Ubuntu Security Notice 6492-1 - Kathrin Kleinhammer discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS. Zhanxiang Song discovered that Mosquitto incorrectly handled certain inputs. If a user or an automated system were provided with a specially crafted input, a remote attacker could possibly use this issue to cause an authorisation bypass. This issue only affected Ubuntu 22.04 LTS and Ubuntu 23.04.
8afa51ddd6fc11641b55e0d1a848ec61be70bbc1dbd56775c52c42cf1a85cb07Ubuntu Security Notice 6493-2 - USN-6493-1 fixed a vulnerability in hibagent. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. On Ubuntu 18.04 LTS and Ubuntu 16.04 LTS, the hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended.
b13057304526d511463df4f04cba10f337f4992cdb6b55a730c51406ec3831abUbuntu Security Notice 6493-1 - On Ubuntu 20.04 LTS and Ubuntu 22.04 LTS, the hibagent package has been updated to add IMDSv2 support, as IMDSv1 uses an insecure protocol and is no longer recommended. In addition, on all releases, hibagent has been updated to do nothing if ODH is configured.
790fee314a2b11eea708a1a104b708111a877a786380c337a1431994534d10ceUbuntu Security Notice 6491-1 - Axel Chong discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. Zeyu Zhang discovered that Node.js incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS.
8ddf8df4e907b7feb37bcc05076feb91fbe7775e008bc78c2060fe24dcb8e07eDebian Linux Security Advisory 5560-1 - Florian Picca reported a bug the charon-tkm daemon in strongSwan an IKE/IPsec suite.
5a1f2db0cf804134a1732977a4abea781e62ddaade859b0bb3eda79fe9c3e42dUbuntu Security Notice 6490-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.
d35bfaa2f5bcc9080ab733d02c9fe09161108b6505edc3ee149515eb5f62da3aUbuntu Security Notice 6488-1 - Florian Picca discovered that strongSwan incorrectly handled certain DH public values. A remote attacker could use this issue to cause strongSwan to crash, resulting in a denial of service, or possibly execute arbitrary code.
7ffb104625b55bdf8d0c050ca960b947b669a817f6f1d3a5c481c108244fc04dUbuntu Security Notice 6489-1 - Brian McDermott discovered that Tang incorrectly handled permissions when creating/rotating keys. A local attacker could possibly use this issue to read the keys.
2724168d9400370e70a75b1ac8a5bba75de31f472f668121cf09fd02fe969e3cRed Hat Security Advisory 2023-7379-01 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a use-after-free vulnerability.
10af29b2ee571cfdc73109a090a81253b129ea2deaccb532ab757bfaaa1448caRed Hat Security Advisory 2023-7361-01 - An update for ncurses is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
f626c64145e50b386c449df8eca2347adbea2ffa0864abfe30d31b9a5796b8aeUbuntu Security Notice 6487-1 - Evgeny Vereshchagin discovered that Avahi contained several reachable assertions, which could lead to intentional assertion failures when specially crafted user input was given. An attacker could possibly use this issue to cause a denial of service.
9cc9f38ae6308173c22d92fc8859b403636eeb52e789ea698e5b0d9b2fea95b2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed