Ubuntu Security Notice 6606-1 - It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information.
7b9d61bb626e469fa6a211001e9c00d7fdd18aa20f3fbf87c320c90b5853f103
Ubuntu Security Notice 6605-1 - Lin Ma discovered that the netfilter subsystem in the Linux kernel did not properly validate network family support while creating a new netfilter table. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information.
cdb12864a59aff826d39ce99319286459b3c2cc26a55968cce8994e8c4d8d20d
Ubuntu Security Notice 6604-1 - It was discovered that the ASUS HID driver in the Linux kernel did not properly handle device removal, leading to a use-after-free vulnerability. A local attacker with physical access could plug in a specially crafted USB device to cause a denial of service. Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information.
d17c6353365258970841d80fc94ccc64beed6a1122b15a1bc1be29121160ed39
Ubuntu Security Notice 6603-1 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate the server frame size in certain situation, leading to an out-of-bounds read vulnerability. An attacker could use this to construct a malicious CIFS image that, when operated on, could cause a denial of service or possibly expose sensitive information. Budimir Markovic, Lucas De Marchi, and Pengfei Xu discovered that the perf subsystem in the Linux kernel did not properly validate all event sizes when attaching new events, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
9fe186eef0aa6e0a6c7c161754052e49f62293ba385d9ccd44897abc7326341d
Ubuntu Security Notice 6602-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that a race condition existed in the Linux kernel when performing operations with kernel objects, leading to an out-of-bounds write. A local attacker could use this to cause a denial of service or execute arbitrary code.
e4ea46e063ed7320c58795d9803e3ac6d7fa5f331537b1801175adb5167bb09e
Ubuntu Security Notice 6601-1 - It was discovered that the IGMP protocol implementation in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
cca79625b03d2bb1e94883b9d350917c326da4fe2ad588949119d92376aebd76
Ubuntu Security Notice 6600-1 - Several security issues were discovered in MariaDB and this update includes new upstream MariaDB versions to fix these issues. MariaDB has been updated to 10.3.39 in Ubuntu 20.04 LTS, 10.6.16 in Ubuntu 22.04 LTS and 10.11.6 in Ubuntu 23.10. CVE-2022-47015 only affected the MariaDB packages in Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
16c1095a14d9614f39b8bb44a170521da170553a595595a6e28eea3b61004115
Ubuntu Security Notice 6599-1 - Yeting Li discovered that Jinja incorrectly handled certain regex. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that Jinja incorrectly handled certain HTML passed with xmlatter filter. An attacker could inject arbitrary HTML attributes keys and values potentially leading to XSS.
c4598e532c545a8d7a06e60082eca74ab86406a361138570c7495e31b23944fd
Red Hat Security Advisory 2024-0530-03 - An update is now available for the Red Hat build of Cryostat 2 on RHEL 8. Issues addressed include a denial of service vulnerability.
1f3ad6f77ab6b4d3afdfac0816f95a171bf65805aea9b756b7b663ee63c7d6a9
Red Hat Security Advisory 2024-0500-03 - An update for openssl is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
79ea5b662faf0d46f123482b6437eccc01739ac46cb2ae34fb71fc9700d2edbd
Red Hat Security Advisory 2024-0499-03 - An update for libssh is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
ca24d6289d8a982597d3f2514213879395c4b7716d3efba7cb69afbfd9cf5fe7
Red Hat Security Advisory 2024-0477-03 - An update for frr is now available for Red Hat Enterprise Linux 9. Issues addressed include an out of bounds read vulnerability.
0e4ea7e827876fcad8abf18b469606f0d0aec49ae054b80d32cc2cbd01c90e39
Red Hat Security Advisory 2024-0474-03 - An update for tomcat is now available for Red Hat Enterprise Linux 9. Issues addressed include denial of service, information leakage, and open redirection vulnerabilities.
f93b882eddaffee5dafac1a17a664737c3bcb594ecb4028eac82158dcc78fc3c
Red Hat Security Advisory 2024-0468-03 - An update for grub2 is now available for Red Hat Enterprise Linux 9. Issues addressed include a bypass vulnerability.
d7688836975def7a7a904a8dff1818935b2df13cd5fb4f7e3796a60864ca37d5
Red Hat Security Advisory 2024-0466-03 - An update for python3.9 is now available for Red Hat Enterprise Linux 9.
fee6b8c5ed25918c773263bc37475a128af332da63631f21a83e18e24010445e
Red Hat Security Advisory 2024-0465-03 - An update for sqlite is now available for Red Hat Enterprise Linux 9. Issues addressed include a buffer overflow vulnerability.
477f0343258b4863f2f758641a5d24a7a90a9675b0cca6ff1fe70c4c5af72728
Red Hat Security Advisory 2024-0464-03 - An update for python-urllib3 is now available for Red Hat Enterprise Linux 9.
5e2d7a5624f97d20a6d70a2a3e5fdb17bfba7509f3c18063065f005ae58cf9e0
Red Hat Security Advisory 2024-0463-03 - An update for rpm is now available for Red Hat Enterprise Linux 9.
1d949cd8db92cfa34b0c5f6638b7c5666c2a4b0b7646f98bb29899edf4c9aa9c
Red Hat Security Advisory 2024-0461-03 - An update for kernel is now available for Red Hat Enterprise Linux 9. Issues addressed include integer overflow, null pointer, and use-after-free vulnerabilities.
8a97eb13211dba27bd067364861d9d9f57b874b609d9ff24cb47628dbd668b96
Red Hat Security Advisory 2024-0456-03 - An update for grub2 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a bypass vulnerability.
8df03a50153d348b7a9523920f9931588088a0776e29e514ee69cf925bb4f6d7
Red Hat Security Advisory 2024-0455-03 - An update for openssh is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a code execution vulnerability.
c5e3227243298a1e3bb59ac48643d3fe6e16b93315e9aa5aff8cb788c2e02d3e
Red Hat Security Advisory 2024-0454-03 - An update for python3.9 is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
fb4796b5011bcacfd3f53861ff3c07310778163054f0afa8e8bae1516f92a1b7
Red Hat Security Advisory 2024-0453-03 - An update for rpm is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
cac9bd6523e37734d6a91d5c65bc53416562e9860776e32f3776aa9604726dfa
Red Hat Security Advisory 2024-0452-03 - An update for curl is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an information leakage vulnerability.
59e2662368262e84ce86198718c9a8669a00a1a3d43ce9d6de4d7098796c8675
Red Hat Security Advisory 2024-0451-03 - An update for gnutls is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.
52e676e3e8a01ef2d811b076ad76a086174001e289f6b5100084fd05a1b2e146