Skip to content

ubuntu jammy v1.340
Compare
Choose a tag to compare
@cf-bosh-ci-bot cf-bosh-ci-bot released this 10 Jan 22:31
ubuntu-jammy/v1.340
ac48843

Metadata:

BOSH Agent Version: 2.616.0

What's Changed

  • Fixed issue where logrotate was not being scheduled properly due to using "OnUnitActiveSec" instead of "OnCalendar." #308

USNs:

Title: USN-6233-2: YAJL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6233-2
Priorities: low,medium
Description:
USN-6233-1 fixed vulnerabilities in YAJL. This update provides the
corresponding updates for Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu
23.04.

Original advisory details:

It was discovered that YAJL was not properly performing bounds checks when
decoding a string with escape sequences. If a user or automated system
using YAJL were tricked into processing specially crafted input, an
attacker could possibly use this issue to cause a denial of service
(application abort). (CVE-2017-16516)

It was discovered that YAJL was not properly handling memory allocation
when dealing with large inputs, which could lead to heap memory
corruption. If a user or automated system using YAJL were tricked into
running a specially crafted large input, an attacker could possibly use
this issue to cause a denial of service. (CVE-2022-24795)

It was discovered that memory leaks existed in one of the YAJL parsing
functions. An attacker could possibly use this issue to cause a denial of
service (memory exhaustion). (CVE-2023-33460)
CVEs:

Title: USN-6558-1: audiofile vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6558-1
Priorities: low,medium
Description:
It was discovered that audiofile could be made to dereference invalid
memory. If a user or an automated system were tricked into opening a
specially crafted file, an attacker could possibly use this issue to cause
a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu
18.04 LTS. (CVE-2018-13440)

It was discovered that audiofile could be made to write out of bounds. If a
user or an automated system were tricked into opening a specially crafted
file, an attacker could possibly use this issue to cause a denial of
service or execute arbitrary code. This issue only affected Ubuntu 16.04
LTS and Ubuntu 18.04 LTS. (CVE-2018-17095)

It was discovered that audiofile could be made to dereference invalid
memory. If a user or an automated system were tricked into opening a
specially crafted file, an attacker could possibly use this issue to cause
a denial of service. (CVE-2019-13147)

It was discovered that audiofile could be made to leak memory. If a user or
an automated system were tricked into opening a specially crafted file, an
attacker could possibly use this issue to obtain sensitive information.
(CVE-2022-24599)
CVEs:

Title: USN-6567-1: QEMU vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6567-1
Priorities: low,medium
Description:
Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the
USB xHCI controller device. A privileged guest attacker could possibly use
this issue to cause QEMU to crash, leading to a denial of service. This
issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2020-14394)

It was discovered that QEMU incorrectly handled the TCG Accelerator. A
local attacker could use this issue to cause QEMU to crash, leading to a
denial of service, or possibly execute arbitrary code and esclate
privileges. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-24165)

It was discovered that QEMU incorrectly handled the Intel HD audio device.
A malicious guest attacker could use this issue to cause QEMU to crash,
leading to a denial of service. This issue only affected Ubuntu 22.04 LTS.
(CVE-2021-3611)

It was discovered that QEMU incorrectly handled the ATI VGA device. A
malicious guest attacker could use this issue to cause QEMU to crash,
leading to a denial of service. This issue only affected Ubuntu 20.04 LTS.
(CVE-2021-3638)

It was discovered that QEMU incorrectly handled the VMWare paravirtual RDMA
device. A malicious guest attacker could use this issue to cause QEMU to
crash, leading to a denial of service. (CVE-2023-1544)

It was discovered that QEMU incorrectly handled the 9p passthrough
filesystem. A malicious guest attacker could possibly use this issue to
open special files and escape the exported 9p tree. This issue only
affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04.
(CVE-2023-2861)

It was discovered that QEMU incorrectly handled the virtual crypto device.
A malicious guest attacker could use this issue to cause QEMU to crash,
leading to a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04.
(CVE-2023-3180)

It was discovered that QEMU incorrectly handled the built-in VNC server.
A remote authenticated attacker could possibly use this issue to cause QEMU
to stop responding, resulting in a denial of service. This issue only
affected Ubuntu 22.04 LTS and Ubuntu 23.04. (CVE-2023-3255)

It was discovered that QEMU incorrectly handled net device hot-unplugging.
A malicious guest attacker could use this issue to cause QEMU to crash,
leading to a denial of service. This issue only affected Ubuntu 22.04 LTS
and Ubuntu 23.04. (CVE-2023-3301)

It was discovered that QEMU incorrectly handled the built-in VNC server.
A remote attacker could possibly use this issue to cause QEMU to crash,
resulting in a denial of service. This issue only affected Ubuntu 20.04
LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04. (CVE-2023-3354)

It was discovered that QEMU incorrectly handled NVME devices. A malicious
guest attacker could use this issue to cause QEMU to crash, leading to a
denial of service. This issue only affected Ubuntu 23.10. (CVE-2023-40360)

It was discovered that QEMU incorrectly handled NVME devices. A malicious
guest attacker could use this issue to cause QEMU to crash, leading to a
denial of service, or possibly obtain sensitive information. This issue
only affected Ubuntu 23.10. (CVE-2023-4135)

It was discovered that QEMU incorrectly handled SCSI devices. A malicious
guest attacker could use this issue to cause QEMU to crash, leading to a
denial of service. This issue only affected Ubuntu 23.04 and Ubuntu 23.10.
(CVE-2023-42467)

