Debian Linux Security Advisory 5459-1 - Tavis Ormandy discovered that under specific microarchitectural circumstances, a vector register in "Zen 2" CPUs may not be written to 0 correctly. This flaw allows an attacker to leak register contents across concurrent processes, hyper threads and virtualized guests.
468061b2cb0d06b75c3b3fffb7e543f14109afe8666089072a76301ce3ff5d0bRed Hat Security Advisory 2023-4283-01 - OpenStack Networking is a virtual network service for OpenStack. Just as OpenStack Compute provides an API to dynamically request and configure virtual servers, OpenStack Networking provides an API to dynamically request and configure virtual networks. These networks connect 'interfaces' from other OpenStack services. The OpenStack Networking API supports extensions to provide advanced network capabilities.
b2a71e5b6eed1c0ef3917b658f0a1f1f403712ed3a5ddbc813a21480e9a3c3fcRed Hat Security Advisory 2023-4282-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include a bypass vulnerability.
cec0eaed40c25240f6fb49c9ac7ef7aca66c59347914db30f27969164bb7fa58The RoomCast TA-2400, versions 1.0-3.1+, has multiple critical security vulnerabilities, including clear-text storage of sensitive information within executables, improper access control, improper privilege management, and the use of hard-coded passwords. Uniting these vulnerabilities paves the way for a complete compromise of the device and, in turn, exposes clients to direct threats from those exploiting the compromised unit.
591f5f7541f146f4f1ddc9d5f29ce8ed51770335548e9e37e8c055dd3b040e3cUbuntu Security Notice 6250-1 - Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in the Ubuntu Linux kernel did not properly perform permission checks in certain situations. A local attacker could possibly use this to gain elevated privileges. It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
a3c2bee7fb44adf555ec4f0c4513eec063216c00e3541ec88c1729871be7fb50Red Hat Security Advisory 2023-4276-01 - An update is now available for Red Hat DevWorkspace Operator. Red Hat Product Security has rated this update as having a security impact of Moderate.
38648fc5bcd6a58af8ec4f25cec2f7d5eab5d991e5752ce15385166aff31dec4VMWare Aria Operations for Networks (vRealize Network Insight) is vulnerable to command injection when accepting user input through the Apache Thrift RPC interface. This vulnerability allows a remote unauthenticated attacker to execute arbitrary commands on the underlying operating system as the root user. The RPC interface is protected by a reverse proxy which can be bypassed. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. A malicious actor can get remote code execution in the context of root on the appliance. VMWare 6.x version are vulnerable. This Metasploit module exploits the vulnerability to upload and execute payloads gaining root privileges. Successfully tested against version 6.8.0.
9a55a0c02bec8e756eeac40f3ab58ccc0499c9bbbde741db5c148ebfa61b29eeDebian Linux Security Advisory 5458-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in bypass of sandbox restrictions, information disclosure, reduced cryptographic strength of the AES implementation, directory traversal or denial of service.
56826eebf6a5edd1903ff8a78cf717b85576a27002c8d40f49867c4087279cf9Apple Security Advisory 2023-07-24-8 - watchOS 9.6 addresses bypass, code execution, and use-after-free vulnerabilities.
03d0aae896b234bedefafcc6cdf2d4b950fad52f9d153fb12c3ce0ca2f618bd5Ubuntu Security Notice 6249-1 - Ruihan Li discovered that the memory management subsystem in the Linux kernel contained a race condition when accessing VMAs in certain conditions, leading to a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service or execute arbitrary code. Querijn Voet discovered that a race condition existed in the io_uring subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
fa00f685b65a90c9484ef2ebfc948200123e1ec2275cb03b1d48584874eb8d27It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux kernel did not properly perform data buffer size validation in some situations. A physically proximate attacker could use this to craft a malicious USB device that when inserted, could cause a denial of service (system crash) or possibly expose sensitive information. Reima Ishii discovered that the nested KVM implementation for Intel x86 processors in the Linux kernel did not properly validate control registers in certain situations. An attacker in a guest VM could use this to cause a denial of service (guest crash). Various other issues were also addressed.
f71c9e71db4bb6c2c048a5f92cbb08cec9d660d843f677df4000f97384e9be37ETSI WEBstore 2023 suffers from a persistent cross site scripting vulnerability.
e7ad6b342fcf8f62482b6ecf480f23e449749c10257130b5a70a0d0805a2f43dUbuntu Security Notice 6245-1 - Adam Bell discovered that Trove incorrectly handled arguments to the backup command. A remote attacker could possibly use this issue to execute arbitrary code.
