USN-5629-1: Python vulnerability It was discovered that the Python http.server module incorrectly handled certain URIs. An attacker could potentially use this to redirect web traffic. Source: USN-5629-1: Python vulnerability
USN-5634-1: Linux kernel (OEM) vulnerability Domingo Dirutigliano and Nicola Guerrera discovered that the netfilter subsystem in the Linux kernel did not properly handle rules that truncated packets below the packet header size. When such rules are in place, a remote attacker could possibly use this to cause a denial of service (system crash). Source: USN-5634-1: Linux kernel (OEM) vulnerability
USN-5633-1: Linux kernel vulnerabilities It was discovered that the framebuffer driver on the Linux kernel did not verify size limits when changing font or screen size, leading to an out-of- bounds write. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2021-33655) Duoming Zhou discovered that race conditions existed in the timer handling implementation of the Linux kernel’s Rose X.25 protocol layer, resulting in use-after-free vulnerabilities. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-2318) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Roger Pau Monné discovered that the [ more… ]
USN-5632-1: OAuthLib vulnerability Sebastian Chnelik discovered that OAuthLib incorrectly handled certain redirect uris. A remote attacker could possibly use this issue to cause OAuthLib to crash, resulting in a denial of service. Source: USN-5632-1: OAuthLib vulnerability
USN-5631-1: libjpeg-turbo vulnerabilities It was discovered that libjpeg-turbo incorrectly handled certain EOF characters. An attacker could possibly use this issue to cause libjpeg-turbo to consume resource, leading to a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2018-11813) It was discovered that libjpeg-turbo incorrectly handled certain malformed jpeg files. An attacker could possibly use this issue to cause libjpeg-turbo to crash, resulting in a denial of service. (CVE-2020-17541, CVE-2020-35538) It was discovered that libjpeg-turbo incorrectly handled certain malformed PPM files. An attacker could use this issue to cause libjpeg-turbo to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 20.04 LTS. (CVE-2021-46822) Source: USN-5631-1: libjpeg-turbo vulnerabilities
Copyright © 2026 | WordPress Theme by MH Themes
