Ubuntu Security Notice 6533-1 - Tom Dohrmann discovered that the Secure Encrypted Virtualization implementation for AMD processors in the Linux kernel contained a race condition when accessing MMIO registers. A local attacker in a SEV guest VM could possibly use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the io_uring subsystem in the Linux kernel contained a race condition, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service.
69ff67f177ea2d03a0f7cff80acce49d24c347c916ab56ec77cab928e783bc5aUbuntu Security Notice 6532-1 - Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service.
0cdb4aa760fab31533df80e24faf46d100f20dc5ee5242cc463797b7fe3e75e1Ubuntu Security Notice 6534-1 - It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service or possibly expose sensitive information.
acb3338a3a35d4377c4d7790146e30000263b5425042561de050aea656873cbaUbuntu Security Notice 6531-1 - Seiya Nakata and Yudai Fujiwara discovered that Redis incorrectly handled certain specially crafted Lua scripts. An attacker could possibly use this issue to cause heap corruption and execute arbitrary code. SeungHyun Lee discovered that Redis incorrectly handled specially crafted commands. An attacker could possibly use this issue to trigger an integer overflow, which might cause Redis to allocate impossible amounts of memory, resulting in a denial of service via an application crash.
86bf06ce70285fd40bd6c61d977ae5a038cc5d7e43804cf355bef675f762bdebUbuntu Security Notice 6530-1 - It was discovered that HAProxy incorrectly handled URI components containing the hash character. A remote attacker could possibly use this issue to obtain sensitive information, or to bypass certain path_end rules.
5945ba5ee970dded791eca069f3f05ae807ea09d2a5cee77946eb9e18bf4c8cdCE Phoenixcart version 1.0.8.20 suffers from a remote shell upload vulnerability.
07b363b061bd5168064a8bc9eb0e871c0ae4e8d96a0a87798b419cec452c6070Red Hat Security Advisory 2023-7663-03 - Red Hat OpenShift distributed tracing 3.0.0. Issues addressed include a denial of service vulnerability.
b560f99a00fb65f06d1ab6df34adf3cd0f1e5b6c5a32f09b26f7615b68d8c1adRed Hat Security Advisory 2023-7662-03 - An update for windows-machine-config-operator-bundle-container and windows-machine-config-operator-container is now available for Red Hat OpenShift Container Platform 4.11. Issues addressed include a privilege escalation vulnerability.
19acb4ebf134be7c4286bc8a2c4b51d0be3f892338bc35a1232128400bf11effRed Hat Security Advisory 2023-7656-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.
d906b701c6f5aab605a0e77f3959a517b8084647362e8f3fd636ca857b1bf3ecRed Hat Security Advisory 2023-7653-03 - An update to the images for Red Hat Integration - Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include bypass and denial of service vulnerabilities.
3cc27351ac66db0b03a30f0656703c5b62fe29af2a1b6f8feadcb64d898dda18Red Hat Security Advisory 2023-7606-03 - Red Hat OpenShift Container Platform release 4.13.25 is now available with updates to packages and images that fix several bugs and add enhancements.
474705a97f0387f4e88bd91fb5e8519ab21f17704ed21c56f2699b361e58a5c2Red Hat Security Advisory 2023-7604-03 - Red Hat OpenShift Container Platform release 4.13.25 is now available with updates to packages and images that fix several bugs and add enhancements.
a01638a1173466b29f2df1496c1efceee3f56d26984a6b9172caa663d2ecb4e1Red Hat Security Advisory 2023-7602-03 - Red Hat OpenShift Container Platform release 4.13.25 is now available with updates to packages and images that fix several bugs.
ec40c81127506ce07da5a22a41d45fc986cae5a3d6c4a329fe63b19b9a2c1cf9
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed