Articles by KENNETH

USN-5658-3: DHCP vulnerabilities USN-5658-1 fixed several vulnerabilities in DHCP. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: It was discovered that DHCP incorrectly handled option reference counting. A remote attacker could possibly use this issue to cause DHCP servers to crash, resulting in a denial of service. (CVE-2022-2928) It was discovered that DHCP incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause DHCP clients and servers to consume resources, leading to a denial of service. (CVE-2022-2929) Source: USN-5658-3: DHCP vulnerabilities

USN-5733-1: FLAC vulnerabilities It was discovered that FLAC was not properly performing memory management operations, which could result in a memory leak. An attacker could possibly use this issue to cause FLAC to consume resources, leading to a denial of service. (CVE-2017-6888) It was discovered that FLAC was not properly performing bounds checking operations when encoding or decoding data. If a user or automated system were tricked into processing a specially crafted file, an attacker could possibly use this issue to expose sensitive information or to cause FLAC to crash, leading to a denial of service. (CVE-2020-0499, CVE-2021-0561) Source: USN-5733-1: FLAC vulnerabilities

USN-5686-3: Git vulnerabilities USN-5686-1 fixed vulnerabilities in Git. This update provides the corresponding updates for Ubuntu 22.10. Original advisory details: Cory Snider discovered that Git incorrectly handled certain symbolic links. An attacker could possibly use this issue to cause an unexpected behaviour. (CVE-2022-39253) Kevin Backhouse discovered that Git incorrectly handled certain command strings. An attacker could possibly use this issue to arbitrary code execution. (CVE-2022-39260) Source: USN-5686-3: Git vulnerabilities