Tag
#linux
Ubuntu Security Notice 7019-1 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.
Debian Linux Security Advisory 5772-1 - Yufan You discovered that Libreoffice's handling of documents based on ZIP archives was susceptible to spoofing attacks when the repair mode attempts to address a malformed archive structure.
Debian Linux Security Advisory 5771-1 - Fabien Potencier discovered that under some conditions the sandbox mechanism of Twig, a template engine for PHP, could by bypassed.
Debian Linux Security Advisory 5770-1 - Shang-Hung Wan discovered multiple vulnerabilities in the Expat XML parsing C library, which could result in denial of service or potentially the execution of arbitrary code.
This Metasploit module exploits an unauthenticated account takeover vulnerability in LiteSpeed Cache, a WordPress plugin that currently has around 6 million active installations. In LiteSpeed Cache versions prior to 6.5.0.1, when the Debug Logging feature is enabled, the plugin will log admin cookies to the /wp-content/debug.log endpoint which is accessible without authentication. The Debug Logging feature in the plugin is not enabled by default. The admin cookies found in the debug.log can be used to upload and execute a malicious plugin containing a payload.
This Python script for Linux can analyze Microsoft Windows .msi Installer files and point out potential vulnerabilities.
Red Hat Security Advisory 2024-6726-03 - An update for fence-agents is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Issues addressed include a code execution vulnerability.
Red Hat Security Advisory 2024-6723-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support.
Red Hat Security Advisory 2024-6722-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions.
Red Hat Security Advisory 2024-6721-03 - An update for thunderbird is now available for Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support, Red Hat Enterprise Linux 8.4 Update Services for SAP Solutions, and Red Hat Enterprise Linux 8.4 Telecommunications Update Service.