It was discovered that QEMU incorrectly handled certain disk offsets. A
malicious guest attacker could possibly use this issue to gain control of
the host in certain nested virtualization scenarios. (CVE-2023-5088)
CVEs:

Title: USN-6565-1: OpenSSH vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6565-1
Priorities: low,medium
Description:
It was discovered that OpenSSH incorrectly handled supplemental groups when
running helper programs for AuthorizedKeysCommand and
AuthorizedPrincipalsCommand as a different user. An attacker could possibly
use this issue to escalate privileges. This issue only affected Ubuntu
20.04 LTS. (CVE-2021-41617)

It was discovered that OpenSSH incorrectly added destination constraints
when PKCS#11 token keys were added to ssh-agent, contrary to expectations.
This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04.
(CVE-2023-51384)

It was discovered that OpenSSH incorrectly handled user names or host names
with shell metacharacters. An attacker could possibly use this issue to
perform OS command injection. (CVE-2023-51385)
CVEs:

Title: USN-6557-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6557-1
Priorities: low,medium
Description:
It was discovered that Vim could be made to dereference invalid memory. An
attacker could possibly use this issue to cause a denial of service. This
issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04
LTS. (CVE-2022-1725)

It was discovered that Vim could be made to recurse infinitely. An
attacker could possibly use this issue to cause a denial of service. This
issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1771)

It was discovered that Vim could be made to write out of bounds with a put
command. An attacker could possibly use this issue to cause a denial of
service or execute arbitrary code. This issue only affected Ubuntu 22.04
LTS. (CVE-2022-1886)

It was discovered that Vim could be made to write out of bounds. An
attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. This issue only affected Ubuntu 14.04 LTS, Ubuntu
18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-1897,
CVE-2022-2000)

It was discovered that Vim did not properly manage memory in the spell
command. An attacker could possibly use this issue to cause a denial of
service or execute arbitrary code. This issue only affected Ubuntu 22.04
LTS. (CVE-2022-2042)

It was discovered that Vim did not properly manage memory. An attacker
could possibly use this issue to cause a denial of service or execute
arbitrary code. (CVE-2023-46246, CVE-2023-48231)

It was discovered that Vim could be made to divide by zero. An attacker
could possibly use this issue to cause a denial of service. This issue
only affected Ubuntu 23.04 and Ubuntu 23.10. (CVE-2023-48232)

It was discovered that Vim contained multiple arithmetic overflows. An
attacker could possibly use these issues to cause a denial of service.
(CVE-2023-48233, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236,
CVE-2023-48237)

It was discovered that Vim did not properly manage memory in the
substitute command. An attacker could possibly use this issue to cause a
denial of service or execute arbitrary code. This issue only affected
Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-48706)
CVEs:

Title: USN-6564-1: Node.js vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6564-1
Priorities: medium,high
Description:
Hubert Kario discovered that Node.js incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to obtain sensitive
information. (CVE-2022-4304)

CarpetFuzz, Dawei Wang discovered that Node.js incorrectly handled certain
inputs. If a user or an automated system were tricked into opening a specially
crafted input file, a remote attacker could possibly use this issue to cause a
denial of service. (CVE-2022-4450)

Octavio Galland and Marcel Böhme discovered that Node.js incorrectly handled
certain inputs. If a user or an automated system were tricked into opening a
specially crafted input file, a remote attacker could possibly use this issue
to cause a denial of service. (CVE-2023-0215)

David Benjamin discovered that Node.js incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to obtain sensitive
information. (CVE-2023-0286)

Hubert Kario and Dmitry Belyavsky discovered that Node.js incorrectly handled
certain inputs. If a user or an automated system were tricked into opening a
specially crafted input file, a remote attacker could possibly use this issue
to cause a denial of service. (CVE-2023-0401)
CVEs:

Title: USN-6556-1: Budgie Extras vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6556-1
Priorities: medium
Description:
It was discovered that Budgie Extras incorrectly handled certain temporary file paths.
An attacker could possibly use this issue to inject false information or deny
access to the application. (CVE-2023-49342, CVE-2023-49343, CVE-2023-49347)

Matthias Gerstner discovered that Budgie Extras incorrectly handled certain
temporary file paths. A local attacker could use this to inject arbitrary PNG
data in this path and have it displayed on the victim's desktop or deny access
to the application. (CVE-2023-49344)

Matthias Gerstner discovered that Budgie Extras incorrectly handled certain
temporary file paths. A local attacker could use this to inject false information
or deny access to the application. (CVE-2023-49345, CVE-2023-49346)
CVEs:

Title: USN-6563-1: Thunderbird vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6563-1
Priorities: medium
Description:
Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code.(CVE-2023-6857, CVE-2023-6858,
CVE-2023-6859, CVE-2023-6861, CVE-2023-6862, CVE-2023-6863, CVE-2023-6864)

Marcus Brinkmann discovered that Thunderbird did not properly parse a PGP/MIME
payload that contains digitally signed text. An attacker could potentially
exploit this issue to spoof an email message. (CVE-2023-50762)

Marcus Brinkmann discovered that Thunderbird did not properly compare the
signature creation date with the message date and time when using digitally
signed S/MIME email message. An attacker could potentially exploit this
issue to spoof date and time of an email message. (CVE-2023-50761)

DoHyun Lee discovered that Thunderbird did not properly manage memory when
used on systems with the Mesa VM driver. An attacker could potentially
exploit this issue to execute arbitrary code. (CVE-2023-6856)

Andrew Osmond discovered that Thunderbird did not properly validate the
textures produced by remote decoders. An attacker could potentially exploit
this issue to escape the sandbox. (CVE-2023-6860)
CVEs:

Assets 2
Loading