#linux

Hitachi NAS SMU Backup and Restore versions prior to 14.8.7825.01 suffer from an insecure direct object reference vulnerability.

Debian Linux Security Advisory 5637-1 - Several security vulnerabilities have been discovered in Squid, a full featured web proxy cache. Due to programming errors in Squid's HTTP request parsing, remote attackers may be able to execute a denial of service attack by sending large X-Forwarded-For header or trigger a stack buffer overflow while performing HTTP Digest authentication. Other issues facilitate request smuggling past a firewall or a denial of service against Squid's Helper process management.

Ubuntu Security Notice 6680-2 - 黄思聪 discovered that the NFC Controller Interface implementation in the Linux kernel did not properly handle certain memory allocation failure conditions, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service. It was discovered that a race condition existed in the Bluetooth subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or possibly execute arbitrary code.

Ubuntu Security Notice 6686-1 - It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the Linux kernel did not properly handle certain error conditions during device registration. A local attacker could possibly use this to cause a denial of service. It was discovered that a race condition existed in the Cypress touchscreen driver in the Linux kernel during device removal, leading to a use-after- free vulnerability. A physically proximate attacker could use this to cause a denial of service or possibly execute arbitrary code.

MongoDB versions 2.0.1, 2.1.1, 2.1.4, and 2.1.5 appear to suffer from multiple localized password disclosure issues.

Red Hat Security Advisory 2024-1239-03 - An update for opencryptoki is now available for Red Hat Enterprise Linux 9.

Red Hat Security Advisory 2024-1235-03 - An update for openvswitch3.1 is now available for Fast Datapath for Red Hat Enterprise Linux 8.

Red Hat Security Advisory 2024-1234-03 - An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 8.

Red Hat Security Advisory 2024-1227-03 - An update for openvswitch3.1 is now available for Fast Datapath for Red Hat Enterprise Linux 9.

By Deeba Ahmed Cisco announced patches for high-severity vulnerabilities on Wednesday, March 6, 2024. This is a post from HackRead.com Read the original post: Cisco Fixes High-Severity Code Execution and VPN Hijacking Flaws