Articles by KENNETH

USN-6089-1: Linux kernel (OEM) vulnerability It was discovered that the Intel i915 graphics driver in the Linux kernel did not perform a GPU TLB flush in some situations. A local attacker could use this to cause a denial of service or possibly execute arbitrary code. Source: USN-6089-1: Linux kernel (OEM) vulnerability

USN-6088-1: runC vulnerabilities It was discovered that runC incorrectly made /sys/fs/cgroup writable when in rootless mode. An attacker could possibly use this issue to escalate privileges. (CVE-2023-25809) It was discovered that runC incorrectly performed access control when mounting /proc to non-directories. An attacker could possibly use this issue to escalate privileges. (CVE-2023-27561) It was discovered that runC incorrectly handled /proc and /sys mounts inside a container. An attacker could possibly use this issue to bypass AppArmor, and potentially SELinux. (CVE-2023-28642) Source: USN-6088-1: runC vulnerabilities

USN-6087-1: Ruby vulnerabilities It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possibly use this issue to cause a denial of service. (CVE-2023-28755) It was discovered that Ruby incorrectly handled certain regular expressions. An attacker could possily use this issue to cause a denial of service. This issue only affected Ubuntu 16.04 ESM. (CVE-2023-28756) Source: USN-6087-1: Ruby vulnerabilities

USN-6086-1: minimatch vulnerability It was discovered that minimatch incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. Source: USN-6086-1: minimatch vulnerability