Releases · cloudfoundry/bosh-linux-stemcell-builder

02 Jun 15:32

cf-bosh-ci-bot

ubuntu-bionic/v1.201

8d6e263

ubuntu bionic v1.201

Metadata:

BOSH Agent Version: 2.531.0

USNs:

Title: USN-6035-1: KAuth vulnerability
URL: https://ubuntu.com/security/notices/USN-6035-1
Priorities: medium
Description:
It was discovered that KAuth incorrectly handled some configuration parameters
with specially crafted arbitrary types. An attacker could possibly use this
issue to cause a denial of service, or possibly execute arbitrary code.
CVEs:

https://ubuntu.com/security/CVE-2019-7443

Title: USN-6049-1: Netty vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6049-1
Priorities: medium
Description:
It was discovered that Netty's Zlib decoders did not limit memory
allocations. A remote attacker could possibly use this issue to cause
Netty to exhaust memory via malicious input, leading to a denial of
service. This issue only affected Ubuntu 16.04 ESM and Ubuntu 20.04 ESM.
(CVE-2020-11612)

It was discovered that Netty created temporary files with excessive
permissions. A local attacker could possibly use this issue to expose
sensitive information. This issue only affected Ubuntu 16.04 ESM, Ubuntu
18.04 ESM, and Ubuntu 20.04 ESM. (CVE-2021-21290)

It was discovered that Netty did not properly validate content-length
headers. A remote attacker could possibly use this issue to smuggle
requests. This issue was only fixed in Ubuntu 20.04 ESM. (CVE-2021-21295,
CVE-2021-21409)

It was discovered that Netty's Bzip2 decompression decoder did not limit
the decompressed output data size. A remote attacker could possibly use
this issue to cause Netty to exhaust memory via malicious input, leading
to a denial of service. This issue only affected Ubuntu 18.04 ESM, Ubuntu
20.04 ESM, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2021-37136)

It was discovered that Netty's Snappy frame decoder function did not limit
chunk lengths. A remote attacker could possibly use this issue to cause
Netty to exhaust memory via malicious input, leading to a denial of
service. (CVE-2021-37137)

It was discovered that Netty did not properly handle control chars at the
beginning and end of header names. A remote attacker could possibly use
this issue to smuggle requests. This issue only affected Ubuntu 18.04 ESM,
Ubuntu 20.04 ESM, Ubuntu 22.04 LTS, and Ubuntu 22.10. (CVE-2021-43797)

It was discovered that Netty could be made into an infinite recursion when
parsing a malformed crafted message. A remote attacker could possibly use
this issue to cause Netty to crash, leading to a denial of service. This
issue only affected Ubuntu 20.04 ESM, Ubuntu 22.04 LTS, and Ubuntu 22.10.
(CVE-2022-41881)

It was discovered that Netty did not validate header values under certain
circumstances. A remote attacker could possibly use this issue to perform
HTTP response splitting via malicious header values. This issue only
affected Ubuntu 18.04 ESM, Ubuntu 20.04 ESM, Ubuntu 22.04 LTS, and Ubuntu
22.10. (CVE-2022-41915)
CVEs:

Title: USN-6048-1: ZenLib vulnerability
URL: https://ubuntu.com/security/notices/USN-6048-1
Priorities: medium
Description:
It was discovered that ZenLib doesn't check the return value of a specific
operation before using it. An attacker could use a specially crafted input
to crash programs using the library.
CVEs:

https://ubuntu.com/security/CVE-2020-36646

Title: USN-6065-1: css-what vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6065-1
Priorities: medium
Description:
It was discovered that css-what incorrectly handled certain inputs. If a user
or an automated system were tricked into opening a specially crafted input
file, a remote attacker could possibly use this issue to cause a denial of
service. (CVE-2021-33587, CVE-2022-21222)
CVEs:

Title: USN-6037-1: Apache Commons Net vulnerability
URL: https://ubuntu.com/security/notices/USN-6037-1
Priorities: medium
Description:
ZeddYu Lu discovered that the FTP client from Apache Commons Net trusted
the host from PASV responses by default. A remote attacker with a
malicious FTP server could redirect the client to another server, which
could possibly result in leaked information about services running on the
private network of the client.
CVEs:

https://ubuntu.com/security/CVE-2021-37533

Title: USN-6063-1: Ceph vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6063-1
Priorities: low,medium
Description:
Mark Kirkwood discovered that Ceph incorrectly handled certain key lengths.
An attacker could possibly use this issue to create non-random encryption
keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2021-3979)

It was discovered that Ceph incorrectly handled the volumes plugin. An
attacker could possibly use this issue to obtain access to any share. This
issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10.
(CVE-2022-0670)

It was discovered that Ceph incorrectly handled crash dumps. A local
attacker could possibly use this issue to escalate privileges to root. This
issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10.
(CVE-2022-3650)

It was discovered that Ceph incorrectly handled URL processing on RGW
backends. An attacker could possibly use this issue to cause RGW to crash,
leading to a denial of service. This issue only affected Ubuntu 22.04 LTS
and Ubuntu 22.10. (CVE-2022-3854)
CVEs:

Title: USN-6038-1: Go vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6038-1
Priorities: medium
Description:
It was discovered that the Go net/http module incorrectly handled
Transfer-Encoding headers in the HTTP/1 client. A remote attacker could
possibly use this issue to perform an HTTP Request Smuggling attack.
(CVE-2022-1705)

It was discovered that Go did not properly manage memory under certain
circumstances. An attacker could possibly use this issue to cause a panic
resulting into a denial of service. (CVE-2022-1962, CVE-2022-27664,
CVE-2022-28131, CVE-2022-30630, CVE-2022-30631, CVE-2022-30632,
CVE-2022-30633, CVE-2022-30635, CVE-2022-32189, CVE-2022-41715,
CVE-2022-41717, CVE-2023-24534, CVE-2023-24537)

It was discovered that Go did not properly implemented the maximum size of
file headers in Reader.Read. An attacker could possibly use this issue to
cause a panic resulting into a denial of service. (CVE-2022-2879)

It was discovered that the Go net/http module incorrectly handled query
parameters in requests forwarded by ReverseProxy. A remote attacker could
possibly use this issue to perform an HTTP Query Parameter Smuggling attack.
(CVE-2022-2880)

It was discovered that Go did not properly manage the permissions for
Faccessat function. A attacker could possibly use this issue to expose
sensitive information. (CVE-2022-29526)

It was discovered that Go did not properly generate the values for
ticket_age_add in session tickets. An attacker could possibly use this
issue to observe TLS handshakes to correlate successive connections by
comparing ticket ages during session resumption. (CVE-2022-30629)

It was discovered that Go did not properly manage client IP addresses in
net/http. An attacker could possibly use this issue to cause ReverseProxy
to set the client IP as the value of the X-Forwarded-For header.
(CVE-2022-32148)

It was discovered that Go did not properly validate backticks (`) as
Javascript string delimiters, and do not escape them as expected. An
attacker could possibly use this issue to inject arbitrary Javascript code
into the Go template. (CVE-2023-24538)
CVEs:

Assets 2

28 Apr 03:15

cf-bosh-ci-bot

ubuntu-jammy/v1.108

3e2492d

ubuntu jammy v1.108

Metadata:

BOSH Agent Version: 2.528.0

USNs:

Title: USN-6032-1: Linux kernel (OEM) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6032-1
Priorities: medium,low,negligible
Description:
Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an out-of-bounds write vulnerability. A local attacker
could use this to cause a denial of service (system crash).
(CVE-2022-36280)

Gerald Lee discovered that the USB Gadget file system implementation in the
Linux kernel contained a race condition, leading to a use-after-free
vulnerability in some situations. A local attacker could use this to cause
a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2022-4382)

It was discovered that a memory leak existed in the SCTP protocol
implementation in the Linux kernel. A local attacker could use this to
cause a denial of service (memory exhaustion). (CVE-2023-1074)

It was discovered that the RNDIS USB driver in the Linux kernel contained
an integer overflow vulnerability. A local attacker with physical access
could plug in a malicious USB device to cause a denial of service (system
crash) or possibly execute arbitrary code. (CVE-2023-23559)

It was discovered that the file system writeback functionality in the Linux
kernel contained a user-after-free vulnerability. A local attacker could
possibly use this to cause a denial of service (system crash) or execute
arbitrary code. (CVE-2023-26605)

It was discovered that the NTFS file system implementation in the Linux
kernel did not properly validate attributes in certain situations, leading
to an out-of-bounds read vulnerability. A local attacker could possibly use
this to expose sensitive information (kernel memory). (CVE-2023-26607)

Duoming Zhou discovered that a race condition existed in the infrared
receiver/transceiver driver in the Linux kernel, leading to a use-after-
free vulnerability. A privileged attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2023-1118)
CVEs:

Title: USN-6036-1: PatchELF vulnerability
URL: https://ubuntu.com/security/notices/USN-6036-1
Priorities: medium
Description:
It was discovered that PatchELF was not properly performing bounds
checks, which could lead to an out-of-bounds read via a specially
crafted file. An attacker could possibly use this issue to cause a
denial of service or to expose sensitive information. (CVE-2022-44940)
CVEs:

Title: USN-6033-1: Linux kernel (OEM) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6033-1
Priorities: high,medium,low,negligible
Description:
It was discovered that the Traffic-Control Index (TCINDEX) implementation
in the Linux kernel did not properly perform filter deactivation in some
situations. A local attacker could possibly use this to gain elevated
privileges. Please note that with the fix for this CVE, kernel support for
the TCINDEX classifier has been removed. (CVE-2023-1829)

William Zhao discovered that the Traffic Control (TC) subsystem in the
Linux kernel did not properly handle network packet retransmission in
certain situations. A local attacker could use this to cause a denial of
service (kernel deadlock). (CVE-2022-4269)

Thadeu Cascardo discovered that the io_uring subsystem contained a double-
free vulnerability in certain memory allocation error conditions. A local
attacker could possibly use this to cause a denial of service (system
crash). (CVE-2023-1032)

It was discovered that the TUN/TAP driver in the Linux kernel did not
properly initialize socket data. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-1076)

It was discovered that the Real-Time Scheduling Class implementation in the
Linux kernel contained a type confusion vulnerability in some situations. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-1077)

It was discovered that the ASUS HID driver in the Linux kernel did not
properly handle device removal, leading to a use-after-free vulnerability.
A local attacker with physical access could plug in a specially crafted USB
device to cause a denial of service (system crash). (CVE-2023-1079)

It was discovered that the io_uring subsystem in the Linux kernel did not
properly perform file table updates in some situations, leading to a null
pointer dereference vulnerability. A local attacker could use this to cause
a denial of service (system crash). (CVE-2023-1583)

It was discovered that the Xircom PCMCIA network device driver in the Linux
kernel did not properly handle device removal events. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2023-1670)

It was discovered that the APM X-Gene SoC hardware monitoring driver in the
Linux kernel contained a race condition, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or expose sensitive information (kernel memory).
(CVE-2023-1855)

It was discovered that a race condition existed in the Bluetooth HCI SDIO
driver, leading to a use-after-free vulnerability. A local attacker could
use this to cause a denial of service (system crash). (CVE-2023-1989)

It was discovered that the ST NCI NFC driver did not properly handle device
removal events. A physically proximate attacker could use this to cause a
denial of service (system crash). (CVE-2023-1990)

José Oliveira and Rodrigo Branco discovered that the Spectre Variant 2
mitigations with prctl syscall were insufficient in some situations. A
local attacker could possibly use this to expose sensitive information.
(CVE-2023-1998)

It was discovered that the BigBen Interactive Kids' gamepad driver in the
Linux kernel did not properly handle device removal, leading to a use-
after-free vulnerability. A local attacker with physical access could plug
in a specially crafted USB device to cause a denial of service (system
crash). (CVE-2023-25012)

It was discovered that a race condition existed in the TLS subsystem in the
Linux kernel, leading to a use-after-free or a null pointer dereference
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-28466)

It was discovered that the Bluetooth subsystem in the Linux kernel did not
properly initialize some data structures, leading to an out-of-bounds
access vulnerability in certain situations. An attacker could use this to
expose sensitive information (kernel memory). (CVE-2023-28866)

Reima Ishii discovered that the nested KVM implementation for Intel x86
processors in the Linux kernel did not properly validate control registers
in certain situations. An attacker in a guest VM could use this to cause a
denial of service (guest crash). (CVE-2023-30456)

Title: USN-6043-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6043-1
Priorities: high
Description:
It was discovered that the Traffic-Control Index (TCINDEX) implementation
in the Linux kernel did not properly perform filter deactivation in some
s...

Assets 2

21 Apr 00:58

cf-bosh-ci-bot

ubuntu-jammy/v1.105

6f99822

ubuntu jammy v1.105

Metadata:

BOSH Agent Version: 2.525.0

USNs:

Title: USN-6011-1: Json-smart vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6011-1
Priorities: medium
Description:
It was discovered that Json-smart incorrectly handled memory
when processing input containing unclosed quotes.
A remote attacker could possibly use this issue to cause
applications using Json-smart to crash, leading to a
denial of service. (CVE-2021-31684)

It was discovered that Json-smart incorrectly handled memory
when processing input containing unclosed brackets.
A remote attacker could possibly use this issue to cause
applications using Json-smart to crash, leading to a
denial of service. (CVE-2023-1370)
CVEs:

Title: USN-6026-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6026-1
Priorities: medium,low
Description:
It was discovered that Vim was incorrectly processing Vim buffers. An
attacker could possibly use this issue to perform illegal memory access and
expose sensitive information. This issue only affected Ubuntu 20.04 LTS.
(CVE-2021-4166)

It was discovered that Vim was using freed memory when dealing with regular
expressions inside a visual selection. If a user were tricked into opening a
specially crafted file, an attacker could crash the application, leading to a
denial of service, or possibly achieve code execution with user privileges.
This issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu
20.04 LTS. (CVE-2021-4192)

It was discovered that Vim was incorrectly handling virtual column position
operations, which could result in an out-of-bounds read. An attacker could
possibly use this issue to expose sensitive information. This issue only
affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2021-4193)

It was discovered that Vim was not properly performing bounds checks when
updating windows present on a screen, which could result in a heap buffer
overflow. An attacker could possibly use this issue to cause a denial of
service or execute arbitrary code. (CVE-2022-0213)

It was discovered that Vim was incorrectly performing read and write
operations when in visual block mode, going beyond the end of a line and
causing a heap buffer overflow. If a user were tricked into opening a
specially crafted file, an attacker could crash the application, leading to a
denial of service, or possibly achieve code execution with user privileges.
This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu
22.04 LTS. (CVE-2022-0261, CVE-2022-0318)

It was discovered that Vim was incorrectly handling window exchanging
operations when in Visual mode, which could result in an out-of-bounds read.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2022-0319)

It was discovered that Vim was incorrectly handling recursion when parsing
conditional expressions. An attacker could possibly use this issue to cause
a denial of service or execute arbitrary code. (CVE-2022-0351)

It was discovered that Vim was not properly handling memory allocation when
processing data in Ex mode, which could result in a heap buffer overflow.
An attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. (CVE-2022-0359)

It was discovered that Vim was not properly performing bounds checks when
executing line operations in Visual mode, which could result in a heap
buffer overflow. An attacker could possibly use this issue to cause a
denial of service or execute arbitrary code. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-0361,
CVE-2022-0368)

It was discovered that Vim was not properly handling loop conditions when
looking for spell suggestions, which could result in a stack buffer
overflow. An attacker could possibly use this issue to cause a denial of
service or execute arbitrary code. (CVE-2022-0408)

It was discovered that Vim was incorrectly handling memory access when
executing buffer operations, which could result in the usage of freed
memory. An attacker could possibly use this issue to execute arbitrary
code. (CVE-2022-0443)

It was discovered that Vim was incorrectly processing Vim buffers. An
attacker could possibly use this issue to perform illegal memory access and
expose sensitive information. (CVE-2022-0554)

It was discovered that Vim was not properly performing bounds checks for
column numbers when replacing tabs with spaces or spaces with tabs, which
could cause a heap buffer overflow. An attacker could possibly use this
issue to cause a denial of service or execute arbitrary code.
(CVE-2022-0572)

It was discovered that Vim was incorrectly processing Vim buffers. An
attacker could possibly use this issue to perform illegal memory access and
expose sensitive information. This issue only affected Ubuntu 20.04 LTS and
Ubuntu 22.04 LTS. (CVE-2022-0629)

It was discovered that Vim was not properly performing validation of data
that contained special multi-byte characters, which could cause an
out-of-bounds read. An attacker could possibly use this issue to cause a
denial of service. (CVE-2022-0685)

It was discovered that Vim was incorrectly processing data used to define
indentation in a file, which could cause a heap buffer overflow. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2022-0714)

It was discovered that Vim was incorrectly processing certain regular
expression patterns and strings, which could cause an out-of-bounds read.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2022-0729)

It was discovered that Vim incorrectly handled memory access. An attacker
could potentially use this issue to cause the corruption of sensitive
information, a crash, or arbitrary code execution. (CVE-2022-2207)
CVEs:

Title: USN-6012-1: Smarty vulnerability
URL: https://ubuntu.com/security/notices/USN-6012-1
Priorities: medium
Description:
It was discovered that Smarty incorrectly parsed blocks' names and
included files' names. A remote attacker with template writing permissions
could use this issue to execute arbitrary PHP code. (CVE-2022-29221)
CVEs:

Title: USN-6008-1: Exo vulnerability
URL: https://ubuntu.com/security/notices/USN-6008-1
Priorities: medium
Description:
It was discovered that Exo did not properly sanitized desktop files.
A remote attacker could possibly use this issue to to cause a crash or
arbitrary code execution.
CVEs:

https://ubuntu.com/security/CVE-2022-32278

Title: USN-6025-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6025-1
Priorities: high,medium
Description:
It was discovered that the Traffic-Control Index (TCINDEX) implementation
in the Linux kernel contained a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-1281)

It was discovered that the OverlayFS implementation in the Linux kernel did
not properly handle copy up operation in some conditions. A local attacker
could possibly use this to gain elevated privileges. (CVE-2023-0386)

Haowei Yan discovered that a race condition existed in the Layer 2
Tunneling Protocol (L2TP) implementation in the Linux kernel. A local
attacker could possibly use this to cause a denial of service (system
crash). (CVE-2022-4129)

It was discovered that the network queuing discipline implementation in the
Linux kernel contained a null pointer dereference in some situations. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2022-47929)

It was disco...

Assets 2

21 Apr 00:58

cf-bosh-ci-bot

ubuntu-bionic/v1.195

c6d6e07

ubuntu bionic v1.195

Metadata:

BOSH Agent Version: 2.525.0

USNs:

Title: USN-6022-1: Kamailio vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6022-1
Priorities: medium
Description:
It was discovered that Kamailio did not properly sanitize SIP messages under
certain circumstances. An attacker could use this vulnerability to cause a
denial of service or possibly execute arbitrary code. This issue only affected
Ubuntu 16.04 ESM and 18.04 ESM. (CVE-2018-16657)

It was discovered that Kamailio did not properly validate INVITE requests
under certain circumstances. An attacker could use this vulnerability to
cause a denial of service or possibly execute arbitrary code. (CVE-2020-27507)
CVEs:

It was discovered that Vim was incorrectly processing Vim buffers. An
attacker could possibly use this issue to perform illegal memory access and
expose sensitive information. (CVE-2022-0554)

Title: USN-6023-1: LibreOffice vulnerability
URL: https://ubuntu.com/security/notices/USN-6023-1
Priorities: low
Description:
It was discovered that LibreOffice may be configured to add an
empty entry to the Java class path. This may lead to run arbitrary
Java code from the current directory.
CVEs:

https://ubuntu.com/security/CVE-2022-38745

Title: LSN-0094-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0094-1
Priorities: high
Description:
Lin Ma discovered a race condition in the io_uring subsystem in the Linux
kernel, leading to a null pointer dereference vulnerability. A local
attacker could use this to cause a denial of service (system crash).(CVE-2023-0468)

It was discovered that the Traffic-Control Index (TCINDEX) implementation
in the Linux kernel contained a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code.(CVE-2023-1281)
CVEs:

Title: USN-6027-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6027-1
Priorities: high,medium,low
Description:
It was discovered that the Traffic-Control Index (TCINDEX) implementation
in the Linux kernel contained a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-1281)

Jiasheng Jiang discovered that the HSA Linux kernel driver for AMD Radeon
GPU devices did not properly validate memory allocation in certain
situations, leading to a null pointer dereference vulnerability. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2022-3108)

It was discovered that the in...

Assets 2

21 Apr 07:36

cf-bosh-ci-bot

ubuntu-bionic/v1.192

4387e30

ubuntu bionic v1.192

Metadata:

BOSH Agent Version: 2.524.0

USNs:

Title: USN-5971-1: Graphviz vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5971-1
Priorities: low,medium
Description:
It was discovered that graphviz contains null pointer dereference
vulnerabilities. Exploitation via a specially crafted input file can cause
a denial of service. This issue only affected Ubuntu 18.04 LTS.
(CVE-2018-10196)

It was discovered that graphviz contains null pointer dereference
vulnerabilities. Exploitation via a specially crafted input file can cause
a denial of service. These issues only affected Ubuntu 14.04 ESM and Ubuntu
18.04 LTS. (CVE-2019-11023)

It was discovered that graphviz contains a buffer overflow vulnerability.
Exploitation via a specially crafted input file can cause a denial of
service or possibly allow for arbitrary code execution. These issues only
affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2020-18032)
CVEs:

Title: USN-5973-1: url-parse vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5973-1
Priorities: medium,low
Description:
It was discovered that url-parse incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service, or to perform a server-side request forgery attack or open
redirect attack. (CVE-2018-3774)

It was discovered that url-parse incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to bypass input
validation. This issue was only fixed in Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2020-8124)

Yaniv Nizry discovered that url-parse incorrectly handled certain inputs.
If a user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service, or to perform a server-side request forgery attack or open
redirect attack. This issue was only fixed in Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2021-27515)

It was discovered that url-parse incorrectly handled certain inputs.
If a user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service, or to perform a server-side request forgery attack or open
redirect attack. This issue was only fixed in Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2021-3664)

It was discovered that url-parse incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to bypass
authorization. This issue was only fixed in Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2022-0512, CVE-2022-0639, CVE-2022-0691)

Rohan Sharma discovered that url-parse incorrectly handled certain inputs.
If a user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to bypass
authorization. This issue was only fixed in Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2022-0686)
CVEs:

Title: USN-5998-1: Apache Log4j vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5998-1
Priorities: medium,low
Description:
It was discovered that the SocketServer component of Apache Log4j 1.2
incorrectly handled deserialization. An attacker could possibly use this issue
to execute arbitrary code. This issue only affected Ubuntu 16.04 ESM.
(CVE-2019-17571)

It was discovered that the JMSSink component of Apache Log4j 1.2 incorrectly
handled deserialization. An attacker could possibly use this issue to execute
arbitrary code. (CVE-2022-23302)

It was discovered that Apache Log4j 1.2 incorrectly handled certain SQL
statements. A remote attacker could possibly use this issue to perform an SQL
injection attack and alter the database. This issue was only fixed in Ubuntu
18.04 LTS and Ubuntu 20.04 LTS. (CVE-2022-23305)

It was discovered that the Chainsaw component of Apache Log4j 1.2 incorrectly
handled deserialization. An attacker could possibly use this issue to execute
arbitrary code. This issue was only fixed in Ubuntu 18.04 LTS and Ubuntu 20.04
LTS. (CVE-2022-23307)
CVEs:

Title: USN-5997-1: IPMItool vulnerability
URL: https://ubuntu.com/security/notices/USN-5997-1
Priorities: medium
Description:
It was discovered that IPMItool was not properly checking the data received
from a remote LAN party. A remote attacker could possibly use this issue to
to cause a crash or arbitrary code execution.
CVEs:

https://ubuntu.com/security/CVE-2020-5208

Title: USN-6016-1: thenify vulnerability
URL: https://ubuntu.com/security/notices/USN-6016-1
Priorities: medium
Description:
It was discovered that thenify incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to execute
arbitrary code.
CVEs:

https://ubuntu.com/security/CVE-2020-7677

Title: USN-5999-1: trim-newlines vulnerability
URL: https://ubuntu.com/security/notices/USN-5999-1
Priorities: medium
Description:
It was discovered that trim-newlines incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service. (CVE-2021-33623)
CVEs:

Title: USN-5985-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5985-1
Priorities: low,medium
Description:
It was discovered that the System V IPC implementation in the Linux kernel
did not properly handle large shared memory counts. A local attacker could
use this to cause a denial of service (memory exhaustion). (CVE-2021-3669)

It was discovered that the KVM VMX implementation in the Linux kernel did
not properly handle indirect branch prediction isolation between L1 and L2
VMs. An attacker in a guest VM could use this to expose sensitive
information from the host OS or other guest VMs. (CVE-2022-2196)

Title: USN-5984-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5984-1
Priorities: low,medium
Description:
It was discovered that the System V IPC i...

Assets 2

12 Apr 19:12

cf-bosh-ci-bot

ubuntu-jammy/v1.102

cb597c6

ubuntu jammy v1.102

Metadata:

BOSH Agent Version: 2.523.0

USNs:

Title: USN-5995-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5995-1
Priorities: medium,low
Description:
It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possible execute arbitrary code. This
issue only affected Ubuntu 14.04 ESM, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,
and Ubuntu 22.04 LTS. (CVE-2022-0413, CVE-2022-1629, CVE-2022-1674,
CVE-2022-1733, CVE-2022-1735, CVE-2022-1785, CVE-2022-1796, CVE-2022-1851,
CVE-2022-1898, CVE-2022-1942, CVE-2022-1968, CVE-2022-2124, CVE-2022-2125,
CVE-2022-2126, CVE-2022-2129, CVE-2022-2175, CVE-2022-2183, CVE-2022-2206,
CVE-2022-2304, CVE-2022-2345, CVE-2022-2581)

It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possible execute arbitrary code. This
issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04
LTS. (CVE-2022-1720, CVE-2022-2571, CVE-2022-2845, CVE-2022-2849,
CVE-2022-2923)

It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possible execute arbitrary code. This
issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-1927,
CVE-2022-2344)

It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possible execute arbitrary code. This
issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS,
and Ubuntu 22.10. (CVE-2022-2946)

It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possible execute arbitrary code. This
issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10.
(CVE-2022-2980)
CVEs:

Title: USN-5987-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5987-1
Priorities: medium,low
Description:
It was discovered that the KVM VMX implementation in the Linux kernel did
not properly handle indirect branch prediction isolation between L1 and L2
VMs. An attacker in a guest VM could use this to expose sensitive
information from the host OS or other guest VMs. (CVE-2022-2196)

It was discovered that a use-after-free vulnerability existed in the SGI
GRU driver in the Linux kernel. A local attacker could possibly use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2022-3424)

Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux
kernel contained an out-of-bounds write vulnerability. A local attacker
could use this to cause a denial of service (system crash).
(CVE-2022-36280)

Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel did not
properly perform reference counting in some situations, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2022-41218)

It was discovered that the NTFS file system implementation in the Linux
kernel did not properly validate attributes in certain situations, leading
to an out-of-bounds write vulnerability. A local attacker could use this to
cause a denial of service (system crash). (CVE-2022-48423)

José Oliveira and Rodrigo Branco discovered that the prctl syscall
implementation in the Linux kernel did not properly protect against
indirect branch prediction attacks in some situations. A local attacker
could possibly use this to expose sensitive information. (CVE-2023-0045)

It was discovered that the KSMBD implementation in the Linux kernel did not
properly validate buffer lengths, leading to a heap-based buffer overflow.
A remote attacker could possibly use this to cause a denial of service
(system crash). (CVE-2023-0210)

It was discovered that a use-after-free vulnerability existed in the
Advanced Linux Sound Architecture (ALSA) subsystem. A local attacker could
use this to cause a denial of service (system crash). (CVE-2023-0266)

Kyle Zeng discovered that the class-based queuing discipline implementation
in the Linux kernel contained a type confusion vulnerability in some
situations. An attacker could use this to cause a denial of service (system
crash). (CVE-2023-23454)

Kyle Zeng discovered that the ATM VC queuing discipline implementation in
the Linux kernel contained a type confusion vulnerability in some
situations. An attacker could use this to cause a denial of service (system
crash). (CVE-2023-23455)

It was discovered that the NTFS file system implementation in the Linux
kernel did not properly handle a loop termination condition, leading to an
out-of-bounds read vulnerability. A local attacker could use this to cause
a denial of service (system crash) or possibly expose sensitive
information. (CVE-2023-26606)

Wei Chen discovered that the DVB USB AZ6027 driver in the Linux kernel
contained a null pointer dereference when handling certain messages from
user space. A local attacker could use this to cause a denial of service
(system crash). (CVE-2023-28328)
CVEs:

Assets 2

21 Apr 07:37

cf-bosh-ci-bot

ubuntu-bionic/v1.188

39d9709

ubuntu bionic v1.188

Metadata:

BOSH Agent Version: 2.517.0

USNs:

Title: USN-5953-1: IPython vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5953-1
Priorities: low,medium
Description:
It was discovered that IPython incorrectly processed REST API POST requests.
An attacker could possibly use this issue to launch a cross-site request
forgery (CSRF) attack and leak user's sensitive information. This issue
only affected Ubuntu 14.04 ESM. (CVE-2015-5607)

It was discovered that IPython did not properly manage cross user temporary
files. A local attacker could possibly use this issue to execute arbitrary
code. This issue only affected Ubuntu 18.04 ESM and Ubuntu 20.04 ESM.
(CVE-2022-21699)
CVEs:

Title: USN-5956-1: PHPMailer vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5956-1
Priorities: medium,low
Description:
Dawid Golunski discovered that PHPMailer was not properly escaping user
input data used as arguments to functions executed by the system shell. An
attacker could possibly use this issue to execute arbitrary code. This
issue only affected Ubuntu 16.04 ESM. (CVE-2016-10033, CVE-2016-10045)

It was discovered that PHPMailer was not properly escaping characters
in certain fields of the code_generator.php example code. An attacker
could possibly use this issue to conduct cross-site scripting (XSS)
attacks. This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 18.04
ESM. (CVE-2017-11503)

Yongxiang Li discovered that PHPMailer was not properly converting
relative paths provided as user input when adding attachments to messages,
which could lead to relative image URLs being treated as absolute local
file paths and added as attachments. An attacker could possibly use this
issue to access unauthorized resources and expose sensitive information.
This issue only affected Ubuntu 16.04 ESM. (CVE-2017-5223)

