No Image

USN-4649-2: xdg-utils regression

2021-01-12 KENNETH 0

USN-4649-2: xdg-utils regression USN-4649-1 fixed vulnerabilities in xdg-utils. That update caused a regression by removing the –attach functionality in thunderbird and others applications. This update fix the problem by reverting these changes. Original advisory details: Jens Mueller discovered that xdg-utils incorrectly handled certain URI. An attacker could possibly use this issue to expose sensitive information. Source: USN-4649-2: xdg-utils regression

No Image

USN-4689-2: Linux kernel vulnerabilities

2021-01-12 KENNETH 0

USN-4689-2: Linux kernel vulnerabilities USN-4689-1 fixed vulnerabilities in the NVIDIA graphics drivers. This update provides the corresponding updates for the NVIDIA Linux DKMS kernel modules. Original advisory details: It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. (CVE-2021-1052) It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1053) Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or [ more… ]

No Image

USN-4690-1: coTURN vulnerability

2021-01-12 KENNETH 0

USN-4690-1: coTURN vulnerability It was discovered that coTURN allowed peers to connect and relay packets to loopback addresses in the range of 127.x.x.x. A malicious user could use this vulnerability to insert packages into the loopback interface. Source: USN-4690-1: coTURN vulnerability

No Image

USN-4689-1: NVIDIA graphics drivers vulnerabilities

2021-01-12 KENNETH 0

USN-4689-1: NVIDIA graphics drivers vulnerabilities It was discovered that the NVIDIA GPU display driver for the Linux kernel contained a vulnerability that allowed user-mode clients to access legacy privileged APIs. A local attacker could use this to cause a denial of service or escalate privileges. (CVE-2021-1052) It was discovered that the NVIDIA GPU display driver for the Linux kernel did not properly validate a pointer received from userspace in some situations. A local attacker could use this to cause a denial of service. (CVE-2021-1053) Xinyuan Lyu discovered that the NVIDIA GPU display driver for the Linux kernel did not properly restrict device-level GPU isolation. A local attacker could use this to cause a denial of service or possibly expose sensitive information. (CVE-2021-1056) Source: USN-4689-1: NVIDIA graphics drivers vulnerabilities

No Image

USN-4668-4: python-apt vulnerability

2021-01-12 KENNETH 0

USN-4668-4: python-apt vulnerability USN-4668-1 fixed a vulnerability in python-apt. This update provides the corresponding update for Ubuntu 14.04 ESM. Original advisory details: Kevin Backhouse discovered that python-apt incorrectly handled resources. A local attacker could possibly use this issue to cause python-apt to consume resources, leading to a denial of service. Source: USN-4668-4: python-apt vulnerability