USN-5108-1: libntlm vulnerability It was discovered that Libntlm incorrectly handled specially crafted NTML requests. An attacker could possibly use this issue to cause a denial of service or another unspecified impact. Source: USN-5108-1: libntlm vulnerability
USN-5022-3: MySQL vulnerabilities USN-5022-1 fixed several vulnerabilities in MySQL. This update provides the corresponding update for Ubuntu 16.04 ESM. Original advisory details: Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to MySQL 5.7.35 on Ubuntu 16.04 ESM. In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes. Please see the following for more information: https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-35.html https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-26.html https://www.oracle.com/security-alerts/cpujul2021.html Source: USN-5022-3: MySQL vulnerabilities
USN-5107-1: Firefox vulnerabilities Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, spoof another origin, or execute arbitrary code. Source: USN-5107-1: Firefox vulnerabilities
USN-5106-1: Linux kernel (OEM) vulnerabilities Valentina Palmiotti discovered that the io_uring subsystem in the Linux kernel could be coerced to free adjacent memory. A local attacker could use this to execute arbitrary code. (CVE-2021-41073) It was discovered that the Linux kernel did not properly enforce certain types of entries in the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. An attacker could use this to bypass UEFI Secure Boot restrictions. (CVE-2020-26541) It was discovered that the KVM hypervisor implementation in the Linux kernel did not properly perform reference counting in some situations, leading to a use-after-free vulnerability. An attacker who could start and control a VM could possibly use this to expose sensitive information or execute arbitrary code. (CVE-2021-22543) Murray McAllister discovered that the joystick device interface in the Linux kernel did not properly validate data passed via an [ more… ]
USN-5105-1: Bottle vulnerability It was discovered that Bottle incorrectly handled certain inputs. An attacker could possibly use this issue to cache malicious requests. Source: USN-5105-1: Bottle vulnerability
Copyright © 2025 | WordPress Theme by MH Themes
