Debian Security Advisory 5576-1

Debian Linux Security Advisory 5576-1 - Jan-Niklas Sohn discovered several vulnerabilities in the Xorg X server, which may result in privilege escalation if the X server is running privileged.

Ubuntu Security Notice USN-6549-3

Ubuntu Security Notice 6549-3 - It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service or possibly expose sensitive information.

Apple Security Advisory 12-11-2023-8

Apple Security Advisory 12-11-2023-8 - watchOS 10.2 addresses code execution and out of bounds read vulnerabilities.

Apple Security Advisory 12-11-2023-7

Apple Security Advisory 12-11-2023-7 - tvOS 17.2 addresses code execution and out of bounds read vulnerabilities.

Apple Security Advisory 12-11-2023-6

Apple Security Advisory 12-11-2023-6 - macOS Monterey 12.7.2 addresses code execution and out of bounds read vulnerabilities.

Ubuntu Security Notice USN-6548-3

Ubuntu Security Notice 6548-3 - It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice USN-6534-3

Ubuntu Security Notice 6534-3 - It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service or possibly expose sensitive information.

Ubuntu Security Notice USN-6553-1

Ubuntu Security Notice 6553-1 - Nina Jensen discovered that Pydantic incorrectly handled user input in the date and datetime fields. An attacker could possibly use this issue to cause a denial of service via application crash.

Ubuntu Security Notice USN-6554-1

Ubuntu Security Notice 6554-1 - Zygmunt Krynicki discovered that GNOME Settings did not accurately reflect the SSH remote login status when the system was configured to use systemd socket activation for OpenSSH. Remote SSH access may be unknowingly enabled, contrary to expectation.

Apple Security Advisory 12-11-2023-5

Apple Security Advisory 12-11-2023-5 - macOS Ventura 13.6.3 addresses code execution and out of bounds read vulnerabilities.

Ubuntu Security Notice USN-6548-2

Ubuntu Security Notice 6548-2 - It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service.

Apple Security Advisory 12-11-2023-4

Apple Security Advisory 12-11-2023-4 - macOS Sonoma 14.2 addresses code execution, out of bounds read, and spoofing vulnerabilities.

Apple Security Advisory 12-11-2023-3

Apple Security Advisory 12-11-2023-3 - iOS 16.7.3 and iPadOS 16.7.3 addresses code execution and out of bounds read vulnerabilities.

Ubuntu Security Notice USN-6549-2

Ubuntu Security Notice 6549-2 - It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service or possibly expose sensitive information.

Apple Security Advisory 12-11-2023-1

Apple Security Advisory 12-11-2023-1 - Safari 17.2 addresses code execution vulnerabilities.

Apple Security Advisory 12-11-2023-2

Apple Security Advisory 12-11-2023-2 - iOS 17.2 and iPadOS 17.2 addresses code execution and spoofing vulnerabilities.

Ubuntu Security Notice USN-6534-2

Ubuntu Security Notice 6534-2 - It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service or possibly expose sensitive information.

Ubuntu Security Notice USN-6551-1

Ubuntu Security Notice 6551-1 - It was discovered that Ghostscript incorrectly handled writing TIFF files. A remote attacker could possibly use this issue to cause Ghostscript to crash, resulting in a denial of service.

Ubuntu Security Notice USN-6552-1

Ubuntu Security Notice 6552-1 - Florent Saudel and Arnaud Gatignol discovered that Netatalk incorrectly handled certain specially crafted Spotlight requests. A remote attacker could possibly use this issue to cause heap corruption and execute arbitrary code.

Apple Security Advisory 11-30-2023-1

Apple Security Advisory 11-30-2023-1 - Safari 17.1.2 addresses code execution and out of bounds read vulnerabilities.

Apple Security Advisory 11-30-2023-2

Apple Security Advisory 11-30-2023-2 - iOS 17.1.2 and iPadOS 17.1.2 addresses code execution and out of bounds read vulnerabilities.

Apple Security Advisory 11-30-2023-3

Apple Security Advisory 11-30-2023-3 - macOS Sonoma 14.1.2 addresses code execution and out of bounds read vulnerabilities.

Red Hat Security Advisory 2023-7771-03

Red Hat Security Advisory 2023-7771-03 - An update for rh-postgresql10-postgresql is now available for Red Hat Software Collections. Issues addressed include an integer overflow vulnerability.

Red Hat Security Advisory 2023-7772-03

Red Hat Security Advisory 2023-7772-03 - An update for rh-postgresql13-postgresql is now available for Red Hat Software Collections. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-7773-03

Red Hat Security Advisory 2023-7773-03 - An update is now available for Red Hat Ansible Automation Platform 2.4.

SEC Consult SA-20231128 :: Missing Certificate Validation & User Enumeration in Anveo Mobile App and Server

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 12

SEC Consult Vulnerability Lab Security Advisory < 20231128-0 >
=======================================================================
title: Missing Certificate Validation & User Enumeration
product: Anveo Mobile App and Server
vulnerable version: Mobile App: 10.0.0.359 / 2016-07-13; Server: 11.0.0.5
fixed version: -
CVE number: -
impact: Medium
homepage:...

SEC Consult SA-20231205 :: Argument injection leading to unauthenticated RCE and authentication bypass in Atos Unify OpenScape Session Border Controller (SBC), Branch, BCF

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 12

SEC Consult Vulnerability Lab Security Advisory < 20231205-0 >
=======================================================================
title: Argument injection leading to unauthenticated RCE and
authentication bypass
product: Atos Unify OpenScape Session Border Controller (SBC)
Atos Unify OpenScape Branch
Atos Unify OpenScape BCF
vulnerable...

SEC Consult SA-20231211-0 :: Local Privilege Escalation via MSI installer in PDF24 Creator

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 12

SEC Consult Vulnerability Lab Security Advisory < 20231211-0 >
=======================================================================
title: Local Privilege Escalation via MSI installer
product: PDF24 Creator (geek Software GmbH)
vulnerable version: <=11.15.1
fixed version: 11.15.2
CVE number: CVE-2023-49147
impact: High
homepage:...

SEC Consult SA-20231206 :: Kiosk Escape Privilege Escalation in One Identity Password Manager Secure Password Extension

Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Dec 12

SEC Consult Vulnerability Lab Security Advisory < 20231206-0 >
=======================================================================
title: Kiosk Escape Privilege Escalation
product: One Identity Password Manager Secure Password Extension
vulnerable version: <5.13.1
fixed version: 5.13.1
CVE number: CVE-2023-48654
impact: critical
homepage:...

HNS-2023-04 - HN Security Advisory - Buffer overflow vulnerabilities with long path names in TinyDir

Posted by Marco Ivaldi on Dec 12

Hi,

Please find attached a security advisory that describes some buffer
overflow vulnerabilities we discovered in TinyDir.

* Title: Buffer overflow vulnerabilities with long path names in TinyDir
* Product: TinyDir <= 1.2.5
* Author: Marco Ivaldi <marco.ivaldi () hnsecurity it>
* Date: 2023-12-04
* CVE ID: CVE-2023-49287
* Severity: High - 7.7 - CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
* Vendor URL: https://github.com/cxong/tinydir...

APPLE-SA-12-11-2023-5 macOS Ventura 13.6.3

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-12-11-2023-5 macOS Ventura 13.6.3

macOS Ventura 13.6.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214038.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accounts
Available for: macOS Ventura
Impact: An app may be able to access sensitive user data
Description: A...

APPLE-SA-12-11-2023-6 macOS Monterey 12.7.2

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-12-11-2023-6 macOS Monterey 12.7.2

macOS Monterey 12.7.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214037.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accounts
Available for: macOS Monterey
Impact: An app may be able to access sensitive user data
Description: A...

APPLE-SA-12-11-2023-7 tvOS 17.2

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-12-11-2023-7 tvOS 17.2

tvOS 17.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214040.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

AVEVideoEncoder
Available for: Apple TV HD and Apple TV 4K (all models)
Impact: An app may be able to disclose kernel memory...

APPLE-SA-11-30-2023-2 iOS 17.1.2 and iPadOS 17.1.2

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-11-30-2023-2 iOS 17.1.2 and iPadOS 17.1.2

iOS 17.1.2 and iPadOS 17.1.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214031.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

WebKit
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation
and later, iPad Pro...

APPLE-SA-12-11-2023-8 watchOS 10.2

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-12-11-2023-8 watchOS 10.2

watchOS 10.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214041.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accounts
Available for: Apple Watch Series 4 and later
Impact: An app may be able to access sensitive user data
Description: A...

APPLE-SA-12-11-2023-1 Safari 17.2

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-12-11-2023-1 Safari 17.2

Safari 17.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214039.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

WebKit
Available for: macOS Monterey and macOS Ventura
Impact: Processing web content may lead to arbitrary code execution...

APPLE-SA-11-30-2023-3 macOS Sonoma 14.1.2

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-11-30-2023-3 macOS Sonoma 14.1.2

macOS Sonoma 14.1.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214032.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

WebKit
Available for: macOS Sonoma
Impact: Processing web content may disclose sensitive information. Apple
is...

APPLE-SA-12-11-2023-2 iOS 17.2 and iPadOS 17.2

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-12-11-2023-2 iOS 17.2 and iPadOS 17.2

iOS 17.2 and iPadOS 17.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214035.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accounts
Available for: iPhone XS and later, iPad Pro 12.9-inch 2nd generation
and later, iPad Pro...

APPLE-SA-12-11-2023-3 iOS 16.7.3 and iPadOS 16.7.3

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-12-11-2023-3 iOS 16.7.3 and iPadOS 16.7.3

iOS 16.7.3 and iPadOS 16.7.3 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214034.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accounts
Available for: iPhone 8 and later, iPad Pro (all models), iPad Air 3rd
generation and...

APPLE-SA-12-11-2023-4 macOS Sonoma 14.2

Posted by Apple Product Security via Fulldisclosure on Dec 12

APPLE-SA-12-11-2023-4 macOS Sonoma 14.2

macOS Sonoma 14.2 addresses the following issues.
Information about the security content is also available at
https://support.apple.com/kb/HT214036.

Apple maintains a Security Updates page at
https://support.apple.com/HT201222 which lists recent
software updates with security advisories.

Accessibility
Available for: macOS Sonoma
Impact: Secure text fields may be displayed via the Accessibility
Keyboard...

Debian Security Advisory 5574-1

Debian Linux Security Advisory 5574-1 - Reginaldo Silva discovered two security vulnerabilities in LibreOffice, which could result in the execution of arbitrary scripts or Gstreamer plugins when opening a malformed file.

Debian Security Advisory 5575-1

Debian Linux Security Advisory 5575-1 - The following vulnerabilities have been discovered in the WebKitGTK web engine.

Ubuntu Security Notice USN-6550-1

Ubuntu Security Notice 6550-1 - It was discovered that Smarty, that is integrated in the PostfixAdmin code, was not properly sanitizing user input when generating templates. An attacker could, through PHP injection, possibly use this issue to execute arbitrary code. It was discovered that Moment.js, that is integrated in the PostfixAdmin code, was using an inefficient parsing algorithm when processing date strings in the RFC 2822 standard. An attacker could possibly use this issue to cause a denial of service.

Ubuntu Security Notice USN-6547-1

Ubuntu Security Notice 6547-1 - it was discovered that Python incorrectly handled null bytes when normalizing pathnames. An attacker could possibly use this issue to bypass certain filename checks.

Ubuntu Security Notice USN-6548-1

Ubuntu Security Notice 6548-1 - It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice USN-6549-1

Ubuntu Security Notice 6549-1 - It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service. Lin Ma discovered that the Netlink Transformation subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service or possibly expose sensitive information.

Ubuntu Security Notice USN-6545-1

Ubuntu Security Notice 6545-1 - Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution.

Ubuntu Security Notice USN-6546-1

Ubuntu Security Notice 6546-1 - Reginaldo Silva discovered that LibreOffice incorrectly handled filenames when passing embedded videos to GStreamer. If a user were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary GStreamer plugins. Reginaldo Silva discovered that LibreOffice incorrectly handled certain non-typical hyperlinks. If a user were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary scripts.

Red Hat Security Advisory 2023-7715-03

Red Hat Security Advisory 2023-7715-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 9. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-7716-03

Red Hat Security Advisory 2023-7716-03 - An update for webkit2gtk3 is now available for Red Hat Enterprise Linux 8. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-7725-03

Red Hat Security Advisory 2023-7725-03 - Updated images are now available for Red Hat Advanced Cluster Security. The updated image includes bug and security fixes.

Red Hat Security Advisory 2023-7730-03

Red Hat Security Advisory 2023-7730-03 - An update for tracker-miners is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

Red Hat Security Advisory 2023-7714-03

Red Hat Security Advisory 2023-7714-03 - An update for the postgresql:12 module is now available for Red Hat Enterprise Linux 8. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

Red Hat Security Advisory 2023-7712-03

Red Hat Security Advisory 2023-7712-03 - An update for tracker-miners is now available for Red Hat Enterprise Linux 9.

Red Hat Security Advisory 2023-7713-03

Red Hat Security Advisory 2023-7713-03 - An update for tracker-miners is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

Debian Security Advisory 5573-1

Debian Linux Security Advisory 5573-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure.

Ubuntu Security Notice USN-6544-1

Ubuntu Security Notice 6544-1 - It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

Ubuntu Security Notice USN-6500-2

Ubuntu Security Notice 6500-2 - USN-6500-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Gopher support has been disabled in this update.

Ubuntu Security Notice USN-6543-1

Ubuntu Security Notice 6543-1 - It was discovered that tar incorrectly handled extended attributes in PAX archives. An attacker could use this issue to cause tar to crash, resulting in a denial of service.

Red Hat Security Advisory 2023-7711-03

Red Hat Security Advisory 2023-7711-03 - An update for apr is now available for Red Hat Enterprise Linux 9. Issues addressed include an integer overflow vulnerability.