Ubuntu security

USN-6206-1: Linux kernel (OEM) vulnerabilities Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that the NTFS file system implementation in the Linux kernel contained a null pointer dereference in some situations. A local attacker could use this to cause a denial of service (system crash). (CVE-2022-4842) Seth Jenkins discovered that the CPU data to memory implementation for x86 processors in the Linux kernel did not properly perform address randomization. A local attacker could use this to expose sensitive information (kernel memory) or in conjunction with another kernel vulnerability. (CVE-2023-0597) It was discovered that the XFS file system implementation in the Linux kernel did not properly perform metadata [ more… ]

USN-6205-1: Linux kernel (GKE) vulnerabilities Hangyu Hua discovered that the Flower classifier implementation in the Linux kernel contained an out-of-bounds write vulnerability. An attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-35788, LP: #2023577) It was discovered that for some Intel processors the INVLPG instruction implementation did not properly flush global TLB entries when PCIDs are enabled. An attacker could use this to expose sensitive information (kernel memory) or possibly cause undesired behaviors. (LP: #2023220) Source: USN-6205-1: Linux kernel (GKE) vulnerabilities

USN-6204-1: CPDB vulnerability Seth Arnold discovered that CPDB incorrectly handled certain characters. An attacker could possibly use this issue to cause a crash or execute arbitrary code. Source: USN-6204-1: CPDB vulnerability

USN-6203-1: Django vulnerability Seokchan Yoon discovered that Django incorrectly handled certain regular expressions. A remote attacker could possibly use this issue to cause Django to consume resources, leading to a denial of service. Source: USN-6203-1: Django vulnerability

USN-6202-1: containerd vulnerabilities David Korczynski and Adam Korczynski discovered that containerd incorrectly processed certain images with large files. An attacker could possibly use this issue to cause containerd to crash, resulting in a denial of service. (CVE-2023-25153) It was discovered that containerd incorrectly set up supplementary groups inside a container. An attacker with direct access to the container could possibly use this issue to obtain sensitive information or execute code with higher privileges. (CVE-2023-25173) Source: USN-6202-1: containerd vulnerabilities