Ubuntu Security Notice 6359-1 - It was discovered that file incorrectly handled certain malformed files. An attacker could use this issue to cause a denial of service, or possibly execute arbitrary code.

    ==========================================================================Ubuntu Security Notice USN-6359-1September 12, 2023file vulnerability==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTSSummary:file could be made to crash or run programs if it opened a speciallycrafted file.Software Description:- file: Tool to determine file typesDetails:It was discovered that file incorrectly handled certain malformed files. Anattacker could use this issue to cause a denial of service, or possiblyexecute arbitrary code.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS:   file                            1:5.41-3ubuntu0.1   libmagic1                       1:5.41-3ubuntu0.1In general, a standard system update will make all the necessary changes.References:   https://ubuntu.com/security/notices/USN-6359-1   CVE-2022-48554Package Information:   https://launchpad.net/ubuntu/+source/file/1:5.41-3ubuntu0.1

Ubuntu Security Notice USN-6359-1

Red Hat Security Advisory 2023-5071-01 - Libcap is a library for getting and setting POSIX.1e draft 15 capabilities. Issues addressed include integer overflow and memory leak vulnerabilities.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: libcap security update  
Advisory ID:       RHSA-2023:5071-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:5071  
Issue date:        2023-09-12  
CVE Names:         CVE-2023-2602 CVE-2023-2603   
=====================================================================

1. Summary:

An update for libcap is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, ppc64le, s390x, x86_64  
Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, ppc64le, s390x, x86_64

3. Description:

Libcap is a library for getting and setting POSIX.1e (formerly POSIX 6)  
draft 15 capabilities.

Security Fix(es):

* libcap: Integer Overflow in _libcap_strdup() (CVE-2023-2603)

* libcap: Memory Leak on pthread_create() Error (CVE-2023-2602)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2209113 - CVE-2023-2603 libcap: Integer Overflow in _libcap_strdup()  
2209114 - CVE-2023-2602 libcap: Memory Leak on pthread_create() Error

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

aarch64:  
libcap-debuginfo-2.48-9.el9_2.aarch64.rpm  
libcap-debugsource-2.48-9.el9_2.aarch64.rpm  
libcap-devel-2.48-9.el9_2.aarch64.rpm

ppc64le:  
libcap-debuginfo-2.48-9.el9_2.ppc64le.rpm  
libcap-debugsource-2.48-9.el9_2.ppc64le.rpm  
libcap-devel-2.48-9.el9_2.ppc64le.rpm

s390x:  
libcap-debuginfo-2.48-9.el9_2.s390x.rpm  
libcap-debugsource-2.48-9.el9_2.s390x.rpm  
libcap-devel-2.48-9.el9_2.s390x.rpm

x86_64:  
libcap-debuginfo-2.48-9.el9_2.i686.rpm  
libcap-debuginfo-2.48-9.el9_2.x86_64.rpm  
libcap-debugsource-2.48-9.el9_2.i686.rpm  
libcap-debugsource-2.48-9.el9_2.x86_64.rpm  
libcap-devel-2.48-9.el9_2.i686.rpm  
libcap-devel-2.48-9.el9_2.x86_64.rpm

Red Hat Enterprise Linux BaseOS (v. 9):

Source:  
libcap-2.48-9.el9_2.src.rpm

aarch64:  
libcap-2.48-9.el9_2.aarch64.rpm  
libcap-debuginfo-2.48-9.el9_2.aarch64.rpm  
libcap-debugsource-2.48-9.el9_2.aarch64.rpm

ppc64le:  
libcap-2.48-9.el9_2.ppc64le.rpm  
libcap-debuginfo-2.48-9.el9_2.ppc64le.rpm  
libcap-debugsource-2.48-9.el9_2.ppc64le.rpm

s390x:  
libcap-2.48-9.el9_2.s390x.rpm  
libcap-debuginfo-2.48-9.el9_2.s390x.rpm  
libcap-debugsource-2.48-9.el9_2.s390x.rpm

x86_64:  
libcap-2.48-9.el9_2.i686.rpm  
libcap-2.48-9.el9_2.x86_64.rpm  
libcap-debuginfo-2.48-9.el9_2.i686.rpm  
libcap-debuginfo-2.48-9.el9_2.x86_64.rpm  
libcap-debugsource-2.48-9.el9_2.i686.rpm  
libcap-debugsource-2.48-9.el9_2.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-2602  
https://access.redhat.com/security/cve/CVE-2023-2603  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJlAINEAAoJENzjgjWX9erE9ukP/2mbLKqD53ut5TTWm4CFKelU  
FL3OW0IvAJcx+c34bMz9wB7DA4QMTH4dYHrBPppSkwM3YJcep9CBI8cpuvsjuqi/  
hf2gMO/1HNx6FtChwnlFASvAsQTlNgQIFl6odm6+wGLRF0uh41cx/7M4v00EtlHb  
EsVe7w92kEzyXTucW6gYrUtvbyKF55a7xnre5TuhXOTS+HNydzyEUI2TIY9kxwBD  
YBFY7xOhc1mrM+Zvdn2DodskHsxu5ZGHr0i1MAA8lcWPypiyB/iTI78TDxtC9WVL  
7RlxteecI5jhrB8hiadGFdnyOrEky4fFIRi753Wgv0KCNFtLS87yPHOpqqrVOuWh  
VJmJofXUDqlmfq7roFTHd4XExgqx+nSWlwJXF2mrvcWwYKoZitRXLbs3xX1wfYYC  
PjzkpdI4MZDVQbqYe8V0CfUS4e+tb3fI8BcgN1uLxX9pgbC3m+ViYuB4uaumcmv+  
ZtMweM2We4DrTcoKYcwAgST5EjzsXU7R7mHZxC+7gQjCEmm0R4c8cPTXUkY67YGD  
hkpqiKz54Igenl1ATSzF7OSoQzn9wjMFkz98/SO1iFe9e2KCPgBAkJy0fjPSHWYM  
NrNkds+pUaPTRRnBvtoGuNuhBsYi6rEkgu7M/0YVfY12QzdDH2rgue/QNBHfR5+0  
aKThEh/hly2FhFuY8+Dt  
=28Fj  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-5071-01

Kleeja version 1.5.4 suffers from a cross site scripting vulnerability.

    ====================================================================================================================================| # Title     : Kleeja v1.5.4 XSS Vulnerability                                                                                    || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)                                            || # Vendor    : http://www.kleeja.com/                                                                                             || # Dork      : Powered by Kleeja                                                                                                  |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine.[+] use payload : index.php/%22%3Cmarquee%3E%3Cfont%20color=Blue%20size=32%3ETest%3C/font%3E%3C/marquee%3E%3d%27prompt%28987964%29%27bad%3d%22%3E[+] http://127.0.0.1/kleeja/1/index.php/%22%3Cmarquee%3E%3Cfont%20color=Blue%20size=32%3ETest%3C/font%3E%3C/marquee%3E%3d%27prompt%28987964%29%27bad%3d%22%3EGreetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

Kleeja 1.5.4 Cross Site Scripting

K-LOANS version 1.4.5 suffers from an ignored default credential vulnerability.

    ====================================================================================================================================| # Title     : K-LOANS v1.4.5 Insecure Settings Vulnerability                                                                     || # Author    : indoushka                                                                                                          || # Tested on : windows 10 Français V.(Pro) / browser : Mozilla firefox 63.0.3 (32-bit)                                            || # Vendor    : https://codecanyon.net/item/loan-management-system/11454263                                                        || # Dork      : K-LOANS 1.4.5                                                                                                      |====================================================================================================================================poc :[+] Dorking İn Google Or Other Search Enggine .[+] leaves a default set of administrative credentials installed post installation.[+] user : admin & pass = admin123[+] http://182.166.255.0wwwgarciuzcom/prestar/index.php/homeGreetings to :=========================================================================================================================jericho * Larry W. Cashdollar * brutelogic* shadow_00715 *9aylas*djroot.dz*LiquidWorm*Hussin-X*D4NB4R *ViRuS_Ra3cH *yasMouh* CraCkEr  |=======================================================================================================================================

K-LOANS 1.4.5 Insecure Settings

Red Hat Security Advisory 2023-5103-01 - OpenShift Virtualization is Red Hat's virtualization solution designed for Red Hat OpenShift Container Platform. This advisory contains OpenShift Virtualization 4.11.6 images.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: OpenShift Virtualization 4.11.6 security and bug fix update  
Advisory ID:       RHSA-2023:5103-01  
Product:           OpenShift Virtualization  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:5103  
Issue date:        2023-09-12  
CVE Names:         CVE-2016-3709 CVE-2022-4304 CVE-2022-4450   
                   CVE-2023-0215 CVE-2023-0286 CVE-2023-0361   
                   CVE-2023-2828 CVE-2023-3089 CVE-2023-3899   
                   CVE-2023-38408   
=====================================================================

1. Summary:

Red Hat OpenShift Virtualization release 4.11.6 is now available with  
updates to packages and images that fix several bugs and add enhancements.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section

2. Description:

OpenShift Virtualization is Red Hat's virtualization solution designed for  
Red Hat OpenShift Container Platform.

This advisory contains OpenShift Virtualization 4.11.6 images.

Security Fix(es):

* openshift: OCP & FIPS mode (CVE-2023-3089)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

Bug Fix(es):

* Requested TSC frequency outside tolerance range & TSC scaling not  
supported (BZ#2151169)

* User cannot get resource "virtualmachineinstances/portforward" in API  
group "subresources.kubevirt.io" (BZ#2160673)

* 4.11.4 containers (BZ#2173835)

* VMI with x86_Icelake fail when mpx feature is missing (BZ#2218193)

3. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

4. Bugs fixed (https://bugzilla.redhat.com/):

2151169 - Requested TSC frequency outside tolerance range & TSC scaling not supported  
2160673 - User cannot get resource "virtualmachineinstances/portforward" in API group "subresources.kubevirt.io"  
2173835 - 4.11.4 containers  
2212085 - CVE-2023-3089 openshift: OCP & FIPS mode  
2218193 - VMI with x86_Icelake fail when mpx feature is missing

5. References:

https://access.redhat.com/security/cve/CVE-2016-3709  
https://access.redhat.com/security/cve/CVE-2022-4304  
https://access.redhat.com/security/cve/CVE-2022-4450  
https://access.redhat.com/security/cve/CVE-2023-0215  
https://access.redhat.com/security/cve/CVE-2023-0286  
https://access.redhat.com/security/cve/CVE-2023-0361  
https://access.redhat.com/security/cve/CVE-2023-2828  
https://access.redhat.com/security/cve/CVE-2023-3089  
https://access.redhat.com/security/cve/CVE-2023-3899  
https://access.redhat.com/security/cve/CVE-2023-38408  
https://access.redhat.com/security/updates/classification/#moderate  
https://access.redhat.com/security/vulnerabilities/RHSB-2023-001

6. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJlAINpAAoJENzjgjWX9erEdG4P/jO759CVAR4s+eVcATfiu6r+  
VPBs/U/dKc0aau2J2m5m4MXxUDl5xwBU/2MlrjMkO2m/nwLo8nziwZKW2m4ZsY+f  
i9f3H66M71u4eoPzfqLQ9imjyWAwYwYuHNumWQyzeWjStWaR7p3/NBo9vHaE63To  
ZFBmOZxRx9wsAfzhjSQbteWH7BNwqlqqjjZlCWf13BETlj2SF+6ow1soxVdSLY0M  
Dn4nKvohgA5neX3KBd51+f66R1HFKZshgUSH7/YlDC3FTRScFOPnbyrssUpGZpKg  
Ldf0vr27YVQIpfZRVIjwPgXK3oQ8hs+XYQgxP8T7CLAZ9bHDvqrb2y/O19XfqRW4  
15/hsjuLUwmIQNpYdxu9s3lbPdNSxpH7g47OTF27JmHVSEe8mBlBOxEL7W3AvC5l  
v/0ovn8mlAJYfLWFOFU38Jy5FyDvR3GsEUo+xgWGJlSHGRx33nc/AMG+1MWHnxyV  
yAWfTkw3/QmfqK459kIKMnJuxB9SnFgf4tLpEkuwpQrgyiAfc//3PWQ0vJP9bXsu  
lxeV2fd8WZ9yEXPwkVN67sr/QOQYy2pdz+yxVDYHnIEfttiRgMutzKoMMGFIJmAW  
81bG9c3hkArSvNraqZZbMUhfTbF8OfjHeroBQp+XcqSipk+mmoZKgFr8yhPzE1Rp  
60MIgjdOBksum7fyI6a/  
=7uko  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-5103-01

Ubuntu Security Notice 6237-3 - USN-6237-1 fixed several vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 18.04 LTS. Hiroki Kurosawa discovered that curl incorrectly handled validating certain certificate wildcards. A remote attacker could possibly use this issue to spoof certain website certificates using IDN hosts.

==========================================================================  
Ubuntu Security Notice USN-6237-3  
September 11, 2023

curl vulnerabilities  
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 18.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 16.04 LTS (Available with Ubuntu Pro)  
- Ubuntu 14.04 LTS (Available with Ubuntu Pro)

Summary:

Several security issues were fixed in curl.

Software Description:  
- curl: HTTP, HTTPS, and FTP client and client libraries

Details:

USN-6237-1 fixed several vulnerabilities in curl. This update provides the  
corresponding updates for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and  
Ubuntu 18.04 LTS.

Original advisory details:

  Hiroki Kurosawa discovered that curl incorrectly handled validating   
certain  
  certificate wildcards. A remote attacker could possibly use this issue to  
  spoof certain website certificates using IDN hosts. (CVE-2023-28321)

  Hiroki Kurosawa discovered that curl incorrectly handled callbacks when  
  certain options are set by applications. This could cause applications  
  using curl to misbehave, resulting in information disclosure, or a denial  
  of service. (CVE-2023-28322)

  It was discovered that curl incorrectly handled saving cookies to files. A  
  local attacker could possibly use this issue to create or overwrite files.  
  This issue only affected Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-32001)

Update instructions:

The problem can be corrected by updating your system to the following  
package versions:

Ubuntu 18.04 LTS (Available with Ubuntu Pro):  
   curl                            7.58.0-2ubuntu3.24+esm1  
   libcurl3-gnutls                 7.58.0-2ubuntu3.24+esm1  
   libcurl3-nss                    7.58.0-2ubuntu3.24+esm1  
   libcurl4                        7.58.0-2ubuntu3.24+esm1

Ubuntu 16.04 LTS (Available with Ubuntu Pro):  
   curl                            7.47.0-1ubuntu2.19+esm9  
   libcurl3                        7.47.0-1ubuntu2.19+esm9  
   libcurl3-gnutls                 7.47.0-1ubuntu2.19+esm9  
   libcurl3-nss                    7.47.0-1ubuntu2.19+esm9

Ubuntu 14.04 LTS (Available with Ubuntu Pro):  
   curl                            7.35.0-1ubuntu2.20+esm16  
   libcurl3                        7.35.0-1ubuntu2.20+esm16  
   libcurl3-gnutls                 7.35.0-1ubuntu2.20+esm16  
   libcurl3-nss                    7.35.0-1ubuntu2.20+esm16

In general, a standard system update will make all the necessary changes.

References:  
   https://ubuntu.com/security/notices/USN-6237-3  
   https://ubuntu.com/security/notices/USN-6237-1  
   CVE-2023-28321, CVE-2023-28322

Ubuntu Security Notice USN-6237-3

Red Hat Security Advisory 2023-5061-01 - The dmidecode packages provide utilities for extracting Intel 64 and Intel Itanium hardware information from the system BIOS or Extensible Firmware Interface, depending on the SMBIOS/DMI standard. This information typically includes system manufacturer, model name, serial number, BIOS version, and asset tag, as well as other details, depending on the manufacturer.

-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA256

=====================================================================  
                   Red Hat Security Advisory

Synopsis:          Moderate: dmidecode security update  
Advisory ID:       RHSA-2023:5061-01  
Product:           Red Hat Enterprise Linux  
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:5061  
Issue date:        2023-09-12  
CVE Names:         CVE-2023-30630   
=====================================================================

1. Summary:

An update for dmidecode is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact  
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which  
gives a detailed severity rating, is available for each vulnerability from  
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux BaseOS (v. 9) - aarch64, x86_64

3. Description:

The dmidecode packages provide utilities for extracting Intel 64 and Intel  
Itanium hardware information from the system BIOS or Extensible Firmware  
Interface (EFI), depending on the SMBIOS/DMI standard. This information  
typically includes system manufacturer, model name, serial number, BIOS  
version, and asset tag, as well as other details, depending on the  
manufacturer.

Security Fix(es):

* dmidecode: dump-bin to overwrite a local file (CVE-2023-30630)

For more details about the security issue(s), including the impact, a CVSS  
score, acknowledgments, and other related information, refer to the CVE  
page(s) listed in the References section.