5ba9355ecb39fd072d6192044c3a9835853627dbb1396c506946df2bebfc54ccApple Security Advisory 2023-07-24-7 - tvOS 16.6 addresses bypass, code execution, and use-after-free vulnerabilities.
d29c659b0a0ca1c8d52c08bd15c84087590dc344b780dd274ca0bfea5c832f9fUbuntu Security Notice 6248-1 - It was discovered that the network queuing discipline implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in Adreno GPU DRM driver in the Linux kernel, leading to a double-free vulnerability. A local attacker could use this to cause a denial of service.
b8f3da6963dc1b1e3cc8907b151d7eea0916cee6b2d4a566e0162f800b0fab21Apple Security Advisory 2023-07-24-6 - macOS Big Sur 11.7.9 addresses code execution, out of bounds read, and use-after-free vulnerabilities.
ee0e370612feffcdd195d2217699ccfdfa302e2ed0cf29ec464c6c6c2bde8f81Ubuntu Security Notice 5807-3 - USN-5807-1 fixed a vulnerability in libXpm. This update provides the corresponding update for Ubuntu 14.04 ESM. Marco Ivaldi discovered that libXpm incorrectly handled certain XPM files. If a user or automated system were tricked into opening a specially crafted XPM file, a remote attacker could possibly use this issue to cause libXpm to stop responding, resulting in a denial of service.
1d7cd9e80fc6254c983be3fed20f539e1edb09fda01cd905ea28e645ab590a35Ubuntu Security Notice 6247-1 - David Leadbeater discovered that the netfilter IRC protocol tracking implementation in the Linux Kernel incorrectly handled certain message payloads in some situations. A remote attacker could possibly use this to cause a denial of service or bypass firewall filtering. It was discovered that the IDT 77252 ATM PCI device driver in the Linux kernel did not properly remove any pending timers during device exit, resulting in a use-after-free vulnerability. A local attacker could possibly use this to cause a denial of service or execute arbitrary code.
61a789330b36bb59452695c01cc71820e77a036e8d7f9331f88a8e22ffbd82e6Apple Security Advisory 2023-07-24-5 - macOS Monterey 12.6.8 addresses code execution, out of bounds read, and use-after-free vulnerabilities.
8f28ed064f450316ecc855c2c8e034834dfbba8071bddb178c5eb88e95963236Journal Management Software version 1.2.4 suffers from a remote SQL injection vulnerability.
8883a5e06c6009c8edda3ade1d57d027563e7dc28bcd313531103de5840639e2Ubuntu Security Notice 6244-1 - Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.
2ab65abd4d06d0e7df4e94c6500344bf85853a495babcddcce55dffcda3a3469Joomla VirtueMart component version 2.6.12.2 suffers from a remote SQL injection vulnerability.
39866f41e162d1c3e4864764312ed024c4ca1a92db8ca6e8789625e26ac247ffUbuntu Security Notice 6129-2 - USN-6129-1 fixed a vulnerability in Avahi. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that Avahi incorrectly handled certain DBus messages. A local attacker could possibly use this issue to cause Avahi to crash, resulting in a denial of service.
f0489fcfdb023c7fa35d0ea265e60a14b4b4693cd971da74545ee7c7bd1932aaUbuntu Security Notice 6246-1 - It was discovered that the IP-VLAN network driver for the Linux kernel did not properly initialize memory in some situations, leading to an out-of- bounds write vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. Mingi Cho discovered that the netfilter subsystem in the Linux kernel did not properly validate the status of a nft chain while performing a lookup by id, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code.
7f9ddb30c299540f775c7e9d346e63ed48d654b7514ccd96b18201204baecce7Apple Security Advisory 2023-07-24-4 - macOS Ventura 13.5 addresses bypass, code execution, out of bounds read, and use-after-free vulnerabilities.
c637626493b675cefdcd4fdba35ad174a41ee73e582783331eefed49239a1e71
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed