Skip to content

ubuntu jammy v1.492
Compare
Choose a tag to compare
@cf-bosh-ci-bot cf-bosh-ci-bot released this 16 Jul 20:51
ubuntu-jammy/v1.492
3edb032

Metadata:

BOSH Agent Version: 2.663.0
Kernel Version: 5.15.0.116.116

USNs:

Title: USN-6891-1: Python vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6891-1
Priorities: low,medium,negligible,high
Description:
It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2015-20107)

It was discovered that Python incorrectly used regular expressions
vulnerable to catastrophic backtracking. A remote attacker could possibly
use this issue to cause a denial of service. This issue only affected
Ubuntu 14.04 LTS. (CVE-2018-1060, CVE-2018-1061)

It was discovered that Python failed to initialize Expat’s hash salt. A
remote attacker could possibly use this issue to cause hash collisions,
leading to a denial of service. This issue only affected Ubuntu 14.04 LTS.
(CVE-2018-14647)

It was discovered that Python incorrectly handled certain pickle files. An
attacker could possibly use this issue to consume memory, leading to a
denial of service. This issue only affected Ubuntu 14.04 LTS.
(CVE-2018-20406)

It was discovered that Python incorrectly validated the domain when
handling cookies. An attacker could possibly trick Python into sending
cookies to the wrong domain. This issue only affected Ubuntu 14.04 LTS.
(CVE-2018-20852)

Jonathan Birch and Panayiotis Panayiotou discovered that Python incorrectly
handled Unicode encoding during NFKC normalization. An attacker could
possibly use this issue to obtain sensitive information. This issue only
affected Ubuntu 14.04 LTS. (CVE-2019-9636, CVE-2019-10160)

It was discovered that Python incorrectly parsed certain email addresses. A
remote attacker could possibly use this issue to trick Python applications
into accepting email addresses that should be denied. This issue only
affected Ubuntu 14.04 LTS. (CVE-2019-16056)

It was discovered that the Python documentation XML-RPC server incorrectly
handled certain fields. A remote attacker could use this issue to execute a
cross-site scripting (XSS) attack. This issue only affected Ubuntu 14.04
LTS. (CVE-2019-16935)

It was discovered that Python documentation had a misleading information.
A security issue could be possibly caused by wrong assumptions of this
information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04
LTS. (CVE-2019-17514)

It was discovered that Python incorrectly stripped certain characters from
requests. A remote attacker could use this issue to perform CRLF injection.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2019-18348)

It was discovered that Python incorrectly handled certain TAR archives.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2019-20907)

Colin Read and Nicolas Edet discovered that Python incorrectly handled
parsing certain X509 certificates. An attacker could possibly use this
issue to cause Python to crash, resulting in a denial of service. This
issue only affected Ubuntu 14.04 LTS. (CVE-2019-5010)

It was discovered that incorrectly handled certain ZIP files. An attacker
could possibly use this issue to cause a denial of service. This issue only
affected Ubuntu 14.04 LTS. (CVE-2019-9674)

It was discovered that Python incorrectly handled certain urls. A remote
attacker could possibly use this issue to perform CRLF injection attacks.
This issue only affected Ubuntu 14.04 LTS. (CVE-2019-9740, CVE-2019-9947)

Sihoon Lee discovered that Python incorrectly handled the local_file:
scheme. A remote attacker could possibly use this issue to bypass blocklist
meschanisms. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-9948)

It was discovered that Python incorrectly handled certain IP values.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2020-14422)

It was discovered that Python incorrectly handled certain character
sequences. A remote attacker could possibly use this issue to perform
CRLF injection. This issue only affected Ubuntu 14.04 LTS and Ubuntu
18.04 LTS. (CVE-2020-26116)

It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code
or cause a denial of service. This issue only affected Ubuntu 14.04 LTS.
(CVE-2020-27619, CVE-2021-3177)

It was discovered that Python incorrectly handled certain HTTP requests.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS. (CVE-2020-8492)

It was discovered that the Python stdlib ipaddress API incorrectly handled
octal strings. A remote attacker could possibly use this issue to perform a
wide variety of attacks, including bypassing certain access restrictions.
This issue only affected Ubuntu 18.04 LTS. (CVE-2021-29921)

David Schwörer discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 18.04 LTS. (CVE-2021-3426)

It was discovered that Python incorrectly handled certain RFCs.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS. (CVE-2021-3733)

It was discovered that Python incorrectly handled certain server
responses. An attacker could possibly use this issue to cause a denial of
service. This issue only affected Ubuntu 14.04 LTS. (CVE-2021-3737)

It was discovered that Python incorrectly handled certain FTP requests.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2021-4189)

It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2022-0391)

Devin Jeanpierre discovered that Python incorrectly handled sockets when
the multiprocessing module was being used. A local attacker could possibly
use this issue to execute arbitrary code and escalate privileges.
This issue only affected Ubuntu 22.04 LTS. (CVE-2022-42919)

It was discovered that Python incorrectly handled certain inputs. If a
user or an automated system were tricked into running a specially
crafted input, a remote attacker could possibly use this issue to cause a
denial of service. This issue only affected Ubuntu 14.04 LTS,
Ubuntu 18.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-45061, CVE-2023-24329)

It was discovered that Python incorrectly handled certain scripts.
An attacker could possibly use this issue to execute arbitrary code
or cause a crash. This issue only affected Ubuntu 14.04 LTS and
Ubuntu 18.04 LTS. (CVE-2022-48560)

It was discovered that Python incorrectly handled certain plist files.
If a user or an automated system were tricked into processing a specially
crafted plist file, an attacker could possibly use this issue to consume
resources, resulting in a denial of service. This issue only affected
Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2022-48564)

It was discovered that Python did not properly handle XML entity
declarations in plist files. An attacker could possibly use this
vulnerability to perform an XML External Entity (XXE) injection,
resulting in a denial of service or information disclosure. This issue
only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2022-48565)

It was discovered that Python did not properly provide constant-time
processing for a crypto operation. An attacker could possibly use this
issue to perform a timing attack and recover sensitive information. This
issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2022-48566)

It was discovered that Python instances of ssl.SSLSocket were vulnerable
to a bypass of the TLS handshake. An attacker could possibly use this
issue to cause applications to treat unauthenticated received data before
TLS handshake as authenticated data after TLS handshake. This issue only
affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu
22.04 LTS. (CVE-2023-40217)

It was discovered that Python incorrectly handled null bytes when
normalizing pathnames. An attacker could possibly use this issue to bypass
certain filename checks. This issue only affected Ubuntu 22.04 LTS.
(CVE-2023-41105)

It was discovered that Python incorrectly handled privilege with certain
parameters. An attacker could possibly use this issue to maintain the
original processes' groups before starting the new process. This issue
only affected Ubuntu 23.10. (CVE-2023-6507)

It was discovered that Python incorrectly handled symlinks in temp files.
An attacker could possibly use this issue to modify the permissions of
files. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,
Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-6597)

It was discovered that Python incorrectly handled certain crafted zip
files. An attacker could possibly use this issue to crash the program,
resulting in a denial of service. (CVE-2024-0450)
CVEs:

Title: USN-6876-1: Kopano Core vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6876-1
Priorities: medium
Description:
It was discovered that Kopano Core allowed out-of-bounds access. An
attacker could use this issue to expose private information. This issue
only affected Ubuntu 18.04 LTS. (CVE-2019-19907)

It was discovered that Kopano Core allowed possible authentication
with expired passwords. An attacker could use this issue to bypass
authentication. (CVE-2022-26562)
CVEs:

Title: USN-6898-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6898-1
Priorities: medium,low,high
Description:
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not
properly handle certain error conditions, leading to a NULL pointer
dereference. A local attacker could possibly trigger this vulnerability to
cause a denial of service. (CVE-2022-38096)

Gui-Dong Han discovered that the software RAID driver in the Linux kernel
contained a race condition, leading to an integer overflow vulnerability. A
privileged attacker could possibly use this to cause a denial of service
(system crash). (CVE-2024-23307)

It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel when modifying certain settings values through debugfs.
A privileged local attacker could use this to cause a denial of service.
(CVE-2024-24857, CVE-2024-24858, CVE-2024-24859)

Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in
the Linux kernel contained a race condition, leading to an integer overflow
vulnerability. An attacker could possibly use this to cause a denial of
service (system crash). (CVE-2024-24861)

Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device
volume management subsystem did not properly validate logical eraseblock
sizes in certain situations. An attacker could possibly use this to cause a
denial of service (system crash). (CVE-2024-25739)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

Title: USN-6880-1: Tomcat vulnerability
URL: https://ubuntu.com/security/notices/USN-6880-1
Priorities: medium
Description:
Sam Shahsavar discovered that Apache Tomcat did not properly reject
HTTP requests with an invalid Content-Length header. A remote attacker
could possibly use this issue to perform HTTP request smuggling attacks.
CVEs:

Title: USN-6879-1: Virtuoso Open-Source Edition vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6879-1
Priorities: medium
Description:
Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly
handled certain crafted SQL statements. An attacker could possibly use
this issue to crash the program, resulting in a denial of service.
(CVE-2023-31620, CVE-2023-31622, CVE-2023-31624, CVE-2023-31626,
CVE-2023-31627, CVE-2023-31629, CVE-2023-31630, CVE-2023-31631,
CVE-2023-48951)

Jingzhou Fu discovered that Virtuoso Open-Source Edition incorrectly
handled certain crafted SQL statements. An attacker could possibly use
this issue to crash the program, resulting in a denial of service.
This issue only affects Ubuntu 22.04 LTS and Ubuntu 24.04 LTS.
(CVE-2023-48945, CVE-2023-48946, CVE-2023-48947, CVE-2023-48950)
CVEs:

Title: USN-6895-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6895-1
Priorities: high,low,medium
Description:
It was discovered that the ATA over Ethernet (AoE) driver in the Linux
kernel contained a race condition, leading to a use-after-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2023-6270)

It was discovered that the HugeTLB file system component of the Linux
Kernel contained a NULL pointer dereference vulnerability. A privileged
attacker could possibly use this to to cause a denial of service.
(CVE-2024-0841)

It was discovered that the Open vSwitch implementation in the Linux kernel
could overflow its stack during recursive action operations under certain
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-1151)

Gui-Dong Han discovered that the software RAID driver in the Linux kernel
contained a race condition, leading to an integer overflow vulnerability. A
privileged attacker could possibly use this to cause a denial of service
(system crash). (CVE-2024-23307)

Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in
the Linux kernel contained a race condition, leading to an integer overflow
vulnerability. An attacker could possibly use this to cause a denial of
service (system crash). (CVE-2024-24861)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

Title: USN-6870-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6870-1
Priorities: medium,high
Description:
It was discovered that the Intel Data Streaming and Intel Analytics
Accelerator drivers in the Linux kernel allowed direct access to the
devices for unprivileged users and virtual machines. A local attacker could
use this to cause a denial of service. (CVE-2024-21823)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystem:

Title: USN-6873-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6873-1
Priorities: medium,high
Description:
It was discovered that the Intel Data Streaming and Intel Analytics
Accelerator drivers in the Linux kernel allowed direct access to the
devices for unprivileged users and virtual machines. A local attacker could
use this to cause a denial of service. (CVE-2024-21823)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystem:

Title: USN-6873-2: Linux kernel (StarFive) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6873-2
Priorities: medium,high
Description:
It was discovered that the Intel Data Streaming and Intel Analytics
Accelerator drivers in the Linux kernel allowed direct access to the
devices for unprivileged users and virtual machines. A local attacker could
use this to cause a denial of service. (CVE-2024-21823)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystem:

Title: USN-6856-1: FontForge vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6856-1
Priorities: medium
Description:
It was discovered that FontForge incorrectly handled filenames. If a user or an
automated system were tricked into opening a specially crafted input file, a
remote attacker could possibly use this issue to perform a command injection.
(CVE-2024-25081)

It was discovered that FontForge incorrectly handled archives and compressed
files. If a user or an automated system were tricked into opening a specially
crafted input file, a remote attacker could possibly use this issue to perform
command injection. (CVE-2024-25082)
CVEs:

Title: USN-6872-2: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6872-2
Priorities: high
Description:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystem:

Title: USN-6869-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6869-1
Priorities: high
Description:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystem:

Title: USN-6860-1: OpenVPN vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6860-1
Priorities: medium
Description:
Reynir Björnsson discovered that OpenVPN incorrectly handled terminating
client connections. A remote authenticated client could possibly use this
issue to keep the connection active, bypassing certain security policies.
This issue only affected Ubuntu 23.10, and Ubuntu 24.04 LTS.
(CVE-2024-28882)

Reynir Björnsson discovered that OpenVPN incorrectly handled certain
control channel messages with nonprintable characters. A remote attacker
could possibly use this issue to cause OpenVPN to consume resources, or
fill up log files with garbage, leading to a denial of service.
(CVE-2024-5594)
CVEs:

Title: USN-6897-1: Ghostscript vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6897-1
Priorities: medium
Description:
It was discovered that Ghostscript incorrectly handled certain long PDF
filter names. An attacker could possibly use this issue to cause
Ghostscript to crash, resulting in a denial of service. This issue only
affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-29506)

It was discovered that Ghostscript incorrectly handled certain API
parameters. An attacker could possibly use this issue to cause Ghostscript
to crash, resulting in a denial of service. This issue only affected Ubuntu
24.04 LTS. (CVE-2024-29507)

It was discovered that Ghostscript incorrectly handled certain BaseFont
names. An attacker could use this issue to cause Ghostscript to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2024-29508)

It was discovered that Ghostscript incorrectly handled certain PDF
passwords that contained NULL bytes. An attacker could use this issue to
cause Ghostscript to crash, resulting in a denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 22.04 LTS and
Ubuntu 24.04 LTS. (CVE-2024-29509)

It was discovered that Ghostscript incorrectly handled certain certain file
paths when doing OCR. An attacker could use this issue to read arbitrary
files and write error messages to arbitrary files. This issue only affected
Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-29511)
CVEs:

Title: USN-6889-1: .NET vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6889-1
Priorities: medium
Description:
It was discovered that .NET did not properly handle object
deserialization. An attacker could possibly use this issue to cause
a denial of service. (CVE-2024-30105)

Radek Zikmund discovered that .NET did not properly manage memory. An
attacker could use this issue to cause a denial of service or possibly
execute arbitrary code. (CVE-2024-35264)

It was discovered that .NET did not properly parse X.509 Content and
ObjectIdentifiers. An attacker could possibly use this issue to cause
a denial of service. (CVE-2024-38095)
CVEs:

Title: USN-6882-1: Cinder vulnerability
URL: https://ubuntu.com/security/notices/USN-6882-1
Priorities: medium
Description:
Martin Kaesberger discovered that Cinder incorrectly handled QCOW2 image
processing. An authenticated user could use this issue to access arbitrary
files on the server, possibly exposing sensitive information.
CVEs:

Title: USN-6883-1: OpenStack Glance vulnerability
URL: https://ubuntu.com/security/notices/USN-6883-1
Priorities: medium
Description:
Martin Kaesberger discovered that Glance incorrectly handled QCOW2 image
processing. An authenticated user could use this issue to access arbitrary
files on the server, possibly exposing sensitive information.
CVEs:

Title: USN-6884-1: Nova vulnerability
URL: https://ubuntu.com/security/notices/USN-6884-1
Priorities: medium
Description:
Martin Kaesberger discovered that Nova incorrectly handled QCOW2 image
processing. An authenticated user could use this issue to access arbitrary
files on the server, possibly exposing sensitive information.
CVEs:

