ubuntu-usn

USN-4695-1: icoutils vulnerabilities Choongwoo Han discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2017-5208) It was discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2017-5331, CVE-2017-5332, CVE-2017-5333) Jerzy Kramarz discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2017-6009, CVE-2017-6010) Jerzy Kramarz discovered that icoutils incorrectly handled certain files. An attacker could possibly use this issue to expose sensitive information. (CVE-2017-6011) Source: USN-4695-1: icoutils vulnerabilities

USN-4694-1: Linux kernel vulnerability It was discovered that the LIO SCSI target implementation in the Linux kernel performed insufficient identifier checking in certain XCOPY requests. An attacker with access to at least one LUN in a multiple backstore environment could use this to expose sensitive information or modify data. Source: USN-4694-1: Linux kernel vulnerability

USN-4693-1: Ampache vulnerabilities It was discovered that an SQL injection vulnerability exists in the Ampache search engine. Any user able to perform searches could dump any data contained in the database. An attacker could use this to disclose sensitive information. (CVE-2019-12385) It was discovered that an XSS vulnerability in Ampache. An attacker could use this vulnerability to force an admin to create a new privileged user. (CVE-2019-12386) Source: USN-4693-1: Ampache vulnerabilities

USN-4653-2: containerd vulnerability containerd packages from USN-4653-1 were reverted in order to fix a dependency issue with the docker package. This new update fixes the same issues as the previous one. We apologize for the inconvenience. Original advisory details: It was discovered that access controls for the shim’s API socket did not restrict access to the abstract unix domain socket in some cases. An attacker could use this vulnerability to run containers with elevated privileges. Source: USN-4653-2: containerd vulnerability

USN-4692-1: tar vulnerabilities Chris Siebenmann discovered that tar incorrectly handled extracting files resized during extraction when invoked with the –sparse flag. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2018-20482) Daniel Axtens discovered that tar incorrectly handled certain malformed tar files. If a user or automated system were tricked into processing a specially crafted tar archive, a remote attacker could use this issue to cause tar to crash, resulting in a denial of service. (CVE-2019-9923) Source: USN-4692-1: tar vulnerabilities