what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 10,018 RSS Feed

Operating System: Ubuntu

Ubuntu Security Notice USN-7126-1
Posted Nov 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7126-1 - It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack. It was discovered that libsoup did not correctly handle memory while performing UTF-8 conversions. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that libsoup could enter an infinite loop when reading certain websocket data. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, remote, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-52530, CVE-2024-52531, CVE-2024-52532
SHA-256 | cdd94a4f3569687a23d5f90580cbb143f94576b6385e0c33dfac46abdac253a6
Ubuntu Security Notice USN-7127-1
Posted Nov 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7127-1 - It was discovered that libsoup ignored certain characters at the end of header names. A remote attacker could possibly use this issue to perform a HTTP request smuggling attack. This issue only affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. It was discovered that libsoup did not correctly handle memory while performing UTF-8 conversions. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.

tags | advisory, remote, web, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-52530, CVE-2024-52531, CVE-2024-52532
SHA-256 | 8eab9b3c18eec9367e7c8330678731ff248eafd1a6652553de40ab2d374e7f6e
Ubuntu Security Notice USN-7130-1
Posted Nov 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7130-1 - It was discovered that GitHub CLI incorrectly handled username validation. An attacker could possibly use this issue to perform remote code execution if the user connected to a malicious server.

tags | advisory, remote, code execution
systems | linux, ubuntu
advisories | CVE-2024-52308
SHA-256 | fe3eb861c4e7a23b6b2ce99368f3327913bcab99b1f679efb490abc72c37bc89
Ubuntu Security Notice USN-7125-1
Posted Nov 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7125-1 - It was discovered that RapidJSON incorrectly parsed numbers written in scientific notation, leading to an integer underflow. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2024-38517
SHA-256 | 5959e05a4f919e8c421949a58be5b383c74c195a0627c0a6b62be2aa7a5df935
Ubuntu Security Notice USN-6988-2
Posted Nov 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6988-2 - USN-6988-1 fixedCVE-2024-41671 in Twisted. The USN incorrectly stated that previous releases were unaffected. This update provides the equivalent fix for Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 18.04 LTS. Ben Kallus discovered that Twisted incorrectly handled response order when processing multiple HTTP requests. A remote attacker could possibly use this issue to delay and manipulate responses. This issue only affected Ubuntu 24.04 LTS.

tags | advisory, remote, web
systems | linux, ubuntu
advisories | CVE-2024-41671
SHA-256 | 9f6c4ac3ae0181ed5637fe932441a9acc8aa722c23b40f44fc27316ef8f338d3
Ubuntu Security Notice USN-7129-1
Posted Nov 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7129-1 - It was discovered that TinyGLTF performed file path expansion in an insecure way on certain inputs. An attacker could possibly use this issue to cause a denial of service, or execute arbitrary code.

tags | advisory, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2022-3008
SHA-256 | 43b97184d979319f1754c2eac1453cd4112977dacc04a1b4e5f6bf6b99ea7ad7
Ubuntu Security Notice USN-7128-1
Posted Nov 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7128-1 - Sebastian Chnelik discovered that Pygments had an inefficient regex query for analyzing certain inputs. An attacker could possibly use this issue to cause a denial of service.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2022-40896
SHA-256 | 668d2cc6b2579ea7a3344658960fa1c48b5e4d4b3366c1ad0d944d336ae5e142
Ubuntu Security Notice USN-7117-2
Posted Nov 27, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7117-2 - USN-7117-1 fixed vulnerabilities in needrestart. The update introduced a regression in needrestart. This update fixes the problem. Qualys discovered that needrestart passed unsanitized data to a library which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root.

tags | advisory, arbitrary, local, root, vulnerability
systems | linux, ubuntu
advisories | CVE-2024-10224, CVE-2024-11003, CVE-2024-48990, CVE-2024-48991, CVE-2024-48992
SHA-256 | 6045c90f6a06c6c706541b8ae686bc492ee7f2e736d368452534e35f1f2ef3cc
Ubuntu Security Notice USN-7121-3
Posted Nov 25, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7121-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2022-48733, CVE-2022-48938, CVE-2022-48943, CVE-2023-52502, CVE-2023-52531, CVE-2023-52599, CVE-2023-52614, CVE-2023-52639, CVE-2024-26668, CVE-2024-26675, CVE-2024-36020, CVE-2024-36953, CVE-2024-38538, CVE-2024-38560
SHA-256 | e3878773279c2cc7787becc280d79d35ca2a4f4d79b0fc182cbb738a521ca071
Ubuntu Security Notice USN-7124-1
Posted Nov 25, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7124-1 - Andy Boothe discovered that the Networking component of OpenJDK 23 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. It was discovered that the Hotspot component of OpenJDK 23 did not properly handle vectorization under certain circumstances. An unauthenticated attacker could possibly use this issue to access unauthorized resources and expose sensitive information.

tags | advisory, denial of service
systems | linux, ubuntu
advisories | CVE-2024-21208, CVE-2024-21217
SHA-256 | 3ec83b0c7a8eab03ded10e155b0d8e3b90fe54baa82de5a2043570a2333536d9
Ubuntu Security Notice USN-7015-6
Posted Nov 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7015-6 - USN-7015-5 fixed vulnerabilities in python2.7. The update introduced several minor regressions. This update fixes the problem. It was discovered that the Python email module incorrectly parsed email addresses that contain special characters. A remote attacker could possibly use this issue to bypass certain protection mechanisms. It was discovered that Python allowed excessive backtracking while parsing certain tarfile headers. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. It was discovered that the Python email module incorrectly quoted newlines for email headers. A remote attacker could possibly use this issue to perform header injection. It was discovered that the Python http.cookies module incorrectly handled parsing cookies that contained backslashes for quoted characters. A remote attacker could possibly use this issue to cause Python to consume resources, leading to a denial of service. It was discovered that the Python zipfile module incorrectly handled certain malformed zip files. A remote attacker could possibly use this issue to cause Python to stop responding, resulting in a denial of service.

tags | advisory, remote, web, denial of service, vulnerability, python
systems | linux, ubuntu
advisories | CVE-2023-27043, CVE-2024-6232, CVE-2024-6923, CVE-2024-7592, CVE-2024-8088
SHA-256 | 667ae966414c566b7ba032fe92060c7e3cfb42504b259cece2ff73a5eb36f7f3
Ubuntu Security Notice USN-7120-3
Posted Nov 22, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7120-3 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2024-43882
SHA-256 | 57646a3034886c2e86bcd31eac59da5e06ae61f49b9a18b53b079814bb1416c0
Ubuntu Security Notice USN-7118-1
Posted Nov 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7118-1 - It was discovered that ZBar did not properly handle certain QR codes. If a user or automated system using ZBar were tricked into opening a specially crafted file, an attacker could possibly use this to obtain sensitive information. It was discovered that ZBar did not properly handle certain QR codes. If a user or automated system using ZBar were tricked into opening a specially crafted file, an attacker could possibly use this to obtain sensitive information. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.

tags | advisory
systems | linux, ubuntu
advisories | CVE-2023-40889, CVE-2023-40890
SHA-256 | 6b3e0f61600804cde99271c312d5689a7f2bfad198eedac8ee087274f4a891e6
Ubuntu Security Notice USN-7091-2
Posted Nov 21, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7091-2 - USN-7091-1 fixed several vulnerabilities in Ruby. This update provides the corresponding update for ruby2.7 in Ubuntu 20.04 LTS. It was discovered that Ruby incorrectly handled parsing of an XML document that has specific XML characters in an attribute value using REXML gem. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. This issue only affected in Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. It was discovered that Ruby incorrectly handled parsing of an XML document that has many entity expansions with SAX2 or pull parser API. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service. It was discovered that Ruby incorrectly handled parsing of an XML document that has many digits in a hex numeric character reference. An attacker could use this issue to cause Ruby to crash, resulting in a denial of service.

tags | advisory, denial of service, vulnerability, ruby
systems | linux, ubuntu
advisories | CVE-2024-35176, CVE-2024-41946, CVE-2024-49761
SHA-256 | 4789a5070a1d4d4a5cd75f511ab39806b1ab9a5257ef7f8b3fea027fc4cc6153
Ubuntu Security Notice USN-7123-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7123-1 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service or possibly expose sensitive information. Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code.

tags | advisory, denial of service, arbitrary, x86, kernel
systems | linux, ubuntu
advisories | CVE-2022-48666, CVE-2023-52757, CVE-2023-52889, CVE-2023-6610, CVE-2024-25744, CVE-2024-26661, CVE-2024-26669, CVE-2024-26800, CVE-2024-38577, CVE-2024-38602, CVE-2024-38611, CVE-2024-40915, CVE-2024-41011, CVE-2024-41012
SHA-256 | 0f33e2b0d9d4e9003aac62a268df3eec34205925efe7c3aefc683aecc1fe44d6
Ubuntu Security Notice USN-7121-2
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7121-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2022-48733, CVE-2022-48938, CVE-2022-48943, CVE-2023-52502, CVE-2023-52531, CVE-2023-52599, CVE-2023-52614, CVE-2023-52639, CVE-2024-26668, CVE-2024-26675, CVE-2024-36020, CVE-2024-36953, CVE-2024-38538, CVE-2024-38560
SHA-256 | 223942b47ef30b7d3a955f60c12af00a5f9088ad5192855d21ec724efb01c839
Ubuntu Security Notice USN-7120-2
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7120-2 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2024-43882
SHA-256 | dfa1c53cc3f85bc7b8b63755719a2989cfd8c4613948f4a075fd07cc392d781a
Ubuntu Security Notice USN-7122-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7122-1 - A security issue was discovered in the Linux kernel. An attacker could possibly use this to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2022-48943
SHA-256 | 13b9fd24f479be999c536c9cca08ce96dba07ef0680d6e04bda8d87f5220442f
Ubuntu Security Notice USN-7121-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7121-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2022-48733, CVE-2022-48938, CVE-2022-48943, CVE-2023-52502, CVE-2023-52531, CVE-2023-52599, CVE-2023-52614, CVE-2023-52639, CVE-2024-26668, CVE-2024-26675, CVE-2024-36020, CVE-2024-36953, CVE-2024-38538, CVE-2024-38560
SHA-256 | a5d279642a2825e810ea4cd3f8cf90409d9d98c7800a435ae7b18ad49a98dac3
Ubuntu Security Notice USN-7120-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7120-1 - Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, kernel
systems | linux, ubuntu
advisories | CVE-2024-43882
SHA-256 | 9a219c86f338ba1aa47688bce8d8ccd34d42158fb4334560d154470d24bf725b
Ubuntu Security Notice USN-7119-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7119-1 - Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local attacker could use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, overflow, kernel, local
systems | linux, ubuntu
advisories | CVE-2021-47188, CVE-2022-36402, CVE-2022-48863, CVE-2023-52531, CVE-2023-52614, CVE-2023-52918, CVE-2024-26607, CVE-2024-26640, CVE-2024-26641, CVE-2024-26668, CVE-2024-26669, CVE-2024-26677, CVE-2024-26885, CVE-2024-26960
SHA-256 | 0ac8232eca124498c64e1f39ff4a55d32797211ade5b92cbb09450e9c8fd78da
Ubuntu Security Notice USN-7089-7
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7089-7 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

tags | advisory, denial of service, kernel, local
systems | linux, ubuntu
advisories | CVE-2023-52887, CVE-2023-52888, CVE-2024-25741, CVE-2024-39487, CVE-2024-41007, CVE-2024-41012, CVE-2024-41015, CVE-2024-41020, CVE-2024-41022, CVE-2024-41023, CVE-2024-41025, CVE-2024-41030, CVE-2024-41032, CVE-2024-41034
SHA-256 | 3bb4b0009eaad71618f34ff6c752f1f9e4ea79487c66b03cb45903424dfb4988
Ubuntu Security Notice USN-7117-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7117-1 - Qualys discovered that needrestart passed unsanitized data to a library which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed perl code. This could allow a local attacker to execute arbitrary shell commands.

tags | advisory, arbitrary, shell, local, root, perl
systems | linux, ubuntu
advisories | CVE-2024-10224, CVE-2024-11003, CVE-2024-48990, CVE-2024-48991, CVE-2024-48992
SHA-256 | 243f9908492121d33be291aab7ae169001482e1d128c0417a2f83b5ed1d56c6e
Ubuntu Security Notice USN-7115-1
Posted Nov 20, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7115-1 - It was discovered that Waitress could process follow up requests when receiving a specially crafted message. An attacker could use this issue to have the server process inconsistent client requests. Dylan Jay discovered that Waitress could be lead to write to an unexisting socket after closing the remote connection. An attacker could use this issue to increase resource utilization leading to a denial of service.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2024-49768, CVE-2024-49769
SHA-256 | 6ad6f923ea9cc45b7e046d6e571ff79657024a06937696cab8baf2ba282bbeb0
Ubuntu Security Notice USN-7116-1
Posted Nov 19, 2024
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 7116-1 - It was discovered that Python incorrectly handled quoting path names when using the venv module. A local attacker able to control virtual environments could possibly use this issue to execute arbitrary code when the virtual environment is activated.

tags | advisory, arbitrary, local, python
systems | linux, ubuntu
advisories | CVE-2024-9287
SHA-256 | 446a88199d9186d03c7cdc7b5e4b83cd8d96c3cfc050d5bbded309e03b02cb0c
Page 1 of 401
Back12345Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close