Red Hat Security Advisory 2023-5096-01 - Logging Subsystem 5.5.16 - Red Hat OpenShift security update. Red Hat Product Security has rated this update as having a security impact of Moderate.
0b0524e9b143a4231d0b7f6aa2fe13874968bacef0b9ea9d7d89f5de1c7afef5
Ubuntu Security Notice 6389-1 - It was discovered that Indent incorrectly handled parsing certain source files. If a user or automated system were tricked into processing a specially crafted source file, a remote attacker could use this issue to cause Indent to crash, resulting in a denial of service, or possibly execute arbitrary code.
c7fabec483c1fbc0d986a01dc6c5d237a1db3918b25da611f92c9a10893deab6
Red Hat Security Advisory 2023-5310-01 - A security update for Camel Extensions for Quarkus 2.13.3 is now available. The purpose of this text-only errata is to inform you about the security issues fixed. Issues addressed include a bypass vulnerability.
d5372f8bfb28f72630497d726546c50e7c5d769e317733243a16acd5bbf32975
Ubuntu Security Notice 6386-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
bb3fec09c344ab02a8e97c9b05a2f5ec011b794fb1ce3732497d718508ca5052
Ubuntu Security Notice 6387-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the bluetooth subsystem in the Linux kernel did not properly handle L2CAP socket release, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.
c0503fcadf446594e99db5136af477c331197a884e138a890263895d3afaf2c4
Ubuntu Security Notice 6388-1 - Daniel Moghimi discovered that some Intel Processors did not properly clear microarchitectural state after speculative execution of various instructions. A local unprivileged user could use this to obtain to sensitive information. Yang Lan discovered that the GFS2 file system implementation in the Linux kernel could attempt to dereference a null pointer in some situations. An attacker could use this to construct a malicious GFS2 image that, when mounted and operated on, could cause a denial of service.
c7b2ed8513e23fcfddfc331701b72291460bb91a9488a2abfbd0460416e7472e
Ubuntu Security Notice 6385-1 - It was discovered that some AMD x86-64 processors with SMT enabled could speculatively execute instructions using a return address from a sibling thread. A local attacker could possibly use this to expose sensitive information. William Zhao discovered that the Traffic Control subsystem in the Linux kernel did not properly handle network packet retransmission in certain situations. A local attacker could use this to cause a denial of service.
397aabee4166381c7e45af794aab5e2f5ce22baf3c0ee09c03c9b743ea1a8b5f
Ubuntu Security Notice 6384-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. Lonial Con discovered that the netfilter subsystem in the Linux kernel contained a memory leak when handling certain element flush operations. A local attacker could use this to expose sensitive information.
86d4f986dbf26d2b8344d0f408ab0eb7fb4ec29c9e1181c7b908d23ecbd28bf5
Ubuntu Security Notice 6382-1 - It was discovered that Memcached incorrectly handled certain multi-packet uploads in UDP. An attacker could possibly use this issue to cause a denial of service.
13aa929001799968f902eb7351f815bcb9c74e028d3c818808cc6e1630287d0a
Red Hat Security Advisory 2023-5233-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.13.4 images.
7d1ca71c1592ac5ce6262de9a56cdeccb6d9818d38d921dd586a1126ca6c0bd9
Red Hat Security Advisory 2023-5239-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
45524df89c7207127ca092b7adc930ba289bae5163839a6e1874326b61dec625
Red Hat Security Advisory 2023-5235-01 - This is a kernel live patch module which is automatically loaded by the RPM post-install script to modify the code of a running kernel. Issues addressed include a use-after-free vulnerability.
6f099abe73ac33e80baa5d8d1e3d410f894d3a3240474d494d7287763928f8c0
Red Hat Security Advisory 2023-5264-01 - Kernel-based Virtual Machine offers a full virtualization solution for Linux on numerous hardware platforms. The virt:rhel module contains packages which provide user-space components used to run virtual machines using KVM. The packages also provide APIs for managing and interacting with the virtualized systems. Issues addressed include buffer overflow, code execution, and denial of service vulnerabilities.
251fc333f220982b50c672eb4d632ab062b755cde0078eae48238e56700200b0
Red Hat Security Advisory 2023-5238-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include a use-after-free vulnerability.
8058fe24a0cfa3c085dc7b5c2348a3740dd28e77b8486c7f1ab63d7ccfd6b094
Red Hat Security Advisory 2023-5252-01 - The dmidecode packages provide utilities for extracting Intel 64 and Intel Itanium hardware information from the system BIOS or Extensible Firmware Interface, depending on the SMBIOS/DMI standard. This information typically includes system manufacturer, model name, serial number, BIOS version, and asset tag, as well as other details, depending on the manufacturer.
bf4e00dd91a2069fbe426174202c852e862139a8677aa5ebef5f4c6a698f2f95
Lamano CMS version 2.0 suffers from a cross site request forgery vulnerability.
4edc3a8db5685aeb3ec3b74618f5d07d632dab06c41888d25c14ad6578ce55b4
Red Hat Security Advisory 2023-5259-01 - MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Issues addressed include a null pointer vulnerability.
fcb9cf83c6e24bb24fa8b684964413cdba902fd0f743dd59e47adbcd73ba28de
Red Hat Security Advisory 2023-5244-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include information leakage, out of bounds write, and use-after-free vulnerabilities.
2d37542ffeef6aa7c393c541f56dba5c05c37d66228b869b552effea838c1489
Red Hat Security Advisory 2023-5236-01 - The libwebp packages provide a library and tools for the WebP graphics format. WebP is an image format with a lossy compression of digital photographic images. WebP consists of a codec based on the VP8 format, and a container based on the Resource Interchange File Format. Webmasters, web developers and browser developers can use WebP to compress, archive, and distribute digital images more efficiently. Issues addressed include a buffer overflow vulnerability.
ea5e78c890b407a50c05b9560f02141ad75b17dcd4b00efbb6d1707672cd4aea
Ubuntu Security Notice 6383-1 - Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii Oleksenko discovered that some AMD processors could leak stale data from division operations in certain situations. A local attacker could possibly use this to expose sensitive information. It was discovered that the ARM64 KVM implementation in the Linux kernel did not properly restrict hypervisor memory access. An attacker in a guest VM could use this to execute arbitrary code in the host OS.
c5be03314d6525a0dd88d31e6ba90e7d12a4b76d20a1e301e71a80a7805ade26
Red Hat Security Advisory 2023-5249-01 - The ncurses library routines are a terminal-independent method of updating character screens with reasonable optimization. The ncurses packages contain support utilities including a terminfo compiler tic, a decompiler infocmp, clear, tput, tset, and a termcap conversion tool captoinfo.
96e4267526e311da98cdd9ddc1c0b00ac9169b9d16d96634cd0c6d5755a899df
Red Hat Security Advisory 2023-5245-01 - The linux-firmware packages contain all of the firmware files that are required by various devices to operate. Issues addressed include an information leakage vulnerability.
752c34c96ba9ed9a224fe2a77444af2a1486fee2afaab22e4871c218d5a3e47e
WordPress Theme My Login 2FA plugin versions prior to 1.2 suffer from a brute forcing vulnerability.
fe8aceb8123364ee1922662e5a7cfebebb8673ffd8e52fc079dba68cb781494f