Ubuntu Security Notice 5699-1 - Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. It was discovered that the GNU C Library nscd daemon incorrectly handled certain netgroup lookups. An attacker could possibly use this issue to cause the GNU C Library to crash, resulting in a denial of service.
147855b038f48991c374fe1a00958b8946511505d650a498f3ae7dbf1c51de72Gentoo Linux Security Advisory 202208-24 - Multiple vulnerabilities have been discovered in the GNU C Library, the worst of which could result in denial of service. Versions less than 2.34 are affected.
af7352ecdab5828d81648506322e455108d6ee3f3c403d438fc546db5c2b433cUbuntu Security Notice 5310-1 - Jan Engelhardt, Tavis Ormandy, and others discovered that the GNU C Library iconv feature incorrectly handled certain input sequences. An attacker could possibly use this issue to cause the GNU C Library to hang or crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. Jason Royes and Samuel Dytrych discovered that the GNU C Library incorrectly handled signed comparisons on ARMv7 targets. A remote attacker could use this issue to cause the GNU C Library to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
0c11352a9e9620a9d78b56edf5a195481c3c772b41e829e66010783e0ca89f70Red Hat Security Advisory 2021-4191-03 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include information leakage and use-after-free vulnerabilities.
64d7fbe0c9f1b5354e27b879038a2c6070838d3da6e94abfc2535d64c1665374Red Hat Security Advisory 2021-4358-03 - The glibc packages provide the standard C libraries, POSIX thread libraries, standard math libraries, and the name service cache daemon used by multiple programs on the system. Without these libraries, the Linux system cannot function correctly. Issues addressed include a use-after-free vulnerability.
16dc38d5ed172ddc59367e5e6576ecbccd33c10e1ecf8067de90c8efc671ea91Ubuntu Security Notice 5056-1 - It was discovered that APR incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information.
5abb082578b725492a47ce38729a9b78f76731afd77f35cb2360e59bf9790be3Gentoo Linux Security Advisory 202107-44 - Multiple vulnerabilities have been found in libslirp, the worst of which could result in a Denial of Service condition. Versions less than 4.6.0 are affected.
dee28e78c3c84064553d065f12f818eca29b2e7320918e9a0274937706eee3e5Ubuntu Security Notice 5010-1 - Lei Sun discovered that QEMU incorrectly handled certain MMIO operations. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. Wenxiang Qian discovered that QEMU incorrectly handled certain ATAPI commands. An attacker inside the guest could possibly use this issue to cause QEMU to crash, resulting in a denial of service. This issue only affected Ubuntu 21.04. Various other issues were also addressed.
c4d63dc41ceb7caa0f49a3eacc4d8caaa17252efd4913df4a83ba610c5446f40Ubuntu Security Notice 5009-1 - Qiuhao Li discovered that libslirp incorrectly handled certain header data lengths. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. This issue only affected Ubuntu 20.04 LTS and Ubuntu 20.10. It was discovered that libslirp incorrectly handled certain udp packets. An attacker inside a guest could possibly use this issue to leak sensitive information from the host. Various other issues were also addressed.
3df328646a71434fe2e1d5504ff218ec999fb6d3102937176e3146ec99041529
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed