Ubuntu Security Notice USN-6778-1

Ubuntu Security Notice 6778-1 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Ubuntu Security Notice USN-6776-1

Ubuntu Security Notice 6776-1 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Ubuntu Security Notice USN-6777-1

Ubuntu Security Notice 6777-1 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Ubuntu Security Notice USN-6774-1

Ubuntu Security Notice 6774-1 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information.

Ubuntu Security Notice USN-6775-1

Ubuntu Security Notice 6775-1 - Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux kernel contained a race condition during device removal, leading to a use- after-free vulnerability. A physically proximate attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Ubuntu Security Notice USN-6773-1

Ubuntu Security Notice 6773-1 - It was discovered that .NET did not properly handle memory in it's Double Parse routine. An attacker could possibly use this issue to achieve remote code execution. It was discovered that .NET did not properly handle the usage of a shared resource. An attacker could possibly use this to cause a dead-lock condition, resulting in a denial of service.

Red Hat Security Advisory 2024-2889-03

Red Hat Security Advisory 2024-2889-03 - An update for gnutls is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include an information leakage vulnerability.

Red Hat Security Advisory 2024-2890-03

Red Hat Security Advisory 2024-2890-03 - An update for bind is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.

Red Hat Security Advisory 2024-2891-03

Red Hat Security Advisory 2024-2891-03 - An update for the httpd:2.4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-2888-03

Red Hat Security Advisory 2024-2888-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2886-03

Red Hat Security Advisory 2024-2886-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2887-03

Red Hat Security Advisory 2024-2887-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2882-03

Red Hat Security Advisory 2024-2882-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2883-03

Red Hat Security Advisory 2024-2883-03 - An update for firefox is now available for Red Hat Enterprise Linux 9. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2884-03

Red Hat Security Advisory 2024-2884-03 - An update for Firefox is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2885-03

Red Hat Security Advisory 2024-2885-03 - An update for firefox is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2881-03

Red Hat Security Advisory 2024-2881-03 - An update for firefox is now available for Red Hat Enterprise Linux 7. Issues addressed include bypass and use-after-free vulnerabilities.

Red Hat Security Advisory 2024-2784-03

Red Hat Security Advisory 2024-2784-03 - Red Hat OpenShift Container Platform release 4.12.57 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2024-2834-03

Red Hat Security Advisory 2024-2834-03 - An update for Red Hat Build of Apache Camel 4.4 for Quarkus 3.8 update is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Issues addressed include a server-side request forgery vulnerability.

Red Hat Security Advisory 2024-2781-03

Red Hat Security Advisory 2024-2781-03 - Red Hat OpenShift Container Platform release 4.12.57 is now available with updates to packages and images that fix several bugs.

Red Hat Security Advisory 2024-2782-03

Red Hat Security Advisory 2024-2782-03 - Red Hat OpenShift Container Platform release 4.12.57 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

Debian Security Advisory 5691-1

Debian Linux Security Advisory 5691-1 - Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or clickjacking.

Debian Security Advisory 5692-1

Debian Linux Security Advisory 5692-1 - Multiple security issues were discovered in Ghostscript, the GPL PostScript/PDF interpreter, which could result in denial of service and potentially the execution of arbitrary code if malformed document files are processed.

Debian Security Advisory 5690-1

Debian Linux Security Advisory 5690-1 - Amel Bouziane-Leblond discovered that LibreOffice's support for binding scripts to click events on graphics could result in unchecked script execution.

Debian Security Advisory 5689-1

Debian Linux Security Advisory 5689-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. Google is aware that an exploit for CVE-2024-4761 exists in the wild.

Ubuntu Security Notice USN-6766-2

Ubuntu Security Notice 6766-2 - It was discovered that the Open vSwitch implementation in the Linux kernel could overflow its stack during recursive action operations under certain conditions. A local attacker could use this to cause a denial of service. Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida discovered that the Linux kernel mitigations for the initial Branch History Injection vulnerability were insufficient for Intel processors. A local attacker could potentially use this to expose sensitive information.

Red Hat Security Advisory 2024-2852-03

Red Hat Security Advisory 2024-2852-03 - An update for Red Hat Build of Apache Camel 4.0 for Quarkus 3.2 update is now available. The purpose of this text-only errata is to inform you about the enhancements that improve your developer experience and ensure the security and stability of your products. Issues addressed include a server-side request forgery vulnerability.

Red Hat Security Advisory 2024-2776-03

Red Hat Security Advisory 2024-2776-03 - Red Hat OpenShift Container Platform release 4.15.13 is now available with updates to packages and images that fix several bugs and add enhancements.

Red Hat Security Advisory 2024-2853-03

Red Hat Security Advisory 2024-2853-03 - An update for the nodejs:20 module is now available for Red Hat Enterprise Linux 9. Issues addressed include HTTP request smuggling, denial of service, and out of bounds read vulnerabilities.

Red Hat Security Advisory 2024-2773-03

Red Hat Security Advisory 2024-2773-03 - Red Hat OpenShift Container Platform release 4.15.13 is now available with updates to packages and images that fix several bugs and add enhancements. Issues addressed include a denial of service vulnerability.

Apple Security Advisory 05-13-2024-7

Apple Security Advisory 05-13-2024-7 - watchOS 10.5 addresses bypass and code execution vulnerabilities.

Apple Security Advisory 05-13-2024-8

Apple Security Advisory 05-13-2024-8 - tvOS 17.5 addresses bypass and code execution vulnerabilities.

