Packet Storm ≈ Advisory Files

Packet Storm – Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers

Ubuntu Security Notice USN-4644-1

25 November 2020, 4:34 pm

Ubuntu Security Notice 4644-1 – It was discovered that igraph mishandled certain malformed XML. An attacker could use this vulnerability to cause a denial of service.

Ubuntu Security Notice USN-4643-1

24 November 2020, 3:46 pm

Ubuntu Security Notice 4643-1 – It was discovered that atftp’s FTP server did not properly handler certain input. An attacker could use this to to cause a denial of service or possibly execute arbitrary code. It was discovered that atftp’s FTP server did not make proper use of mutexes when locking certain data structures. An attacker could use this to cause a denial of service via a NULL pointer dereference.
Red Hat Security Advisory 2020-5179-01 – The org.ovirt.engine-root is a core component of oVirt. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2020-5218-01 – The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host’s resources and performing administrative tasks. The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host’s resources and performing administrative tasks. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2020-5118-01 – Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2020-5119-01 – Red Hat OpenShift Container Platform is Red Hat’s cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2020-5203-01 – The Berkeley Internet Name Domain is an implementation of the Domain Name System protocols. BIND includes a DNS server ; a resolver library ; and tools for verifying that the DNS server is operating correctly.

Ubuntu Security Notice USN-4642-1

24 November 2020, 3:29 pm

Ubuntu Security Notice 4642-1 – It was discovered that PDFResurrect incorrectly handled certain memory operations during PDF summary generation. An attacker could use this to cause out-of-bounds writes, resulting in a denial of service or arbitrary code execution.

Ubuntu Security Notice USN-4641-1

24 November 2020, 3:29 pm

Ubuntu Security Notice 4641-1 – It was discovered that Libextractor incorrectly handled zero sample rate. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain FLAC metadata. An attacker could possibly use this issue to cause a denial of service. It was discovered that Libextractor incorrectly handled certain specially crafted files. An attacker could possibly use this issue to cause a denial of service. Various other issues were also addressed.
Red Hat Security Advisory 2020-5185-01 – The microcode_ctl packages provide microcode updates for Intel. Issues addressed include an information leakage vulnerability.
Red Hat Security Advisory 2020-5206-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include denial of service, out of bounds write, and use-after-free vulnerabilities.

Ubuntu Security Notice USN-4640-1

24 November 2020, 3:05 pm

Ubuntu Security Notice 4640-1 – James Henstridge discovered that an Ubuntu-specific patch caused PulseAudio to incorrectly handle snap client connections. An attacker could possibly use this to expose sensitive information.
Red Hat Security Advisory 2020-5199-01 – The kernel packages contain the Linux kernel, the core of any Linux operating system.
Red Hat Security Advisory 2020-5201-01 – The net-snmp packages provide various libraries and tools for the Simple Network Management Protocol, including an SNMP library, an extensible agent, tools for requesting or setting information from SNMP agents, tools for generating and handling SNMP traps, a version of the netstat command which uses SNMP, and a Tk/Perl Management Information Base browser.
Red Hat Security Advisory 2020-5198-01 – Red Hat OpenShift Jaeger is Red Hat’s distribution of the Jaeger project, tailored for installation into an on-premise OpenShift Container Platform installation.
Red Hat Security Advisory 2020-5190-01 – The microcode_ctl packages provide microcode updates for Intel. Issues addressed include an information leakage vulnerability.
Red Hat Security Advisory 2020-5188-01 – The microcode_ctl packages provide microcode updates for Intel. Issues addressed include an information leakage vulnerability.
Red Hat Security Advisory 2020-5189-01 – The microcode_ctl packages provide microcode updates for Intel.
Red Hat Security Advisory 2020-5181-01 – The microcode_ctl packages provide microcode updates for Intel. Issues addressed include an information leakage vulnerability.
Red Hat Security Advisory 2020-5186-01 – The microcode_ctl packages provide microcode updates for Intel. Issues addressed include an information leakage vulnerability.
Red Hat Security Advisory 2020-5182-01 – The microcode_ctl packages provide microcode updates for Intel. Issues addressed include an information leakage vulnerability.
Red Hat Security Advisory 2020-5183-01 – The microcode_ctl packages provide microcode updates for Intel. Issues addressed include an information leakage vulnerability.
Red Hat Security Advisory 2020-5184-01 – The microcode_ctl packages provide microcode updates for Intel.
Red Hat Security Advisory 2020-5175-01 – Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3 for Red Hat Enterprise Linux 6, 7, and 8. Issues addressed include a remote SQL injection vulnerability.
Red Hat Security Advisory 2020-5174-01 – Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This asynchronous patch is a security update for Red Hat JBoss Enterprise Application Platform 7.3. Issues addressed include a remote SQL injection vulnerability.