Red Hat Security Advisory 2022-6872-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
Ubuntu Security Notice 5669-1 - It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.
Red Hat Security Advisory 2022-6854-01 - The gnutls packages provide the GNU Transport Layer Security library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Nettle is a cryptographic library that is designed to fit easily in almost any context: In crypto toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like LSH or GNUPG, or even in kernel space. Issues addressed include a double free vulnerability.
Red Hat Security Advisory 2022-6856-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include buffer overflow, denial of service, and spoofing vulnerabilities.
Red Hat Security Advisory 2022-6855-01 - Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Issues addressed include buffer overflow, denial of service, double free, and spoofing vulnerabilities.
Ubuntu Security Notice 5667-1 - Selim Enes Karaduman discovered that a race condition existed in the General notification queue implementation of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Pawan Kumar Gupta, Alyssa Milburn, Amit Peled, Shani Rehana, Nir Shildan and Ariel Sabba discovered that some Intel processors with Enhanced Indirect Branch Restricted Speculation did not properly handle RET instructions after a VM exits. A local attacker could potentially use this to expose sensitive information.
Ubuntu Security Notice 5668-1 - It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information. It was discovered that an out-of-bounds write vulnerability existed in the Video for Linux 2 implementation in the Linux kernel. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 5657-1 - It was discovered that Graphite2 mishandled specially crafted files. An attacker could possibly use this issue to cause a denial of service or other unspecified impact.
Ubuntu Security Notice 5669-2 - It was discovered that the SUNRPC RDMA protocol implementation in the Linux kernel did not properly calculate the header size of a RPC message payload. A local attacker could use this to expose sensitive information. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.
Ubuntu Security Notice 5666-1 - It was discovered that OpenSSH incorrectly handled certain helper programs. An attacker could possibly use this issue to arbitrary code execution.
Ubuntu Security Notice 5665-1 - It was discovered that PCRE incorrectly handled certain regular expressions. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service. It was discovered that PCRE incorrectly handled certain Unicode encoding. A remote attacker could use this issue to cause applications using PCRE to crash, resulting in a denial of service.
When analyzing the external data storage Verbatim Store 'n' Go Secure Portable SSD, Matthias Deeg found out that the device will not lock and require reformatting after 20 failed passcode attempts, as described in the product description and the corresponding user manual.
When analyzing the external data storage Verbatim Store 'n' Go Secure Portable SSD, Matthias Deeg found out that the validation of the firmware for the USB-to-SATA bridge controller INIC-3637EN only consists of a simple CRC-16 check (XMODEM CRC-16).
When analyzing the external storage device Verbatim Store 'n' Go Secure Portable SSD, Matthias Deeg found out that the firmware of the USB-to-SATA bridge controller INIC-3637EN uses AES-256 with the ECB (Electronic Codebook) mode.
When analyzing the external storage device Verbatim Store 'n' Go Secure Portable SSD, Matthias Deeg found out that it uses an insecure design which allows for offline brute-force attacks against the passcode.
Ubuntu Security Notice 5663-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, spoof the mouse pointer position, obtain sensitive information, spoof the contents of the addressbar, bypass security restrictions, or execute arbitrary code.
Ubuntu Security Notice 5371-3 - USN-5371-1 and USN-5371-2 fixed several vulnerabilities in nginx. This update provides the corresponding update for CVE-2020-11724 for Ubuntu 16.04 ESM. It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perform an HTTP Request Smuggling attack. This issue was fixed for Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to disclose sensitive information. This issue only affects Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. It was discovered that nginx mishandled the use of compatible certificates among multiple encryption protocols. If a remote attacker were able to intercept the communication, this issue could be used to redirect traffic between subdomains.
Advisory ID: SYSS-2022-043
Product: Store 'n' Go Secure Portable SSD
Manufacturer: Verbatim
Affected Version(s): #53402 (GDMSLK02 C-INIC3637-V1.1)
Tested Version(s): #53402 (GDMSLK02 C-INIC3637-V1.1)
Vulnerability Type: Use of a Cryptographic Primitive with a Risky
Implementation (CWE-1240)
Risk Level: High
Solution Status:...
Red Hat Security Advisory 2022-6850-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6839-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.
Ubuntu Security Notice 5661-1 - It was discovered that LibreOffice incorrectly validated macro signatures. If a user were tricked into opening a specially crafted document, a remote attacker could possibly use this issue to execute arbitrary macros. It was discovered that Libreoffice incorrectly handled encrypting the master key provided by the user for storing passwords for web connections. A local attacker could possibly use this issue to obtain access to passwords stored in the user's configuration data.
Red Hat Security Advisory 2022-6835-01 - This release of Red Hat Integration - Service registry 2.3.0.GA serves as a replacement for 2.0.3.GA, and includes the below security fixes. Issues addressed include code execution, cross site scripting, denial of service, deserialization, and privilege escalation vulnerabilities.
Ubuntu Security Notice 5660-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Moshe Kol, Amit Klein and Yossi Gilad discovered that the IP implementation in the Linux kernel did not provide sufficient randomization when calculating port offsets. An attacker could possibly use this to expose sensitive information.
Ubuntu Security Notice 5659-1 - Stephane Chauveau discovered that kitty incorrectly handled image filenames with special characters in error messages. A remote attacker could possibly use this to execute arbitrary commands. This issue only affected Ubuntu 20.04 LTS. Carter Sande discovered that kitty incorrectly handled escape sequences in desktop notifications. A remote attacker could possibly use this to execute arbitrary commands. This issue only affected Ubuntu 22.04 LTS.
Red Hat Security Advisory 2022-6820-01 - Prometheus JMX Exporter is a JMX to Prometheus exporter: a collector that can be configured to scrape and expose MBeans of a JMX target. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6757-01 - This release of Red Hat build of Eclipse Vert.x 4.3.3 GA includes security updates. For more information, see the release notes listed in the References section. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6819-01 - Red Hat AMQ Streams, based on the Apache Kafka project, offers a distributed backbone that allows microservices and other applications to share data with extremely high throughput and extremely low latency. This release of Red Hat AMQ Streams 2.2.0 serves as a replacement for Red Hat AMQ Streams 2.1.0, and includes security and bug fixes, and enhancements. Issues addressed include denial of service and deserialization vulnerabilities.
Ubuntu Security Notice 5658-1 - It was discovered that DHCP incorrectly handled option reference counting. A remote attacker could possibly use this issue to cause DHCP servers to crash, resulting in a denial of service. It was discovered that DHCP incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause DHCP clients and servers to consume resources, leading to a denial of service.
Red Hat Security Advisory 2022-6821-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6823-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6822-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6825-01 - Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves as a replacement for Red Hat JBoss Enterprise Application Platform 7.4.6, and includes bug fixes and enhancements. See the Red Hat JBoss Enterprise Application Platform 7.4.7 Release Notes for information about the most significant bug fixes and enhancements included in this release. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6813-01 - Red Hat Process Automation Manager is an open source business process management suite that combines process management and decision service management and enables business and IT users to create, manage, validate, and deploy process applications and decision services. This asynchronous security patch is an update to Red Hat Process Automation Manager 7. Issues addressed include XML injection, bypass, denial of service, and traversal vulnerabilities.
Red Hat Security Advisory 2022-6815-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.
Red Hat Security Advisory 2022-6782-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.3 on RHEL 7 serves as a replacement for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.
Red Hat Security Advisory 2022-6780-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.
Ubuntu Security Notice 5656-1 - Joseph Yasi discovered that JACK incorrectly handled the closing of a socket in certain conditions. An attacker could potentially use this issue to cause a crash.
Red Hat Security Advisory 2022-6779-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.
Red Hat Security Advisory 2022-6777-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.
Red Hat Security Advisory 2022-6778-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.
Red Hat Security Advisory 2022-6774-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.
Red Hat Security Advisory 2022-6775-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.
Red Hat Security Advisory 2022-6787-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.3 serves as a replacement for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.
Red Hat Security Advisory 2022-6776-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects.
Red Hat Security Advisory 2022-6781-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.
Ubuntu Security Notice 5655-1 - It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel's Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service.
Red Hat Security Advisory 2022-6783-01 - Red Hat Single Sign-On 7.5 is a standalone server, based on the Keycloak project, that provides authentication and standards-based single sign-on capabilities for web and mobile applications. This release of Red Hat Single Sign-On 7.5.3 on RHEL 8 serves as a replacement for Red Hat Single Sign-On 7.5.2, and includes bug fixes and enhancements, which are documented in the Release Notes document linked to in the References. Issues addressed include HTTP request smuggling, code execution, cross site scripting, and denial of service vulnerabilities.
Ubuntu Security Notice 5614-2 - USN-5614-1 fixed a vulnerability in Wayland. This update provides the corresponding update for Ubuntu 16.04 ESM. It was discovered that Wayland incorrectly handled reference counting certain objects. An attacker could use this issue to cause Wayland to crash, resulting in a denial of service, or possibly execute arbitrary code.
Red Hat Security Advisory 2022-6763-01 - The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly. Issues addressed include a memory leak vulnerability.
Ubuntu Security Notice 5651-2 - USN-5651-1 fixed a vulnerability in strongSwan. This update provides the corresponding update for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM. Lahav Schlesinger discovered that strongSwan incorrectly handled certain OCSP URIs and and CRL distribution points in certificates. A remote attacker could possibly use this issue to initiate IKE_SAs and send crafted certificates that contain URIs pointing to servers under their control, which can lead to a denial-of-service attack.