[월:] 2020년 08월

USN-4464-1: GNOME Shell vulnerability It was discovered that GNOME Shell incorrectly handled the login screen password dialog. Sensitive information could possibly be exposed during user logout. Source: USN-4464-1: GNOME Shell vulnerability

USN-4463-1: Linux kernel vulnerabilities It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. (CVE-2020-12771) Kyungtae Kim discovered that the USB testing driver in the Linux kernel did not properly deallocate memory on disconnect events. A physically proximate attacker could use this to cause a denial of service (memory exhaustion). (CVE-2020-15393) Source: USN-4463-1: Linux kernel vulnerabilities

USN-4462-1: Linux kernel vulnerability It was discovered that the bcache subsystem in the Linux kernel did not properly release a lock in some error conditions. A local attacker could possibly use this to cause a denial of service. Source: USN-4462-1: Linux kernel vulnerability

USN-4461-1: Ark vulnerability Dominik Penner discovered that Ark did not properly sanitize zip archive files before performing extraction. An attacker could use this to construct a malicious zip archive that, when opened, would create files outside the extraction directory. Source: USN-4461-1: Ark vulnerability