Ubuntu security

USN-5871-1: Git vulnerabilities It was discovered that Git incorrectly handled certain repositories. An attacker could use this issue to make Git uses its local clone optimization even when using a non-local transport. (CVE-2023-22490) Joern Schneeweisz discovered that Git incorrectly handled certain commands. An attacker could possibly use this issue to overwrite a patch outside the working tree. (CVE-2023-23946) Source: USN-5871-1: Git vulnerabilities

USN-5869-1: HAProxy vulnerability Bahruz Jabiyev, Anthony Gavazzi, Engin Kirda, Kaan Onarlioglu, Adi Peleg, and Harvey Tuch discovered that HAProxy incorrectly handled empty header names. A remote attacker could possibly use this issue to manipulate headers and bypass certain authentication checks and restrictions. Source: USN-5869-1: HAProxy vulnerability

USN-5868-1: Django vulnerability Jakob Ackermann discovered that Django incorrectly handled certain file uploads. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. Source: USN-5868-1: Django vulnerability

LSN-0091-1: Kernel Live Patch Security Notice It was discovered that a race condition existed in the memory address space accounting implementation in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2022-41222) Sönke Huster discovered that a use-after-free vulnerability existed in the WiFi driver stack in the Linux kernel. A physically proximate attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code.(CVE-2022-42719) Source: LSN-0091-1: Kernel Live Patch Security Notice

USN-5864-1: Fig2dev vulnerabilities Frederic Cambus discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 18.04 LTS. (CVE-2019-14275) It was discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue to cause a denial of service. (CVE-2019-19555, CVE-2019-19797, CVE-2020-21529, CVE-2020-21530, CVE-2020-21531, CVE-2020-21532, CVE-2020-21533, CVE-2020-21534, CVE-2020-21535, CVE-2020-21675, CVE-2020-21676, CVE-2021-3561) It was discovered that Fig2dev incorrectly handled certain image files. If a user or an automated system were tricked into opening a certain specially crafted input file, a remote attacker could possibly use this issue [ more… ]