Ubuntu Security Notice 6541-2 - USN-6541-1 fixed vulnerabilities in the GNU C Library. Unfortunately, changes made to allow proper application of the fix for CVE-2023-4806 in Ubuntu 22.04 LTS introduced an issue in the NSCD service IPv6 processing functionalities. This update fixes the problem.
bc3721df8900755121a9275ec3c0ca95e9b3b1bcdc3c9d027da7cecd5b9c87dcGentoo Linux Security Advisory 202401-14 - A denial of service vulnerability has been found in RedCloth. Versions greater than or equal to 4.3.2-r5 are affected.
40658bbbc5f887d204236de5251a6d530f1cf11ca030d49eb0397ee6d2eb8b7cUbuntu Security Notice 6570-1 - Pedro Gallegos discovered that PostgreSQL incorrectly handled modifying certain SQL array values. A remote attacker could use this issue to obtain sensitive information, or possibly execute arbitrary code. Hemanth Sandrana and Mahendrakar Srinivasarao discovered that PostgreSQL allowed the pg_signal_backend role to signal certain superuser processes, contrary to expectations.
b5d52ce1e5083dcfe4736ab19e3749de9d84fad76810e5fc4ffbecdca9a01e57Gentoo Linux Security Advisory 202401-13 - Multiple denial of service vulnerabilities have been found in FAAD2. Versions greater than or equal to 2.11.0 are affected.
7ec3297c1e5a099e7d989da9b8e773010cd62a3fe558a292a5f5f708ddc31bc6Proof of concept exploit for a privilege escalation issue in Android. In checkDebuggingDisallowed of DeviceVersionFragment.java, there is a possible way to access adb before SUW completion due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
db6bf38c923aa8b48f087c92b0b649720e01af632d0cbebfd3cb67803d0a4bf9PSOProxy version 0.5 suffers from a denial of service vulnerability.
32667f0278001cfa01628d5ba575eb55ed787745c9665368fdb52bb7310a099dUbuntu Security Notice 6573-1 - Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service or possibly expose sensitive information. Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service.
f0006c6ad90fe8a85ac8f3a7f19eb4a40ef1d77203492568e9db162a44677120Ubuntu Security Notice 6572-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Bien Pham discovered that the netfiler subsystem in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local user could use this to cause a denial of service or possibly execute arbitrary code.
6502281ff932b113046160566a0b04203cfc1147fab61e5281fcdf065831f17dBackdoor.Win32 Carbanak (Anunak) malware creates 8 named pipes used for C2 and interprocess communications and grants RW access to the Everyone user group.
025b315fe5e6131bdb0582d4066dabd2e50db6a7fe60aaa367ddf178890a85fbUbuntu Security Notice 6548-4 - It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service.
a59d7ca22719441586f7c9773620a6752e1da1c0ccf45bafa33667dfdc89fbcbRed Hat Security Advisory 2024-0107-03 - An update for nss is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
b8a69315945737a92db16befcf4bb89c2ae32e104545435aea5d59e6d90cbd39Red Hat Security Advisory 2024-0106-03 - An update for nss is now available for Red Hat Enterprise Linux 8.6 Extended Update Support.
07aac4c148882bb4f7279680410bda7b5c7c0977c598cbf6b81bb6beb0feb5eaRed Hat Security Advisory 2024-0105-03 - An update for nss is now available for Red Hat Enterprise Linux 8.
183a0c771929e2ef2a65e0f4225f551868c7d3ddc3581740afacac27fdb49600Red Hat Security Advisory 2024-0101-03 - Red Hat build of Keycloak 22.0.8 is now available from the Customer Portal. Issues addressed include an open redirection vulnerability.
1b24f1b1e15746560dca0dc50e00afaa9ee672e2337bae6e58fc42e0e1c4da53Red Hat Security Advisory 2024-0100-03 - A security update is now available for Red Hat build of Keycloak 22.0.8 images running on OpenShift Container Platform. Issues addressed include an open redirection vulnerability.
de0d175cb8baf5dc00579179ce7321a9aac0c7e5e05b8a2d5c6244cecaf9ff1bRed Hat Security Advisory 2024-0098-03 - A security update is now available for Red Hat Single Sign-On 7.6 from the Customer Portal. Issues addressed include an open redirection vulnerability.
b2a47b6e1a3199b884a0f5e0d90aa05e6bc49574f3cd1744f53fd935e20f021cRed Hat Security Advisory 2024-0097-03 - A new image is available for Red Hat Single Sign-On 7.6.6, running on OpenShift Container Platform 3.10 and 3.11, and 4.3. Issues addressed include an open redirection vulnerability.
fd7c3a26d1e57b187a8654b727404b66d51804add72cef713e3beb06f88fddfdRed Hat Security Advisory 2024-0096-03 - New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 9. Issues addressed include an open redirection vulnerability.
bcaffe0ede169215b8db3b20740a41e50e751c173b35631518487ddfec0543ccRed Hat Security Advisory 2024-0095-03 - New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 8. Issues addressed include an open redirection vulnerability.
d9a5cd474c429c3b6001c52a003e3637b23dbc76579e0958b0c8210f47592331Red Hat Security Advisory 2024-0094-03 - New Red Hat Single Sign-On 7.6.6 packages are now available for Red Hat Enterprise Linux 7. Issues addressed include an open redirection vulnerability.
9e6dbc5f623148c5ee1fefd3f4eef288e2967c3b65a79b8f0074e096662de813Red Hat Security Advisory 2024-0093-03 - An update for nss is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.
a2e61cd7b0c2bd600b04582cbe794ae7a3b25286afc7549bb8e14f2a2f1d23a8Red Hat Security Advisory 2024-0059-03 - Red Hat OpenShift Container Platform release 4.11.56 is now available with updates to packages and images that fix several bugs and add enhancements.
49c06eccca0ba467ba63ac3ed4d4b074656037fe514c0064bd2fd06e67d1d149Red Hat Security Advisory 2024-0050-03 - Red Hat OpenShift Container Platform release 4.14.8 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.
219cc50123824ca704eda09509c2069ea8c48ff967e72eee81c19e50fe57c98e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed