#ubuntu

Ubuntu Security Notice 6896-5 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.

LMS ZAI version 6.1 suffers from an ignored default credential vulnerability.

Quick Job version 2.4 suffers from an insecure direct object reference vulnerability.

eDesign CMS version 2.0 suffers from an insecure direct object reference vulnerability.

### Summary The issue here is that we pass the secret content as one of the args via CLI. This issue may affect any of our charms that are using: Juju (>=3.0), Juju secrets and not correctly capturing and processing `subprocess.CalledProcessError`. There are two points that may log this command, in different files: First, if there is an error during a secret handling, there will be a `subprocess.CalledProcessError`, which will contain the CLI comand + all its args. This is going to be logged in any logging level. This exception, if not caught by the charm, will bubble up to the `/var/log/juju/` logs and syslog journal. Now, on Ubuntu 22.04, these logs are protected with: ``` $ juju ssh -m controller 0 -- ls -la /var/log/juju/ total 224 drwxr-xr-x 2 syslog adm 4096 Jul 14 10:59 . drwxrwxr-x 9 root syslog 4096 Jul 14 10:58 .. -rw-r----- 1 syslog adm 20124 Jul 14 11:10 audit.log -rw-r----- 1 syslog adm 110432 Jul 14 11:10 logsink.log -rw-r----- 1 syslog adm 80783 Ju...

Ubuntu Security Notice 6903-1 - Multiple security issues were discovered in Thunderbird. If a user were tricked into opening a specially crafted website in a browsing context, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information, bypass security restrictions, cross-site tracing, or execute arbitrary code. Ronald Crane discovered that Thunderbird did not properly manage certain memory operations in the NSS. An attacker could potentially exploit this issue to cause a denial of service.

Agop CMS version 1.0 suffers from an insecure direct object reference vulnerability.

Ubuntu Security Notice 6896-4 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the Atheros 802.11ac wireless driver did not properly validate certain data structures, leading to a NULL pointer dereference. An attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice 6898-3 - Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. Gui-Dong Han discovered that the software RAID driver in the Linux kernel contained a race condition, leading to an integer overflow vulnerability. A privileged attacker could possibly use this to cause a denial of service.

Ubuntu Security Notice 6895-3 - It was discovered that the ATA over Ethernet driver in the Linux kernel contained a race condition, leading to a use-after-free vulnerability. An attacker could use this to cause a denial of service or possibly execute arbitrary code. It was discovered that the HugeTLB file system component of the Linux Kernel contained a NULL pointer dereference vulnerability. A privileged attacker could possibly use this to to cause a denial of service.