Title: USN-6885-2: Apache HTTP Server regression
URL: https://ubuntu.com/security/notices/USN-6885-2
Priorities: medium
Description:
USN-6885-1 fixed vulnerabilities in Apache HTTP Server. One of the security
fixes introduced a regression when proxying requests to a HTTP/2 server.
This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Marc Stern discovered that the Apache HTTP Server incorrectly handled
serving WebSocket protocol upgrades over HTTP/2 connections. A remote
attacker could possibly use this issue to cause the server to crash,
resulting in a denial of service. (CVE-2024-36387)

Orange Tsai discovered that the Apache HTTP Server mod_proxy module
incorrectly sent certain request URLs with incorrect encodings to backends.
A remote attacker could possibly use this issue to bypass authentication.
(CVE-2024-38473)

Orange Tsai discovered that the Apache HTTP Server mod_rewrite module
incorrectly handled certain substitutions. A remote attacker could possibly
use this issue to execute scripts in directories not directly reachable
by any URL, or cause a denial of service. Some environments may require
using the new UnsafeAllow3F flag to handle unsafe substitutions.
(CVE-2024-38474, CVE-2024-38475, CVE-2024-39573)

Orange Tsai discovered that the Apache HTTP Server incorrectly handled
certain response headers. A remote attacker could possibly use this issue
to obtain sensitive information, execute local scripts, or perform SSRF
attacks. (CVE-2024-38476)

Orange Tsai discovered that the Apache HTTP Server mod_proxy module
incorrectly handled certain requests. A remote attacker could possibly use
this issue to cause the server to crash, resulting in a denial of service.
(CVE-2024-38477)

It was discovered that the Apache HTTP Server incorrectly handled certain
handlers configured via AddType. A remote attacker could possibly use this
issue to obtain source code. (CVE-2024-39884)
CVEs:

Title: USN-6885-1: Apache HTTP Server vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6885-1
Priorities: medium
Description:
Marc Stern discovered that the Apache HTTP Server incorrectly handled
serving WebSocket protocol upgrades over HTTP/2 connections. A remote
attacker could possibly use this issue to cause the server to crash,
resulting in a denial of service. (CVE-2024-36387)

Orange Tsai discovered that the Apache HTTP Server mod_proxy module
incorrectly sent certain request URLs with incorrect encodings to backends.
A remote attacker could possibly use this issue to bypass authentication.
(CVE-2024-38473)

Orange Tsai discovered that the Apache HTTP Server mod_rewrite module
incorrectly handled certain substitutions. A remote attacker could possibly
use this issue to execute scripts in directories not directly reachable
by any URL, or cause a denial of service. Some environments may require
using the new UnsafeAllow3F flag to handle unsafe substitutions.
(CVE-2024-38474, CVE-2024-38475, CVE-2024-39573)

Orange Tsai discovered that the Apache HTTP Server incorrectly handled
certain response headers. A remote attacker could possibly use this issue
to obtain sensitive information, execute local scripts, or perform SSRF
attacks. (CVE-2024-38476)

Orange Tsai discovered that the Apache HTTP Server mod_proxy module
incorrectly handled certain requests. A remote attacker could possibly use
this issue to cause the server to crash, resulting in a denial of service.
(CVE-2024-38477)

It was discovered that the Apache HTTP Server incorrectly handled certain
handlers configured via AddType. A remote attacker could possibly use this
issue to obtain source code. (CVE-2024-39884)
CVEs:

What's Changed

  • Vary location of grub config if the stemcell is EFI or not by @selzoc in #362
  • Add spec helper for grub.cfg path by @selzoc in #363
  • Do not exclude grub tests on fips by @selzoc in #364

New Contributors

Full Changelog: ubuntu-jammy/v1.351...ubuntu-jammy/v1.492

Contributors

selzoc
Assets 2
Loading