270e8353a13efa3ba7cf84aUbuntu Security Notice 5758-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the video4linux driver for Empia based TV cards in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
256eadaaba2ca6b555ffdca188a01a32a38b8869b53454c79b3151aafb702dc1Ubuntu Security Notice 5757-2 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the video4linux driver for Empia based TV cards in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
5f3635e7bced605061a880c1d0d373b00f48497e09d55c49c21c5cb5f003b9f4Ubuntu Security Notice 5757-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the video4linux driver for Empia based TV cards in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
5d5eb3496c11848a0a1a5bfda361a1a1b9c343c48c6157f791c52da5fc1448feUbuntu Security Notice 5756-1 - Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.
c262e99c891657cf670bafef427b5c8a98e36173cea0ebda9b9086966a51556aUbuntu Security Notice 5755-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
879392a46f131ceda6904aea376da43dd805f027ea1f1205b5a2afe10b5a58d2Debian Linux Security Advisory 5292-1 - The Qualys Research Team discovered a race condition in the snapd-confine binary which could result in local privilege escalation.
63ecb2fa9607b100b03d38946750f97753ae423a271e95c27aafa2e1c56f7348Ubuntu Security Notice 5743-2 - USN-5743-1 fixed a vulnerability in LibTIFF. This update provides the corresponding updates for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 22.10. It was discovered that LibTIFF incorrectly handled certain malformed images. If a user or automated system were tricked into opening a specially crafted image, a remote attacker could crash the application, leading to a denial of service, or possibly execute arbitrary code with user privileges.
2a5192644fb6667f237a50822d8c835fb861dc3345795bd767c605ecbbbc2534Ubuntu Security Notice 5754-1 - It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a memory leak existed in the IPv6 implementation of the Linux kernel. A local attacker could use this to cause a denial of service.
6c13b7cd9ed047ea5614bb3a3710254bbd47c927bc2daeb7bc912d45b1c4b4faBackdoor.Win32.Delf.gj malware suffers from an information leakage vulnerability.
622118d5760b64ae86f8de28e2d430c1c15ec650e7c1db8f5920f134dd887c5eIBM Websphere Application Server version 7.0 persistent cross site scripting vulnerability proof of concept details.
dc1233536d7555212b10f45b23030e26739234a2f687d52112ff10261d1e40e6
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed