Proof of concept exploit for an authentication bypass vulnerability in polkit.
458437eef69ad8bf3f51e3b80d608d2052ad08a989fbda8025248aff1d4b2a27Red Hat Security Advisory 2022-7119-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon and many client programs and libraries.
9929457a1f0fdfde3dde76a14383570ae0304a017f7e463a5abadc1debdeb8f3Red Hat Security Advisory 2022-6518-01 - MySQL is a multi-user, multi-threaded SQL database server. It consists of the MySQL server daemon, mysqld, and many client programs.
d9eec42fe708f9d233c951743f92cb2a8dd602a11814b0fcdcf598156c4f5bd1Red Hat Security Advisory 2022-4818-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Issues addressed include an integer overflow vulnerability.
0ab816c0409818c434abf2a05a67d1962bc7a39d504eccbe13d907a00d8000f6Red Hat Security Advisory 2022-1556-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Issues addressed include an integer overflow vulnerability.
f1c69783af1c2a576f6d2fe8a921eca44f3f5f67e8fada605cebecdcdc089e7cRed Hat Security Advisory 2022-1557-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Issues addressed include an integer overflow vulnerability.
3158fc1129575174341c7fa063aa1194c07ab45a783012f0896772de28542d04Red Hat Security Advisory 2022-1007-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. Issues addressed include an integer overflow vulnerability.
ce07462a1501c987a2440081205eb708f1ce719bb26e12f1801968793ad136a6Red Hat Security Advisory 2022-1010-01 - MariaDB is a multi-user, multi-threaded SQL database server. For all practical purposes, MariaDB is binary-compatible with MySQL. Issues addressed include an integer overflow vulnerability.
e2f0b3d0237280bfe9ca2b4a1b6982996781f17805ce5490fa8e00a1f172e116Red Hat Security Advisory 2022-0968-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP5. Issues addressed include deserialization and integer overflow vulnerabilities.
a30212491ea4821b7fde0bcaf4a2db6f6f9a910c995fa137ace8429ca59bce8cRed Hat Security Advisory 2022-0969-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR5-FP5. Issues addressed include deserialization and integer overflow vulnerabilities.
884c9441bde958f07d32536259e6bf0dbacffd55c6cd665bf1c4686c67cbedaaRed Hat Security Advisory 2022-0970-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR7-FP5. Issues addressed include deserialization and integer overflow vulnerabilities.
14ad386d2ad8d88c80409f5d366b55521907fbd246e1e98fd96686120632fa70Debian Linux Security Advisory 5000-2 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure.
bb28053ed741b4232cf1c304d7a1816d64dc77abf02ef0f7f4318db6ef2a9c3eUbuntu Security Notice 5202-1 - Varnavas Papaioannou discovered that the FTP client implementation in OpenJDK accepted alternate server IP addresses when connecting with FTP passive mode. An attacker controlling an FTP server that an application connects to could possibly use this to expose sensitive information. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. Markus Loewe discovered that OpenJDK did not properly handle JAR files containing multiple manifest files. An attacker could possibly use this to bypass JAR signature verification. This issue only affected Ubuntu 16.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 21.04. Various other issues were also addressed.
8d16582a2ede922c1e80ae93b16d8afa5e31ee481062df75eef99fc73ebfea3aWhitepaper that gives an overview of the Polkit vulnerability as discussed in CVE-2021-3560. Written in Spanish.
a41b8393ce5c22e793b28b10b8d6c72d64b22b0b06202998991ab9e195b4ef1cThis document covers a vulnerability in policy kit (polkit) used on many Linux distributions, which enables an unprivileged local user to get a privileged shell (root) on the system by manually sending dbus messages to the dbus-daemon, then killing the request before it has been fully processed.
ff7bcacb2c7403598821beac18efca74a1f7003754707a0f87aff49223d1293aUbuntu Security Notice 5170-1 - A security issue was discovered in MariaDB and this update includes new upstream MariaDB versions to fix the issue. MariaDB has been updated to 10.3.32 in Ubuntu 20.04 LTS and to 10.5.13 in Ubuntu 21.04 and Ubuntu 21.10. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
c65b4e4d27b4a8e5ea69f164428319672c272f4ac6e6ebbfb14fb929181e7895This whitepaper provides an overview of a Polkit authentication bypass vulnerability that allows for local privilege escalation.
93e86eaad4a245a57200302487bb9941411bfdb877a212d1a63b777283e5ebdbDebian Linux Security Advisory 5000-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure.
0a3dec4f4b03ce1d6e5aa4dfe97b700b072f5d722ad5b2fa1bd46c2ab2cdaa80Debian Linux Security Advisory 5012-1 - Several vulnerabilities have been discovered in the OpenJDK Java runtime, which may result in denial of service, incorrect Kerberos ticket use, selection of weak ciphers or information disclosure.
e83a47f083050475ac55df11961a83bfb42f62d09d3a5539b65b5db3449929a9Red Hat Security Advisory 2021-4531-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for Windows serves as the initial Windows release of OpenJDK 17. For further information, refer to the release notes linked to in the References section.
082e65c3466680b61175b95ae62fefca45ebd9871a01dee85f8faf2d71bbe8dbRed Hat Security Advisory 2021-4532-01 - The OpenJDK 17 packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. This release of the Red Hat build of OpenJDK 17 for portable Linux serves as the initial portable Linux release of OpenJDK 17. For further information, refer to the release notes linked to in the References section.
75037d8d382efe0c1ddc771fc434d6b6db41fdce63eb4f8363ef0b0eaec0fd31Red Hat Security Advisory 2021-4135-01 - The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.
1daf99b268e98fa429d906879b94d9f5cc597d47c6a4ceff9e835f38ecc6d388Ubuntu Security Notice 5123-2 - USN-5123-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.27 in Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.36. Various other issues were also addressed.
2a953b82c3ee0eb9c18ee313147132497fc7e9b061b741f64020ad8dd3689d8cUbuntu Security Notice 5123-1 - Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 8.0.27 in Ubuntu 20.04 LTS, Ubuntu 21.04, and Ubuntu 21.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.36. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Various other issues were also addressed.
03ef87ee76a564e35d3eada5370139352a5018d39be7a294f3ac57f7b963ce35Red Hat Security Advisory 2021-3967-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for portable Linux serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
f5d8ffd6c68394f199da92fbff992e11b60f132459ad6709a03c0bbfc6514b5b
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed