Red Hat Security Advisory 2023-3495-01 - Logging Subsystem 5.7.2 - Red Hat OpenShift. Issues addressed include cross site scripting and denial of service vulnerabilities.
75ededaa7ebb9bc88370e1dcf331b0264869168ba7cd74f69b15381204808248Red Hat Security Advisory 2023-3356-01 - Red Hat Advanced Cluster Management for Kubernetes 2.5.9 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.
27162c7cc1e92dcc5d23d2448871d026da2046e4fa22b54bb29cc7cea099108cRed Hat Security Advisory 2023-3326-01 - Red Hat Advanced Cluster Management for Kubernetes 2.6.6 images. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs.
0bc80ffdccb68cc8f12adf853992d794296ca83c6d773bd9faee7da3ab5cc662Red Hat Security Advisory 2023-2951-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow, bypass, denial of service, double free, memory leak, null pointer, out of bounds read, and use-after-free vulnerabilities.
a51622249e184c96a3bb9f730d3aa3ba191710f9d6042ba82c981d273f9298b0Red Hat Security Advisory 2023-2736-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow, bypass, denial of service, double free, memory leak, null pointer, out of bounds read, and use-after-free vulnerabilities.
e697604bcace22bcbaf5d2cc5224b1d01ff8c2e2d4609264bae2a27c05f9275eRed Hat Security Advisory 2023-0334-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include buffer overflow and privilege escalation vulnerabilities.
270a2d5624a45b16560c8e641883158312e61364d19ffad747cdf8e699ae8f52Red Hat Security Advisory 2023-0300-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include buffer overflow and privilege escalation vulnerabilities.
8d37c7d8ee1ca4cb5709e9609fb377f17f1c4bb3ae3c63a34fc4b21cff595e3bLinux suffers from two seccomp bugs with a PT_SUSPEND_SECCOMP permission bypass and ptracer death race condition.
6d7f253f354c0c71a5692bbeb6bcd2a20b50e96fc05afeda0286131716d7b406Red Hat Security Advisory 2022-7318-01 - The kernel packages contain the Linux kernel, the core of any Linux operating system. Issues addressed include privilege escalation and use-after-free vulnerabilities.
5c6e9478d119bfc745de435ae02de7fc2db2d29b759ca25d1455a9e8dd623cccRed Hat Security Advisory 2022-7319-01 - The kernel-rt packages provide the Real Time Linux Kernel, which enables fine-tuning for systems with extremely high determinism requirements. Issues addressed include privilege escalation and use-after-free vulnerabilities.
24ad868316fde0472761e4837c9d118a9ccdc2ecfcb2d472582d2c2ef1ac37e1Ubuntu Security Notice 5465-1 - It was discovered that the Linux kernel did not properly restrict access to the kernel debugger when booted in secure boot environments. A privileged attacker could use this to bypass UEFI Secure Boot restrictions. Aaron Adams discovered that the netfilter subsystem in the Linux kernel did not properly handle the removal of stateful expressions in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code.
5a8b0e348f998aafc513f85ce879db8aea235142f10eff3dd0b37e0a04e9023cIt was discovered that a race condition existed in the network scheduling subsystem of the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. Yiqi Sun and Kevin Wang discovered that the cgroups implementation in the Linux kernel did not properly restrict access to the cgroups v1 release_agent feature. A local attacker could use this to gain administrative privileges. Various other issues were also addressed.
d764344ffd074691e5125e0c7ecb9972329d587b004cdad9acfe1fafabfb0253Ubuntu Security Notice 5443-2 - Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code. Jann Horn discovered that the Linux kernel did not properly enforce seccomp restrictions in some situations. A local attacker could use this to bypass intended seccomp sandbox restrictions.
d9db3c4379a58440851b2d6e71caae3d47d27c20b77c8e1811ef18f4fc1efaf6Ubuntu Security Notice 5442-2 - Kyle Zeng discovered that the Network Queuing and Scheduling subsystem of the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service or execute arbitrary code. Bing-Jhong Billy Jheng discovered that the io_uring subsystem in the Linux kernel contained in integer overflow. A local attacker could use this to cause a denial of service or execute arbitrary code.
5632e668ad026b3cc2fecc2e4439dd6df764ced86921dd64641d8fd7bcfcf72c
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed