Red Hat Security Advisory 2023-1790-01

Red Hat Security Advisory 2023-1790-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.10.0 ESR. Issues addressed include double free and file download vulnerabilities.

Red Hat Security Advisory 2023-1792-01

Red Hat Security Advisory 2023-1792-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.10.0 ESR. Issues addressed include double free and file download vulnerabilities.

Red Hat Security Advisory 2023-1791-01

Red Hat Security Advisory 2023-1791-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.10.0 ESR. Issues addressed include double free and file download vulnerabilities.

Ubuntu Security Notice USN-6021-1

Ubuntu Security Notice 6021-1 - It was discovered that Chromium did not properly manage memory in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Chromium could be made to access memory out of bounds in WebHID. A remote attacker could possibly use this issue to corrupt memory via a malicious HID device, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-6020-1

Ubuntu Security Notice 6020-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that the KVM VMX implementation in the Linux kernel did not properly handle indirect branch prediction isolation between L1 and L2 VMs. An attacker in a guest VM could use this to expose sensitive information from the host OS or other guest VMs.

Ubuntu Security Notice USN-6019-1

Ubuntu Security Notice 6019-1 - It was discovered that Flask-CORS did not properly escape paths before evaluating resource rules. An attacker could possibly use this to expose sensitive information.

Ubuntu Security Notice USN-6018-1

Ubuntu Security Notice 6018-1 - Chen Lu, Lei Wang, and YiQi Sun discovered a privilege escalation vulnerability in apport-cli when viewing crash reports and unprivileged users are allowed to run sudo less. A local attacker on a specially configured system could use this to escalate their privilege.

Debian Security Advisory 5388-1

Debian Linux Security Advisory 5388-1 - It was reported that HAProxy, a fast and reliable load balancing reverse proxy, does not properly initialize connection buffers when encoding the FCGI_BEGIN_REQUEST record. A remote attacker can take advantage of this flaw to cause an information leak.

Debian Security Advisory 5387-1

Debian Linux Security Advisory 5387-1 - David Marchard discovered that Open vSwitch, a software-based Ethernet virtual switch, is susceptible to denial of service via malformed IP packets.

Ubuntu Security Notice USN-6016-1

Ubuntu Security Notice 6016-1 - It was discovered that thenify incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to execute arbitrary code.

Ubuntu Security Notice USN-6017-1

Ubuntu Security Notice 6017-1 - Hadrien Perrineau discovered that Ghostscript incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service, or possibly execute arbitrary code.

[webapps] Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset

Sielco PolyEco Digital FM Transmitter 2.0.6 - Authorization Bypass Factory Reset

[webapps] Sielco Analog FM Transmitter 2.12 - Cross-Site Request Forgery

Sielco Analog FM Transmitter 2.12 - Cross-Site Request Forgery

[webapps] Sielco PolyEco Digital FM Transmitter 2.0.6 - Authentication Bypass Exploit

Sielco PolyEco Digital FM Transmitter 2.0.6 - Authentication Bypass Exploit

[webapps] Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP

Sielco PolyEco Digital FM Transmitter 2.0.6 - Account Takeover / Lockout / EoP

[local] Google Chrome Browser 111.0.5563.64 - AXPlatformNodeCocoa Fatal OOM/Crash (macOS)

Google Chrome Browser 111.0.5563.64 - AXPlatformNodeCocoa Fatal OOM/Crash (macOS)

[webapps] Sielco Analog FM Transmitter 2.12 - Improper Access Control Change Admin Password

Sielco Analog FM Transmitter 2.12 - Improper Access Control Change Admin Password

[webapps] InnovaStudio WYSIWYG Editor 5.4 - Unrestricted File Upload / Directory Traversal

InnovaStudio WYSIWYG Editor 5.4 - Unrestricted File Upload / Directory Traversal

[remote] Sielco Analog FM Transmitter 2.12 - Remote Privilege Escalation

Sielco Analog FM Transmitter 2.12 - Remote Privilege Escalation

[webapps] Sielco Analog FM Transmitter 2.12 - 'id' Cookie Brute Force Session Hijacking

Sielco Analog FM Transmitter 2.12 - 'id' Cookie Brute Force Session Hijacking

[webapps] Bludit 4.0.0-rc-2 - Account takeover

Bludit 4.0.0-rc-2 - Account takeover

[webapps] Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure

Sielco PolyEco Digital FM Transmitter 2.0.6 - Unauthenticated Information Disclosure

[webapps] Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation

Sielco PolyEco Digital FM Transmitter 2.0.6 - Radio Data System POST Manipulation

Red Hat Security Advisory 2023-1769-01

Red Hat Security Advisory 2023-1769-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.

Red Hat Security Advisory 2023-1765-01

Red Hat Security Advisory 2023-1765-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.

Ubuntu Security Notice USN-6012-1

Ubuntu Security Notice 6012-1 - It was discovered that Smarty incorrectly parsed blocks' names and included files' names. A remote attacker with template writing permissions could use this issue to execute arbitrary PHP code.

Red Hat Security Advisory 2023-1770-01

Red Hat Security Advisory 2023-1770-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.

Red Hat Security Advisory 2023-1766-01

Red Hat Security Advisory 2023-1766-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.

Ubuntu Security Notice USN-6008-1

Ubuntu Security Notice 6008-1 - It was discovered that Exo did not properly sanitized desktop files. A remote attacker could possibly use this issue to to cause a crash or arbitrary code execution.

Ubuntu Security Notice USN-6014-1

Ubuntu Security Notice 6014-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

Red Hat Security Advisory 2023-1747-01

Red Hat Security Advisory 2023-1747-01 - The Public Key Infrastructure Core contains fundamental packages required by Red Hat Certificate System.

Ubuntu Security Notice USN-6015-1

Ubuntu Security Notice 6015-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Paul Menzel discovered that Thunderbird did not properly validate OCSP revocation status of recipient certificates when sending S/Mime encrypted email. An attacker could potentially exploits this issue to perform spoofing attack.

Debian Security Advisory 5386-1

Debian Linux Security Advisory 5386-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Debian Security Advisory 5385-1

Debian Linux Security Advisory 5385-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or spoofing.

Ubuntu Security Notice USN-6013-1

Ubuntu Security Notice 6013-1 - Xuewei Feng, Chuanpu Fu, Qi Li, Kun Sun, and Ke Xu discovered that the TCP implementation in the Linux kernel did not properly handle IPID assignment. A remote attacker could use this to cause a denial of service or inject forged data. Ke Sun, Alyssa Milburn, Henrique Kawakami, Emma Benoit, Igor Chervatyuk, Lisa Aichele, and Thais Moreira Hamasaki discovered that the Spectre Variant 2 mitigations for AMD processors on Linux were insufficient in some situations. A local attacker could possibly use this to expose sensitive information.

Red Hat Security Advisory 2023-1656-01

Red Hat Security Advisory 2023-1656-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.10.56.

Ubuntu Security Notice USN-6011-1

Ubuntu Security Notice 6011-1 - It was discovered that Json-smart incorrectly handled memory when processing input containing unclosed quotes. A remote attacker could possibly use this issue to cause applications using Json-smart to crash, leading to a denial of service. It was discovered that Json-smart incorrectly handled memory when processing input containing unclosed brackets. A remote attacker could possibly use this issue to cause applications using Json-smart to crash, leading to a denial of service.

Red Hat Security Advisory 2023-1655-01

Red Hat Security Advisory 2023-1655-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.10.56. Issues addressed include bypass, cross site scripting, information leakage, insecure permissions, and privilege escalation vulnerabilities.

Ubuntu Security Notice USN-6010-1

Ubuntu Security Notice 6010-1 - Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. Irvan Kurniawan discovered that Firefox did not properly manage fullscreen notifications using a combination of window.open, fullscreen requests, window.name assignments, and setInterval calls. An attacker could potentially exploit this issue to perform spoofing attacks.

Red Hat Security Advisory 2023-1744-01

Red Hat Security Advisory 2023-1744-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include buffer overflow, bypass, and denial of service vulnerabilities.

Red Hat Security Advisory 2023-1743-01

Red Hat Security Advisory 2023-1743-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include buffer overflow, bypass, and denial of service vulnerabilities.

Red Hat Security Advisory 2023-1663-01

Red Hat Security Advisory 2023-1663-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.2 serves as a replacement for Red Hat JBoss Web Server 5.7.1. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References.

Ubuntu Security Notice USN-6009-1

Ubuntu Security Notice 6009-1 - It was discovered that the System V IPC implementation in the Linux kernel did not properly handle large shared memory counts. A local attacker could use this to cause a denial of service. It was discovered that a use-after-free vulnerability existed in the SGI GRU driver in the Linux kernel. A local attacker could possibly use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2023-1664-01

Red Hat Security Advisory 2023-1664-01 - Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache Tomcat Servlet container, JBoss HTTP Connector, the PicketLink Vault extension for Apache Tomcat, and the Tomcat Native library. This release of Red Hat JBoss Web Server 5.7.2 serves as a replacement for Red Hat JBoss Web Server 5.7.1. This release includes bug fixes, enhancements and component upgrades, which are documented in the Release Notes, linked to in the References.

Red Hat Security Advisory 2023-1742-01

Red Hat Security Advisory 2023-1742-01 - Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Issues addressed include HTTP request smuggling, buffer overflow, bypass, and denial of service vulnerabilities.

Red Hat Security Advisory 2023-1703-01

Red Hat Security Advisory 2023-1703-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system.

Red Hat Security Advisory 2023-1691-01

Red Hat Security Advisory 2023-1691-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements.

Ubuntu Security Notice USN-6005-1

Ubuntu Security Notice 6005-1 - Matthieu Barjole and Victor Cutillas discovered that Sudo incorrectly escaped control characters in log messages and sudoreplay output. An attacker could possibly use these issues to inject terminal control characters that alter output when being viewed.

Apple Security Advisory 2023-04-10-3

Apple Security Advisory 2023-04-10-3 - macOS Big Sur 11.7.6 addresses code execution and out of bounds write vulnerabilities.

Apple Security Advisory 2023-04-10-2

Apple Security Advisory 2023-04-10-2 - macOS Monterey 12.6.5 addresses code execution and out of bounds write vulnerabilities.

Apple Security Advisory 2023-04-10-1

Apple Security Advisory 2023-04-10-1 - iOS 15.7.5 and iPadOS 15.7.5 addresses code execution, out of bounds write, and use-after-free vulnerabilities.

Apple Security Advisory 2023-04-07-3

Apple Security Advisory 2023-04-07-3 - Safari 16.4.1 addresses code execution and use-after-free vulnerabilities.

Apple Security Advisory 2023-04-07-1

Apple Security Advisory 2023-04-07-1 - iOS 16.4.1 and iPadOS 16.4.1 addresses code execution, out of bounds write, and use-after-free vulnerabilities.

Apple Security Advisory 2023-04-07-2

Apple Security Advisory 2023-04-07-2 - macOS Ventura 13.3.1 addresses code execution, out of bounds write, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-1646-01

Red Hat Security Advisory 2023-1646-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the RPM packages for Red Hat OpenShift Container Platform 4.12.11. Issues addressed include a denial of service vulnerability.

APPLE-SA-2023-04-07-3 Safari 16.4.1

Posted by Apple Product Security via Fulldisclosure on Apr 10

APPLE-SA-2023-04-07-3 Safari 16.4.1

Safari 16.4.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213722.

WebKit
Available for: macOS Big Sur and macOS Monterey
Impact: Processing maliciously crafted web content may lead to
arbitrary code execution. Apple is aware of a report that this issue
may have been actively exploited.
Description: A use after free issue was addressed...

APPLE-SA-2023-04-07-1 iOS 16.4.1 and iPadOS 16.4.1

Posted by Apple Product Security via Fulldisclosure on Apr 10

APPLE-SA-2023-04-07-1 iOS 16.4.1 and iPadOS 16.4.1

iOS 16.4.1 and iPadOS 16.4.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213720.

IOSurfaceAccelerator
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air
3rd generation and later, iPad 5th generation and later, and iPad
mini 5th generation and later
Impact: An app may be able to execute arbitrary code...

APPLE-SA-2023-04-07-2 macOS Ventura 13.3.1

Posted by Apple Product Security via Fulldisclosure on Apr 10

APPLE-SA-2023-04-07-2 macOS Ventura 13.3.1

macOS Ventura 13.3.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213721.

IOSurfaceAccelerator
Available for: macOS Ventura
Impact: An app may be able to execute arbitrary code with kernel
privileges. Apple is aware of a report that this issue may have been
actively exploited.
Description: An out-of-bounds write issue was...

APPLE-SA-2023-04-10-3 macOS Big Sur 11.7.6

Posted by Apple Product Security via Fulldisclosure on Apr 10

APPLE-SA-2023-04-10-3 macOS Big Sur 11.7.6

macOS Big Sur 11.7.6 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213725.

IOSurfaceAccelerator
Available for: macOS Big Sur
Impact: An app may be able to execute arbitrary code with kernel
privileges. Apple is aware of a report that this issue may have been
actively exploited.
Description: An out-of-bounds write issue was...

APPLE-SA-2023-04-10-1 iOS 15.7.5 and iPadOS 15.7.5

Posted by Apple Product Security via Fulldisclosure on Apr 10

APPLE-SA-2023-04-10-1 iOS 15.7.5 and iPadOS 15.7.5

iOS 15.7.5 and iPadOS 15.7.5 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/HT213723.

IOSurfaceAccelerator
Available for: iPhone 6s (all models), iPhone 7 (all models), iPhone
SE (1st generation), iPad Air 2, iPad mini (4th generation), and iPod
touch (7th generation)
Impact: An app may be able to execute arbitrary code with...