4. Solution:

For details on how to apply this update, which includes the changes  
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2186669 - CVE-2023-30630 dmidecode: dump-bin to overwrite a local file

6. Package List:

Red Hat Enterprise Linux BaseOS (v. 9):

Source:  
dmidecode-3.3-7.el9_2.1.src.rpm

aarch64:  
dmidecode-3.3-7.el9_2.1.aarch64.rpm  
dmidecode-debuginfo-3.3-7.el9_2.1.aarch64.rpm  
dmidecode-debugsource-3.3-7.el9_2.1.aarch64.rpm

x86_64:  
dmidecode-3.3-7.el9_2.1.x86_64.rpm  
dmidecode-debuginfo-3.3-7.el9_2.1.x86_64.rpm  
dmidecode-debugsource-3.3-7.el9_2.1.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and  
details on how to verify the signature are available from  
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2023-30630  
https://access.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact  
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.  
-----BEGIN PGP SIGNATURE-----  
Version: GnuPG v1

iQIcBAEBCAAGBQJlAINeAAoJENzjgjWX9erE1ggP/jpgP6tmujOEKsHNMmefIpfo  
h8Fs+hDUJxaD8BsFgKyVX3YEv4Gx/czFytIfiNmZAutM5B5kq6oVuojQv1/aUzq2  
SQ4sbT3WJLcbz+Y8SgBnkiHvif7jCOCZ/KSe0J99Y7Oab54nx0ApA/Cjjj2CtHE6  
U8UXNZh4S6mXn58AFM7Pstbk7bv+F9X2meKF+0uM6u5jEO87wXYR261DekaYS7uI  
ZEZ5R4tnQG3uZ6N4zrqf0GrDxamZfvFqRd1ENhN/lUa8GvTglDym1vnV49QBe0Ol  
L7BDDAx8Zd2rnD7+fHTxyIvFF5/rF7pp9IR+qvKtgci4Dtn/la+AYlZxnEv8RmHh  
b6SnSj2kxFPueAHBcMLeCF/ska7D2rEJflQcggEN0P+7cqIGnAXz5tRULBQ04dbc  
Zq3IZ56/vJ/djY2m7Lih34Z/Kq4pm61tNN0CO6g9GUZf4kF3LdWCmFflm0wzQHeH  
ZPx8rWXbH0Yeo5BL59p3stViYSQ4n1XlRscqPCWfisiAXS1zNWP1/lUli9Et3woA  
F0/cvMULK5jZtrA9hFMzuz/38EsbfOdinywVLMcS/DlylRIFul+yEfjgGMuGnfol  
X/YK4B0Zfdf2yd8tfRjQHy3LUK9tROYIgIj20GmNBoGA6J9Hs8ZiPFlytAb5nEQ7  
zTNd47I4HgAeayIuwREi  
=9ZnK  
-----END PGP SIGNATURE-----  
--  
RHSA-announce mailing list  
RHSA-announce@redhat.com  
https://listman.redhat.com/mailman/listinfo/rhsa-announce

Red Hat Security Advisory 2023-5061-01

Ubuntu Security Notice 6339-3 - It was discovered that the NTFS file system implementation in the Linux kernel did not properly validate MFT flags in certain situations. An attacker could use this to construct a malicious NTFS image that, when mounted and operated on, could cause a denial of service. Zi Fan Tan discovered that the binder IPC implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

    ==========================================================================Ubuntu Security Notice USN-6339-3September 11, 2023linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15,linux-raspi vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 22.04 LTS- Ubuntu 20.04 LTSSummary:Several security issues were fixed in the Linux kernel.Software Description:- linux-azure: Linux kernel for Microsoft Azure Cloud systems- linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems- linux-raspi: Linux kernel for Raspberry Pi systems- linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems- linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systemsDetails:It was discovered that the NTFS file system implementation in the Linuxkernel did not properly validate MFT flags in certain situations. Anattacker could use this to construct a malicious NTFS image that, whenmounted and operated on, could cause a denial of service (system crash).(CVE-2022-48425)Zi Fan Tan discovered that the binder IPC implementation in the Linuxkernel contained a use-after-free vulnerability. A local attacker could usethis to cause a denial of service (system crash) or possibly executearbitrary code. (CVE-2023-21255)It was discovered that a race condition existed in the f2fs file system inthe Linux kernel, leading to a null pointer dereference vulnerability. Anattacker could use this to construct a malicious f2fs image that, whenmounted and operated on, could cause a denial of service (system crash).(CVE-2023-2898)It was discovered that the DVB Core driver in the Linux kernel did notproperly handle locking events in certain situations. A local attackercould use this to cause a denial of service (kernel deadlock).(CVE-2023-31084)Yang Lan discovered that the GFS2 file system implementation in the Linuxkernel could attempt to dereference a null pointer in some situations. Anattacker could use this to construct a malicious GFS2 image that, whenmounted and operated on, could cause a denial of service (system crash).(CVE-2023-3212)It was discovered that the KSMBD implementation in the Linux kernel did notproperly validate buffer sizes in certain operations, leading to an out-of-bounds read vulnerability. A remote attacker could use this to cause adenial of service (system crash) or possibly expose sensitive information.(CVE-2023-38426, CVE-2023-38428)It was discovered that the KSMBD implementation in the Linux kernel did notproperly calculate the size of certain buffers. A remote attacker could usethis to cause a denial of service (system crash) or possibly executearbitrary code. (CVE-2023-38429)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 22.04 LTS:   linux-image-5.15.0-1037-raspi   5.15.0-1037.40   linux-image-5.15.0-1046-azure   5.15.0-1046.53   linux-image-5.15.0-1046-azure-fde  5.15.0-1046.53.1   linux-image-azure-fde-lts-22.04  5.15.0.1046.53.24   linux-image-azure-lts-22.04     5.15.0.1046.42   linux-image-raspi               5.15.0.1037.35   linux-image-raspi-nolpae        5.15.0.1037.35Ubuntu 20.04 LTS:   linux-image-5.15.0-1046-azure   5.15.0-1046.53~20.04.1   linux-image-5.15.0-1046-azure-fde  5.15.0-1046.53~20.04.1.1   linux-image-azure               5.15.0.1046.53~20.04.35   linux-image-azure-cvm           5.15.0.1046.53~20.04.35   linux-image-azure-fde           5.15.0.1046.53~20.04.1.24After a standard system update you need to reboot your computer to makeall the necessary changes.ATTENTION: Due to an unavoidable ABI change the kernel updates havebeen given a new version number, which requires you to recompile andreinstall all third party kernel modules you might have installed.Unless you manually uninstalled the standard kernel metapackages(e.g. linux-generic, linux-generic-lts-RELEASE, linux-virtual,linux-powerpc), a standard system upgrade will automatically performthis as well.References:   https://ubuntu.com/security/notices/USN-6339-3   https://ubuntu.com/security/notices/USN-6339-1   CVE-2022-48425, CVE-2023-21255, CVE-2023-2898, CVE-2023-31084,   CVE-2023-3212, CVE-2023-38426, CVE-2023-38428, CVE-2023-38429Package Information:   https://launchpad.net/ubuntu/+source/linux-azure/5.15.0-1046.53   https://launchpad.net/ubuntu/+source/linux-azure-fde/5.15.0-1046.53.1   https://launchpad.net/ubuntu/+source/linux-raspi/5.15.0-1037.40   https://launchpad.net/ubuntu/+source/linux-azure-5.15/5.15.0-1046.53~20.04.1 https://launchpad.net/ubuntu/+source/linux-azure-fde-5.15/5.15.0-1046.53~20.04.1.1

Ubuntu Security Notice USN-6339-3

Ubuntu Security Notice 6164-2 - USN-6164-1 fixed several vulnerabilities in c-ares. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Hannes Moesl discovered that c-ares incorrectly handled certain ipv6 addresses. An attacker could use this issue to cause c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code.

    ==========================================================================Ubuntu Security Notice USN-6164-2September 11, 2023c-ares vulnerabilities==========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 18.04 LTS (Available with Ubuntu Pro)- Ubuntu 16.04 LTS (Available with Ubuntu Pro)Summary:Several security issues were fixed in c-ares.Software Description:- c-ares: library for asynchronous name resolutionDetails:USN-6164-1 fixed several vulnerabilities in c-ares. This update providesthe corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS.Original advisory details: Hannes Moesl discovered that c-ares incorrectly handled certain ipv6 addresses. An attacker could use this issue to cause c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2023-31130) Xiang Li discovered that c-ares incorrectly handled certain UDP packets. A remote attacker could possibly use this issue to cause c-res to crash, resulting in a denial of service. (CVE-2023-32067)Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 18.04 LTS (Available with Ubuntu Pro):  libc-ares2                      1.14.0-1ubuntu0.2+esm1Ubuntu 16.04 LTS (Available with Ubuntu Pro):  libc-ares2                      1.10.0-3ubuntu0.2+esm2In general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-6164-2  https://ubuntu.com/security/notices/USN-6164-1  CVE-2023-31130, CVE-2023-32067

Ubuntu Security Notice USN-6164-2

Red Hat Security Advisory 2023-5069-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include bypass, information leakage, and use-after-free vulnerabilities.

Source

Packet Storm