Ubuntu security

Ubuntu security notices

No Image

USN-6160-1: GNU binutils vulnerability

2023-06-14 KENNETH 0

USN-6160-1: GNU binutils vulnerability It was discovered that GNU binutils incorrectly performed bounds checking operations when parsing stabs debugging information. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. Source: USN-6160-1: GNU binutils vulnerability

No Image

USN-6159-1: Tornado vulnerability

2023-06-13 KENNETH 0

USN-6159-1: Tornado vulnerability It was discovered that Tornado incorrectly handled certain redirect. An remote attacker could possibly use this issue to redirect a user to an arbitrary web site and conduct a phishing attack by having user access a specially crafted URL. Source: USN-6159-1: Tornado vulnerability

No Image

USN-6158-1: Node Fetch vulnerability

2023-06-13 KENNETH 0

USN-6158-1: Node Fetch vulnerability It was discovered that Node Fetch incorrectly handled certain inputs. If a user or an automated system were tricked into opening a specially crafted input file, a remote attacker could possibly use this issue to obtain sensitive information. Source: USN-6158-1: Node Fetch vulnerability

No Image

USN-6143-2: Firefox regressions

2023-06-13 KENNETH 0

USN-6143-2: Firefox regressions USN-6143-1 fixed vulnerabilities in Firefox. The update introduced several minor regressions. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Multiple security issues were discovered in Firefox. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit these to cause a denial of service, obtain sensitive information across domains, or execute arbitrary code. (CVE-2023-34414, CVE-2023-34416, CVE-2023-34417) Jun Kokatsu discovered that Firefox did not properly validate site-isolated process for a document loaded from a data: URL that was the result of a redirect, leading to an open redirect attack. An attacker could possibly use this issue to perform phishing attacks. (CVE-2023-34415) Source: USN-6143-2: Firefox regressions

No Image

USN-6148-1: SNI Proxy vulnerability

2023-06-12 KENNETH 0

USN-6148-1: SNI Proxy vulnerability It was discovered that SNI Proxy did not properly handle wildcard backend hosts. An attacker could possibly use this issue to cause a buffer overflow, resulting in a denial of service, or arbitrary code execution. Source: USN-6148-1: SNI Proxy vulnerability