Tag
#perl
Debian Linux Security Advisory 5816-1 - The Qualys Threat Research Unit discovered that libmodule-scandeps-perl, a Perl module to recursively scan Perl code for dependencies, allows an attacker to execute arbitrary shell commands via specially crafted file names.
Debian Linux Security Advisory 5815-1 - The Qualys Threat Research Unit discovered several local privilege escalation vulnerabilities in needrestart, a utility to check which daemons need to be restarted after library upgrades. A local attacker can execute arbitrary code as root by tricking needrestart into running the Python interpreter with an attacker-controlled PYTHONPATH environment variable (CVE-2024-48990) or running the Ruby interpreter with an attacker-controlled RUBYLIB environment variable (CVE-2024-48992). Additionally a local attacker can trick needrestart into running a fake Python interpreter (CVE-2024-48991) or cause needrestart to call the Perl module Module::ScanDeps with attacker-controlled files (CVE-2024-11003).
Ubuntu Security Notice 7123-1 - It was discovered that the CIFS network file system implementation in the Linux kernel did not properly validate certain SMB messages, leading to an out-of-bounds read vulnerability. An attacker could use this to cause a denial of service or possibly expose sensitive information. Supraja Sridhara, Benedict Schlüter, Mark Kuhne, Andrin Bertschi, and Shweta Shinde discovered that the Confidential Computing framework in the Linux kernel for x86 platforms did not properly handle 32-bit emulation on TDX and SEV. An attacker with access to the VMM could use this to cause a denial of service or possibly execute arbitrary code.
Ubuntu Security Notice 7089-7 - Chenyuan Yang discovered that the USB Gadget subsystem in the Linux kernel did not properly check for the device to be enabled before writing. A local attacker could possibly use this to cause a denial of service. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system.
Ubuntu Security Notice 7117-1 - Qualys discovered that needrestart passed unsanitized data to a library which expects safe input. A local attacker could possibly use this issue to execute arbitrary code as root. Qualys discovered that the library libmodule-scandeps-perl incorrectly parsed perl code. This could allow a local attacker to execute arbitrary shell commands.
QR codes are disproportionately effective at bypassing most anti-spam filters. Talos discovered two effective methods for defanging malicious QR codes, a necessary step to make them safe for consumption.
### Impact The HTML Parser in lxml does not properly handle context-switching for special HTML tags such as `<svg>`, `<math>` and `<noscript>`. This behavior deviates from how web browsers parse and interpret such tags. Specifically, content in CSS comments is ignored by lxml_html_clean but may be interpreted differently by web browsers, enabling malicious scripts to bypass the cleaning process. This vulnerability could lead to Cross-Site Scripting (XSS) attacks, compromising the security of users relying on lxml_html_clean in default configuration for sanitizing untrusted HTML content. ### Patches Users employing the HTML cleaner in a security-sensitive context should upgrade to lxml 0.4.0, which addresses this issue. ### Workarounds As a temporary mitigation, users can configure lxml_html_clean with the following settings to prevent the exploitation of this vulnerability: * `remove_tags`: Specify tags to remove - their content is moved to their parents' tags. * `kill_tags`: Spec...
ChatGPT, Google Gemini, and Meta AI may be everywhere, but Baby Boomers don't trust the tech or the companies behind it.
Gentoo Linux Security Advisory 202411-9 - Multiple vulnerabilities have been discovered in Perl, the worst of which can lead to arbitrary code execution. Versions greater than or equal to 5.38.2 are affected.
Ubuntu Security Notice 7108-1 - Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that AsyncSSH did not properly handle the extension info message. An attacker able to intercept communications could possibly use this issue to downgrade the algorithm used for client authentication. Fabian Bäumer, Marcus Brinkmann, and Joerg Schwenk discovered that AsyncSSH did not properly handle the user authentication request message. An attacker could possibly use this issue to control the remote end of an SSH client session via packet injection/removal and shell emulation.