[월:] 2023년 07월

USN-6198-1: GNU Screen vulnerability It was discovered that GNU Screen was not properly checking user identifiers before sending certain signals to target processes. If GNU Screen was installed as setuid or setgid, a local attacker could possibly use this issue to cause a denial of service on a target application. Source: USN-6198-1: GNU Screen vulnerability

USN-6197-1: OpenLDAP vulnerability It was discovered that OpenLDAP was not properly performing bounds checks when executing functions related to LDAP URLs. An attacker could possibly use this issue to cause a denial of service. Source: USN-6197-1: OpenLDAP vulnerability

USN-6196-1: ReportLab vulnerability It was discovered that ReportLab incorrectly handled certain PDF files. An attacker could possibly use this issue to execute arbitrary code. Source: USN-6196-1: ReportLab vulnerability

USN-6195-1: Vim vulnerabilities It was discovered that Vim contained an out-of-bounds read vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0128) It was discovered that Vim did not properly manage memory when freeing allocated memory. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0156) It was discovered that Vim contained a heap-based buffer overflow vulnerability. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2022-0158) It was discovered that Vim did not properly manage memory when recording and using select mode. An attacker could possibly use this issue to cause a denial of service. (CVE-2022-0393) It was discovered that Vim incorrectly handled certain memory operations during a visual block yank. An attacker could [ more… ]