Ubuntu security

USN-5790-1: Linux kernel vulnerabilities It was discovered that the BPF verifier in the Linux kernel did not properly handle internal data structures. A local attacker could use this to expose sensitive information (kernel memory). (CVE-2021-4159) It was discovered that a race condition existed in the Android Binder IPC subsystem in the Linux kernel, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-20421) It was discovered that the Intel 740 frame buffer driver in the Linux kernel contained a divide by zero vulnerability. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-3061) Gwnaun Jung discovered that the SFB packet scheduling implementation in the Linux kernel contained a use-after-free vulnerability. A local attacker could use this to cause a denial [ more… ]

USN-5789-1: Linux kernel (OEM) vulnerabilities It was discovered that the NFSD implementation in the Linux kernel did not properly handle some RPC messages, leading to a buffer overflow. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-43945) Jann Horn discovered that the Linux kernel did not properly track memory allocations for anonymous VMA mappings in some situations, leading to potential data structure reuse. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2022-42703) Roger Pau Monné discovered that the Xen virtual block driver in the Linux kernel did not properly initialize memory pages to be used for shared communication with the backend. A local attacker could use this to expose sensitive information (guest kernel memory). (CVE-2022-26365) Jan Beulich discovered [ more… ]

USN-5788-1: curl vulnerabilities Hiroki Kurosawa discovered that curl incorrectly handled HSTS support when certain hostnames included IDN characters. A remote attacker could possibly use this issue to cause curl to use unencrypted connections. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2022-43551) It was discovered that curl incorrectly handled denials when using HTTP proxies. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2022-43552) Source: USN-5788-1: curl vulnerabilities

USN-5782-2: Firefox regressions USN-5782-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that Firefox was using an out-of-date libusrsctp library. An attacker could possibly use this library to perform a reentrancy issue on Firefox. (CVE-2022-46871) Nika Layzell discovered that Firefox was not performing a check on paste received from cross-processes. An attacker could potentially exploit this to obtain sensitive information. (CVE-2022-46872) Pete Freitag discovered that Firefox did not implement the unsafe-hashes CSP directive. An attacker who was able to inject markup into a page otherwise protected by a Content Security Policy may have been able to inject an executable script. (CVE-2022-46873) Matthias Zoellner discovered that Firefox was not keeping the filename ending intact when using the drag-and-drop event. An attacker could possibly [ more… ]

USN-5787-1: Libksba vulnerability It was discovered that Libksba incorrectly handled parsing CRL signatures. A remote attacker could use this issue to cause Libksba to crash, resulting in a denial of service, or possibly execute arbitrary code. Source: USN-5787-1: Libksba vulnerability