Articles by KENNETH

USN-4452-1: libvirt vulnerability Trent Shea discovered that the libvirt package set incorrect permissions on the UNIX domain socket. A local attacker could use this issue to access libvirt and escalate privileges. Source: USN-4452-1: libvirt vulnerability

USN-4451-1: ppp vulnerability Thomas Chauchefoin discovered that ppp incorrectly handled module loading. A local attacker could use this issue to load arbitrary kernel modules and possibly execute arbitrary code. Source: USN-4451-1: ppp vulnerability

USN-4450-1: Whoopsie vulnerabilities Seong-Joong Kim discovered that Whoopsie incorrectly handled memory. A local attacker could use this issue to cause Whoopsie to consume memory, resulting in a denial of service. (CVE-2020-11937) Seong-Joong Kim discovered that Whoopsie incorrectly handled parsing files. A local attacker could use this issue to cause Whoopsie to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2020-12135) Seong-Joong Kim discovered that Whoopsie incorrectly handled memory. A local attacker could use this issue to cause Whoopsie to consume memory, resulting in a denial of service. (CVE-2020-15570) Source: USN-4450-1: Whoopsie vulnerabilities

USN-4449-1: Apport vulnerabilities Ryota Shiga discovered that Apport incorrectly dropped privileges when making certain D-Bus calls. A local attacker could use this issue to read arbitrary files. (CVE-2020-11936) Seong-Joong Kim discovered that Apport incorrectly parsed configuration files. A local attacker could use this issue to cause Apport to crash, resulting in a denial of service. (CVE-2020-15701) Ryota Shiga discovered that Apport incorrectly implemented certain checks. A local attacker could use this issue to escalate privileges and run arbitrary code. (CVE-2020-15702) Source: USN-4449-1: Apport vulnerabilities