Red Hat Security Advisory 2024-0554-03 - An update for kpatch-patch is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include out of bounds write and use-after-free vulnerabilities.
e35adcfab99ec896d26edfe1926fa86f08d10a79a28d03ff9e00317210edd31aRed Hat Security Advisory 2024-0539-03 - An update for tomcat is now available for Red Hat Enterprise Linux 8. Issues addressed include a HTTP request smuggling vulnerability.
fa8e47d23f41893222add00ec7a6bbf4aed63207797d5557aa4db12b1466b6e9Red Hat Security Advisory 2024-0538-03 - An update for libssh is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass and null pointer vulnerabilities.
cfc9ce4932ca892e2e01f37c4183afef96170b662bb5c764c5d2647bdbbf6213Red Hat Security Advisory 2024-0533-03 - An update for gnutls is now available for Red Hat Enterprise Linux 9.
52cb971d0799ce2130f24a5eeda58e884332039591558e2aed5290e7a3f2b2b4Red Hat Security Advisory 2024-0532-03 - An update for tomcat is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a HTTP request smuggling vulnerability.
dce485660d40f94ccbc089e2371032d2c58c266c738cd21080e6323e780ef70bUbuntu Security Notice 6614-1 - It was discovered that amanda did not properly check certain arguments. A local unprivileged attacker could possibly use this issue to perform a privilege escalation attack.
9b106327afefa541eb88d19eb52149874dc4ff55f761323d7fd9100033444babUbuntu Security Notice 6612-1 - It was discovered that TinyXML incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted XML file, a remote attacker could possibly use this issue to cause a denial of service.
babdcc80bf00e41b4e7aa5167cb90fe8dfec3f6236be8066fc247dd2afb8d0deDebian Linux Security Advisory 5610-1 - Multiple security issues were discovered in Redis, a persistent key-value database, which could result in the execution of arbitrary code or ACL bypass.
6a575e49865251ebf28406b8b02755df04cae2bd061603790e201c0c1917a8a9Ubuntu Security Notice 6605-2 - Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information.
3524f7db7b0463e6485d6224f046d239cbfe56762aedd26a06ba65129c0a6080Ubuntu Security Notice 6604-2 - It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information.
87adb9a0dd630857bb46668b561ed587d03265f1d69126841b1f12420169e7bcUbuntu Security Notice 6613-1 - Lucas Henry discovered that Ceph incorrectly handled specially crafted POST requests. An unprivileged user could use this to bypass Ceph's authorization checks and upload a file to any bucket.
dea0ef831400997642252a550e02200a9abf58a74817bc281c5715f96a9a5da3WS_FTP Server version 5.0.5 remote denial of service exploit.
b0ae7d2a65c936ec4e7b7587622a4bd90c91fed914ec8e7ea7930992434fb955httpdx version 1.5.1 remote denial of service exploit.
f093dce9ee3f2b8a6cf3ed4f50eef65f5d1900f0d7ff32ae945e4442a76dec6eSysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.
b6f5c76af02ef16ffb7965f810a9af4815ad4f904b478eb7451dde7133f76dbf
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed