Ubuntu Security Notice USN-6363-1

Ubuntu Security Notice 6363-1 - It was discovered that curl incorrectly handled certain large headers. A remote attacker could possibly use this issue to cause curl to consume resources, resulting in a denial of service.

Ubuntu Security Notice USN-6358-1

Ubuntu Security Notice 6358-1 - It was discovered that RedCloth incorrectly handled certain inputs during html sanitisation. An attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice USN-6361-1

Ubuntu Security Notice 6361-1 - It was discovered that CUPS incorrectly authenticated certain remote requests. A remote attacker could possibly use this issue to obtain recently printed documents.

Red Hat Security Advisory 2023-5081-01

Red Hat Security Advisory 2023-5081-01 - The librsvg2 packages provide a Scalable Vector Graphics library based on the libart library.

Ubuntu Security Notice USN-6362-1

Ubuntu Security Notice 6362-1 - Kevin Jones discovered that .NET did not properly process certain X.509 certificates. An attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice USN-6360-1

Ubuntu Security Notice 6360-1 - It was discovered that FLAC incorrectly handled encoding certain files. A remote attacker could use this issue to cause FLAC to crash, resulting in a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2023-5080-01

Red Hat Security Advisory 2023-5080-01 - Keylime is a TPM based highly scalable remote boot attestation and runtime integrity measurement solution. Issues addressed include bypass and denial of service vulnerabilities.

Ubuntu Security Notice USN-6359-1

Ubuntu Security Notice 6359-1 - It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2023-5071-01

Red Hat Security Advisory 2023-5071-01 - Libcap is a library for getting and setting POSIX.1e draft 15 capabilities. Issues addressed include integer overflow and memory leak vulnerabilities.

Red Hat Security Advisory 2023-5061-01

Red Hat Security Advisory 2023-5061-01 - The dmidecode packages provide utilities for extracting Intel 64 and Intel Itanium hardware information from the system BIOS or Extensible Firmware Interface, depending on the SMBIOS/DMI standard. This information typically includes system manufacturer, model name, serial number, BIOS version, and asset tag, as well as other details, depending on the manufacturer.

Ubuntu Security Notice USN-6237-3

Ubuntu Security Notice 6237-3 - USN-6237-1 fixed several vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts.

Red Hat Security Advisory 2023-5103-01

Red Hat Security Advisory 2023-5103-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.6 images.

Red Hat Security Advisory 2023-5069-01

Red Hat Security Advisory 2023-5069-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.

Ubuntu Security Notice USN-6164-2

Ubuntu Security Notice 6164-2 - USN-6164-1 fixed several vulnerabilities in c-ares. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Hannes Moesl discovered that c-ares incorrectly handled certain ipv6 addresses. An attacker could use this issue to cause c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-6339-3

Ubuntu Security Notice 6339-3 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2023-5091-01

Red Hat Security Advisory 2023-5091-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.

Red Hat Security Advisory 2023-5068-01

Red Hat Security Advisory 2023-5068-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include an information leakage vulnerability.

Red Hat Security Advisory 2023-5093-01

Red Hat Security Advisory 2023-5093-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.

Red Hat Security Advisory 2023-5094-01

Red Hat Security Advisory 2023-5094-01 - Kernel-based Virtual Machine is a full virtualization solution for Linux on a variety of architectures. The qemu-kvm packages provide the user-space component for running virtual machines that use KVM. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-5047-01

Red Hat Security Advisory 2023-5047-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-5046-01

Red Hat Security Advisory 2023-5046-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-5049-01

Red Hat Security Advisory 2023-5049-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a HTTP response splitting vulnerability.

Red Hat Security Advisory 2023-5044-01

Red Hat Security Advisory 2023-5044-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-5045-01

Red Hat Security Advisory 2023-5045-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-5050-01

Red Hat Security Advisory 2023-5050-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include a HTTP response splitting vulnerability.

Red Hat Security Advisory 2023-5048-01

Red Hat Security Advisory 2023-5048-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.

Debian Security Advisory 5495-1

Debian Linux Security Advisory 5495-1 - Multiple vulnerabilities were discovered in frr, the FRRouting suite of internet protocols, while processing malformed requests and packets the BGP daemon may have reachable assertions, NULL pointer dereference, out-of-bounds memory access, which may lead to denial of service attack.

Ubuntu Security Notice USN-6357-1

Ubuntu Security Notice 6357-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service.

Ubuntu Security Notice USN-6356-1

Ubuntu Security Notice 6356-1 - Jianjun Chen, Vern Paxson and Jian Jiang discovered that OpenDMARC incorrectly handled certain inputs. If a user or an automated system were tricked into receiving crafted inputs, an attacker could possibly use this to falsify the domain of an e-mails origin. Patrik Lantz discovered that OpenDMARC incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service.

Debian Security Advisory 5494-1

Debian Linux Security Advisory 5494-1 - Several NULL pointer dereference flaws were discovered in Mutt, a text-based mailreader supporting MIME, GPG, PGP and threading, which may result in denial of service (application crash) when viewing a specially crafted email or when composing from a specially crafted draft message.

Apple Security Advisory 2023-09-07-3

Apple Security Advisory 2023-09-07-3 - watchOS 9.6.2 addresses a malicious attachment vulnerability that could be used to execute arbitrary code.

Ubuntu Security Notice USN-6338-2

Ubuntu Security Notice 6338-2 - Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the f2fs file system in the Linux kernel, leading to a null pointer dereference vulnerability. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service.

Red Hat Security Advisory 2023-5042-01

Red Hat Security Advisory 2023-5042-01 - FLAC stands for Free Lossless Audio Codec. FLAC is similar to Ogg Vorbis, but lossless. The FLAC project consists of the stream format, reference encoders and decoders in library form, a command-line program to encode and decode FLAC files, and a command-line metadata editor for FLAC files. Issues addressed include a code execution vulnerability.

Debian Security Advisory 5492-1

Debian Linux Security Advisory 5492-1 - Several vulnerabilities have been discovered in the Linux kernel that may lead to a privilege escalation, denial of service or information leaks.

APPLE-SA-2023-09-07-3 watchOS 9.6.2

Posted by Apple Product Security via Fulldisclosure on Sep 08

APPLE-SA-2023-09-07-3 watchOS 9.6.2

watchOS 9.6.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT213907.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Wallet
Available for: Apple Watch Series 4 and later
Impact: A maliciously crafted attachment may result in arbitrary code...

APPLE-SA-2023-09-07-1 macOS Ventura 13.5.2

Posted by Apple Product Security via Fulldisclosure on Sep 08

APPLE-SA-2023-09-07-1 macOS Ventura 13.5.2

macOS Ventura 13.5.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT213906.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

ImageIO
Available for: macOS Ventura
Impact: Processing a maliciously crafted image may lead to arbitrary
code...

APPLE-SA-2023-09-07-2 iOS 16.6.1 and iPadOS 16.6.1

Posted by Apple Product Security via Fulldisclosure on Sep 08

APPLE-SA-2023-09-07-2 iOS 16.6.1 and iPadOS 16.6.1

iOS 16.6.1 and iPadOS 16.6.1 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT213905.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

ImageIO
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd
generation and...

[webapps] Jorani v1.0.3-(c)2014-2023 - XSS Reflected & Information Disclosure

Jorani v1.0.3-(c)2014-2023 - XSS Reflected & Information Disclosure

[remote] GOM Player 2.3.90.5360 - Remote Code Execution (RCE)

GOM Player 2.3.90.5360 - Remote Code Execution (RCE)

[webapps] Drupal 10.1.2 - web-cache-poisoning-External-service-interaction

Drupal 10.1.2 - web-cache-poisoning-External-service-interaction

[local] GOM Player 2.3.90.5360 - Buffer Overflow (PoC)

GOM Player 2.3.90.5360 - Buffer Overflow (PoC)

[webapps] Wordpress Plugin Elementor 3.5.5 - Iframe Injection

Wordpress Plugin Elementor 3.5.5 - Iframe Injection

[webapps] Axigen < 10.3.3.47, 10.2.3.12 - Reflected XSS

Axigen

[webapps] Wp2Fac - OS Command Injection

Wp2Fac - OS Command Injection

[remote] Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities

Techview LA-5570 Wireless Gateway Home Automation Controller - Multiple Vulnerabilities

[dos] SyncBreeze 15.2.24 - 'login' Denial of Service

SyncBreeze 15.2.24 - 'login' Denial of Service

[webapps] SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection

SPA-Cart eCommerce CMS 1.9.0.3 - SQL Injection

[webapps] soosyze 2.0.0 - File Upload

soosyze 2.0.0 - File Upload

Ubuntu Security Notice USN-6352-1

Ubuntu Security Notice 6352-1 - It was discovered that Apache Shiro incorrectly handled certain HTTP requests. A remote attacker could possibly use this issue to bypass security restrictions.

Ubuntu Security Notice USN-6353-1

Ubuntu Security Notice 6353-1 - Wooseok Kang discovered that PLIB did not properly manage memory under certain circumstances. If a user were tricked into opening a specially crafted TGA file, an attacker could possibly use this issue to cause applications using PLIB to crash, resulting in a denial of service, or possibly execute arbitrary code.

Red Hat Security Advisory 2023-5019-01

Red Hat Security Advisory 2023-5019-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 102.15.0 ESR.

Ubuntu Security Notice USN-6351-1

Ubuntu Security Notice 6351-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6349-1

Ubuntu Security Notice 6349-1 - Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did not properly perform permissions checks when handling HCI sockets. A physically proximate attacker could use this to cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice USN-6350-1

Ubuntu Security Notice 6350-1 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Red Hat Security Advisory 2023-4991-01

Red Hat Security Advisory 2023-4991-01 - Red Hat Ansible Automation Platform provides an enterprise framework for building, deploying and managing IT automation at scale. IT Managers can provide top-down guidelines on how automation is applied to individual teams, while automation developers retain the freedom to write tasks that leverage existing knowledge without the overhead. Ansible Automation Platform makes it possible for users across an organization to share, vet, and manage automation content by means of a simple, powerful, and agentless language.

Debian Security Advisory 5490-1

Debian Linux Security Advisory 5490-1 - Multiple security vulnerabilities have been discovered in aom, the AV1 Video Codec Library. Buffer overflows, use-after-free and NULL pointer dereferences may cause a denial of service or other unspecified impact if a malformed multimedia file is processed.

Ubuntu Security Notice USN-6345-1

Ubuntu Security Notice 6345-1 - It was discovered that SoX incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, an attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice USN-6344-1

Ubuntu Security Notice 6344-1 - Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that a race condition existed in the f2fs file system in the Linux kernel, leading to a null pointer dereference vulnerability. An attacker could use this to construct a malicious f2fs image that, when mounted and operated on, could cause a denial of service.

Ubuntu Security Notice USN-6346-1

Ubuntu Security Notice 6346-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Tavis Ormandy discovered that some AMD processors did not properly handle speculative execution of certain vector register instructions. A local attacker could use this to expose sensitive information.

Ubuntu Security Notice USN-6347-1

Ubuntu Security Notice 6347-1 - William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service. It was discovered that the NTFS file system implementation in the Linux kernel did not properly check buffer indexes in certain situations, leading to an out-of-bounds read vulnerability. A local attacker could possibly use this to expose sensitive information.