Apple Security Advisory 05-13-2024-5

Apple Security Advisory 05-13-2024-5 - macOS Ventura 13.6.7 addresses bypass vulnerabilities.

Apple Security Advisory 05-13-2024-6

Apple Security Advisory 05-13-2024-6 - macOS Monterey 12.7.5 addresses an issue where a malicious application may be able to access Find My data.

Apple Security Advisory 05-08-2024-1

Apple Security Advisory 05-08-2024-1 - iTunes 12.13.2 for Windows addresses a code execution vulnerability.

Apple Security Advisory 05-13-2024-3

Apple Security Advisory 05-13-2024-3 - iOS 16.7.8 and iPadOS 16.7.8 addresses bypass vulnerabilities.

Apple Security Advisory 05-13-2024-4

Apple Security Advisory 05-13-2024-4 - macOS Sonoma 14.5 addresses bypass and code execution vulnerabilities.

Apple Security Advisory 05-13-2024-1

Apple Security Advisory 05-13-2024-1 - Safari 17.5 addresses a bypass vulnerability.

Apple Security Advisory 05-13-2024-2

Apple Security Advisory 05-13-2024-2 - iOS 17.5 and iPadOS 17.5 addresses bypass and code execution vulnerabilities.

Red Hat Security Advisory 2024-2843-03

Red Hat Security Advisory 2024-2843-03 - An update for.NET 7.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-2845-03

Red Hat Security Advisory 2024-2845-03 - An update for kernel is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Security Advisory 2024-2846-03

Red Hat Security Advisory 2024-2846-03 - An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Security Advisory 2024-2839-03

Red Hat Security Advisory 2024-2839-03 - An update for expat is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-2842-03

Red Hat Security Advisory 2024-2842-03 - An update for.NET 8.0 is now available for Red Hat Enterprise Linux 9. Issues addressed include a denial of service vulnerability.

Ubuntu Security Notice USN-6772-1

Ubuntu Security Notice 6772-1 - Jan Schermer discovered that strongSwan incorrectly validated client certificates in certain configurations. A remote attacker could possibly use this issue to bypass access controls.

Ubuntu Security Notice USN-6767-2

Ubuntu Security Notice 6767-2 - Chenyuan Yang discovered that the RDS Protocol implementation in the Linux kernel contained an out-of-bounds read vulnerability. An attacker could use this to possibly cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.

Red Hat Security Advisory 2024-2833-03

Red Hat Security Advisory 2024-2833-03 - An update to the images for Red Hat Integration - Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Issues addressed include denial of service and memory leak vulnerabilities.

Debian Security Advisory 5687-1

Debian Linux Security Advisory 5687-1 - A security issue was discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. Google is aware that an exploit for CVE-2024-4671 exists in the wild.

Debian Security Advisory 5688-1

Debian Linux Security Advisory 5688-1 - It was discovered that missing input sanitising in the Atril document viewer could result in writing arbitrary files in the users home directory if a malformed epub document is opened.

Gentoo Linux Security Advisory 202405-33

Gentoo Linux Security Advisory 202405-33 - Multiple vulnerabilities have been discovered in PoDoFo, the worst of which could lead to code execution. Versions greater than or equal to 0.10.1 are affected.

Gentoo Linux Security Advisory 202405-31

Gentoo Linux Security Advisory 202405-31 - A vulnerability has been discovered in Kubelet, which can lead to privilege escalation. Versions greater than or equal to 1.28.5 are affected.

Gentoo Linux Security Advisory 202405-32

Gentoo Linux Security Advisory 202405-32 - Multiple vulnerabilities have been discovered in Mozilla Thunderbird, the worst of which could lead to remote code execution. Versions greater than or equal to 115.10.0 are affected.

Ubuntu Security Notice USN-6771-1

Ubuntu Security Notice 6771-1 - It was discovered that SQL parse incorrectly handled certain nested lists. An attacker could possibly use this issue to cause a denial of service.

Red Hat Security Advisory 2024-2821-03

Red Hat Security Advisory 2024-2821-03 - An update for bind and dhcp is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Telecommunications Update Service, and Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions.

Red Hat Security Advisory 2024-2822-03

Red Hat Security Advisory 2024-2822-03 - An update for the squid:4 module is now available for Red Hat Enterprise Linux 8.8 Extended Update Support. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2024-2815-03

Red Hat Security Advisory 2024-2815-03 - An update is now available for Red Hat OpenShift GitOps v1.11.4 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.

Red Hat Security Advisory 2024-2816-03

Red Hat Security Advisory 2024-2816-03 - An update is now available for Red Hat OpenShift GitOps v1.12.2 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.

Red Hat Security Advisory 2024-2817-03

Red Hat Security Advisory 2024-2817-03 - An update is now available for Red Hat OpenShift GitOps v1.10.5 for Argo CD UI and Console Plugin. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link in the References section.

Red Hat Security Advisory 2024-2820-03

Red Hat Security Advisory 2024-2820-03 - An update for varnish is now available for Red Hat Enterprise Linux 9.2 Extended Update Support. Issues addressed include a denial of service vulnerability.

Ubuntu Security Notice USN-6770-1

Ubuntu Security Notice 6770-1 - USN-6729-1 fixed vulnerabilities in Apache HTTP Server. The update lead to the discovery of a regression in Fossil with regards to the handling of POST requests that do not have a Content-Length field set. This update fixes the problem.