Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-6215-1

Ubuntu Security Notice 6215-1 - It was discovered that dwarves incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause dwarves to crash, resulting in a denial of service, or possibly execute arbitrary code.

Packet Storm
#vulnerability#ubuntu#dos
==========================================================================Ubuntu Security Notice USN-6215-1July 11, 2023dwarves-dfsg vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 20.04 LTS- Ubuntu 18.04 LTS (Available with Ubuntu Pro)Summary:Several security issues were fixed in dwarves.Software Description:- dwarves-dfsg: set of advanced DWARF utilitiesDetails:It was discovered that dwarves incorrectly handled certain memoryoperations under certain circumstances. An attacker could possibly use thisissue to cause dwarves to crash, resulting in a denial of service, orpossibly execute arbitrary code. (CVE-2022-3534, CVE-2022-3606)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 20.04 LTS:  dwarves                         1.21-0ubuntu1~20.04.1Ubuntu 18.04 LTS (Available with Ubuntu Pro):  dwarves                         1.21-0ubuntu1~18.04.1+esm1In general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-6215-1  CVE-2022-3534, CVE-2022-3606Package Information:  https://launchpad.net/ubuntu/+source/dwarves-dfsg/1.21-0ubuntu1~20.04.1

Related news

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

CVE-2022-41802: en/security-disclosure/2022/2022-12.md · OpenHarmony/security - Gitee.com

Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.

CVE-2022-41802: en/security-disclosure/2022/2022-12.md · OpenHarmony/security - Gitee.com

Kernel subsystem within OpenHarmony-v3.1.4 and prior versions in kernel_liteos_a has a kernel stack overflow vulnerability when call SysClockGetres. 4 bytes padding data from kernel stack are copied to user space incorrectly and leaked.

Ubuntu Security Notice USN-5759-1

Ubuntu Security Notice 5759-1 - It was discovered that LibBPF incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause LibBPF to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.10. It was discovered that LibBPF incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause LibBPF to crash, resulting in a denial of service, or possibly execute arbitrary code.

Ubuntu Security Notice USN-5759-1

Ubuntu Security Notice 5759-1 - It was discovered that LibBPF incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause LibBPF to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 22.10. It was discovered that LibBPF incorrectly handled certain memory operations under certain circumstances. An attacker could possibly use this issue to cause LibBPF to crash, resulting in a denial of service, or possibly execute arbitrary code.

CVE-2022-3606

A vulnerability was found in Linux Kernel. It has been classified as problematic. This affects the function find_prog_by_sec_insn of the file tools/lib/bpf/libbpf.c of the component BPF. The manipulation leads to null pointer dereference. It is recommended to apply a patch to fix this issue. The identifier VDB-211749 was assigned to this vulnerability.

CVE-2022-3534

A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.

Packet Storm: Latest News

CUPS IPP Attributes LAN Remote Code Execution