Sehun Oh discovered that PHPMailer was not properly processing untrusted
non-local file attachments, which could lead to an object injection. An
attacker could possibly use this issue to execute arbitrary code. This
issue only affected Ubuntu 16.04 ESM. (CVE-2018-19296)

Elar Lang discovered that PHPMailer was not properly escaping file
attachment names, which could lead to a misinterpretation of file types
by entities processing the message. An attacker could possibly use this
issue to bypass attachment filters. This issue was only fixed in Ubuntu
16.04 ESM and Ubuntu 20.04 ESM. (CVE-2020-13625)

It was discovered that PHPMailer was not properly handling callables in
its validateAddress function, which could result in untrusted code being
called should the global namespace contain a function called 'php'. An
attacker could possibly use this issue to execute arbitrary code. This
issue was only fixed in Ubuntu 20.04 ESM and Ubuntu 22.04 ESM.
(CVE-2021-3603)
CVEs:

Title: USN-5956-2: PHPMailer vulnerability
URL: https://ubuntu.com/security/notices/USN-5956-2
Priorities: low,medium
Description:
USN-5956-1 fixed vulnerabilities in PHPMailer. It was discovered that the
fix for CVE-2017-11503 was incomplete. This update fixes the problem.

Original advisory details:

Dawid Golunski discovered that PHPMailer was not properly escaping user
input data used as arguments to functions executed by the system shell. An
attacker could possibly use this issue to execute arbitrary code. This
issue only affected Ubuntu 16.04 ESM. (CVE-2016-10033, CVE-2016-10045)

Title: USN-5961-1: abcm2ps vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5961-1
Priorities: medium,low
Description:
It was discovered that abcm2ps incorrectly
handled memory when parsing specially crafted ABC files.
An attacker could use this issue to cause abcm2ps to crash,
leading to a denial of service, or possibly execute
arbitrary code. This issue only affected Ubuntu 16.04 ESM
and Ubuntu 18.04 LTS.
(CVE-2018-10753, CVE-2018-10771, CVE-2019-1010069)

Chiba of Topsec Alpha Lab discovered that abcm2ps incorrectly
handled memory when parsing specially crafted ABC files.
An attacker could use this issue to cause abcm2ps to crash,
leading to a denial of service.
(CVE-2021-32434, CVE-2021-32435, CVE-2021-32436)
CVEs:

Title: USN-5957-1: LibreCAD vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5957-1
Priorities: medium,low
Description:
Cody Sixteen discovered that LibreCAD incorrectly
handled memory when parsing DXF files. An attacker could
use this issue to cause LibreCAD to crash, leading to a
denial of service. This issue only affected
Ubuntu 16.04 ESM and Ubuntu 18.04 ESM. (CVE-2018-19105)

Lilith of Cisco Talos discovered that LibreCAD incorrectly
handled memory when parsing DWG files. An attacker could
use this issue to cause LibreCAD to crash, leading to a
denial of service, or possibly execute arbitrary code.
(CVE-2021-21898, CVE-2021-21899)

Lilith of Cisco Talos discovered that LibreCAD incorrectly
handled memory when parsing DRW files. An attacker could
use this issue to cause LibreCAD to crash, leading to a
denial of service, or possibly execute arbitrary code.
(CVE-2021-21900)

Albin Eldstål-Ahrens discovered that LibreCAD incorrectly
handled memory when parsing JWW files. An attacker could
use this issue to cause LibreCAD to crash, leading to a
denial of service, or possibly execute arbitrary code.
(CVE-2021-45341, CVE-2021-45342)

Albin Eldstål-Ahrens discovered that LibreCAD incorrectly
handled memory when parsing DXF files. An attacker could
use this issue to cause LibreCAD to crash, leading to a
denial of service. (CVE-2021-45343)
CVEs:

Assets 2

22 Mar 21:25

cf-bosh-ci-bot

ubuntu-jammy/v1.95

6d539bc

ubuntu jammy v1.95

Metadata:

BOSH Agent Version: 2.516.0

USNs:

Title: USN-5947-1: Twig vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5947-1
Priorities: medium
Description:
Fabien Potencier discovered that Twig was not properly enforcing sandbox
policies when dealing with objects automatically cast to strings by PHP.
An attacker could possibly use this issue to expose sensitive information.
This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 18.04 ESM.
(CVE-2019-9942)

Marlon Starkloff discovered that Twig was not properly enforcing closure
constraints in some of its array filtering functions. An attacker could
possibly use this issue to execute arbitrary code. This issue was only
fixed in Ubuntu 20.04 ESM. (CVE-2022-23614)

Dariusz Tytko discovered that Twig was not properly verifying input data
utilized when defining pathnames used to access files in a system. An
attacker could possibly use this issue to access unauthorized resources
and expose sensitive information. (CVE-2022-39261)
CVEs:

Title: USN-5945-1: Protocol Buffers vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5945-1
Priorities: low
Description:
It was discovered that Protocol Buffers did not properly validate field
com.google.protobuf.UnknownFieldSet in protobuf-java. An attacker could
possibly use this issue to perform a denial of service attack. This issue
only affected protobuf Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2021-22569)

It was discovered that Protocol Buffers did not properly parse certain
symbols. An attacker could possibly use this issue to cause a denial of
service or other unspecified impact. (CVE-2021-22570)

It was discovered that Protocol Buffers did not properly manage memory when
parsing specifically crafted messages. An attacker could possibly use this
issue to cause applications using protobuf to crash, resulting in a denial
of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,
Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-1941)
CVEs:

Title: USN-5946-1: XStream vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5946-1
Priorities: medium
Description:
Lai Han discovered that XStream incorrectly handled certain inputs.
If a user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a denial
of service. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2021-39140)

It was discovered that XStream incorrectly handled certain inputs. If
a user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to execute
arbitrary code. This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04
LTS. (CVE-2021-39139, CVE-2021-39141, CVE-2021-39144, CVE-2021-39145,
CVE-2021-39146, CVE-2021-39147, CVE-2021-39148, CVE-2021-39149,
CVE-2021-39151, CVE-2021-39153, CVE-2021-39154)

It was discovered that XStream incorrectly handled certain inputs. If
a user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to obtain
sensitive information. This issue only affected Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2021-39150, CVE-2021-39152)

Lai Han discovered that XStream incorrectly handled certain inputs.
If a user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a denial
of service. (CVE-2022-41966)
CVEs:

Title: USN-5944-1: SnakeYAML vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5944-1
Priorities: low,medium
Description:
It was discovere...

Assets 2

07 Mar 02:07

cf-bosh-ci-bot

ubuntu-jammy/v1.93

36f5320

ubuntu jammy v1.93

Metadata:

BOSH Agent Version: 2.514.0

USNs:

Title: USN-5882-1: DCMTK vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5882-1
Priorities: medium,low
Description:
Gjoko Krstic discovered that DCMTK incorrectly handled buffers. If a user or
an automated system were tricked into opening a certain specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-8979)

Omar Ganiev discovered that DCMTK incorrectly handled buffers. If a user or
an automated system were tricked into opening a certain specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service. This issue only affected Ubuntu 16.04 LTS and
Ubuntu 18.04 LTS. (CVE-2019-1010228)

Jinsheng Ba discovered that DCMTK incorrectly handled certain requests. If a
user or an automated system were tricked into opening a certain specially
crafted input file, a remote attacker could possibly use this issue to
cause a denial of service. This issue only affected Ubuntu 16.04 LTS,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2021-41687,
CVE-2021-41688, CVE-2021-41689, and CVE-2021-41690)

Sharon Brizinov and Noam Moshe discovered that DCMTK incorrectly handled
certain inputs. If a user or an automated system were tricked into opening
a certain specially crafted input file, a remote attacker could possibly use
this issue to execute arbitrary code. This issue only affected
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2022-2119 and CVE-2022-2120)

Sharon Brizinov and Noam Moshe discovered that DCMTK incorrectly handled
pointers. If a user or an automated system were tricked into opening a
certain specially crafted input file, a remote attacker could possibly use
this issue to cause a denial of service. This issue only affected
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2022-2121)

It was discovered that DCMTK incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a certain specially
crafted input file, a remote attacker could possibly use this issue to
cause a denial of service. This issue affected Ubuntu 16.04 LTS,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 22.10.
(CVE-2022-43272)
CVEs:

Title: USN-5904-1: SoX vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5904-1
Priorities: medium,low
Description:
Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS,
and Ubuntu 18.04 LTS. (CVE-2019-13590)

Helmut Grohne discovered that SoX incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service. (CVE-2021-23159, CVE-2021-23172, CVE-2021-23210,
CVE-2021-33844, CVE-2021-3643, CVE-2021-40426, CVE-2022-31650, and
CVE-2022-31651)
CVEs:

Title: USN-5889-1: ZoneMinder vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5889-1
Priorities: medium,high
Description:
It was discovered that ZoneMinder was not properly sanitizing URL
parameters for certain views. An attacker could possibly use this issue to
perform a cross-site scripting (XSS) attack. This issue was only fixed in
Ubuntu 16.04 ESM. (CVE-2019-6777)

It was discovered that ZoneMinder was not properly sanitizing stored user
input later printed to the user in certain views. An attacker could
possibly use this issue to perform a cross-site scripting (XSS) attack.
This issue was only fixed in Ubuntu 16.04 ESM. (CVE-2019-6990,
CVE-2019-6992)

It was discovered that ZoneMinder was not properly limiting data size and
not properly performing bound checks when processing username and password
data, which could lead to a stack buffer overflow. An attacker could
possibly use this issue to bypass authentication, cause a denial of
service or execute arbitrary code. This issue was only fixed in Ubuntu
16.04 ESM. (CVE-2019-6991)

It was discovered that ZoneMinder was not properly defining and filtering
data that was appended to the webroot URL of a view. An attacker could
possibly use this issue to perform cross-site scripting (XSS) attacks.
This issue was only fixed in Ubuntu 16.04 ESM and Ubuntu 20.04 ESM.
(CVE-2019-7325, CVE-2019-7329)

It was discovered that ZoneMinder was not properly sanitizing URL
parameters for certain views. An attacker could possibly use this issue to
perform a cross-site scripting (XSS) attack. This issue was only fixed in
Ubuntu 20.04 ESM. (CVE-2019-7327, CVE-2019-7328, CVE-2019-7330,
CVE-2019-7332)

It was discovered that ZoneMinder was not properly sanitizing user input
in the monitor editing view. An attacker could possibly use this issue to
perform a cross-site scripting (XSS) attack. This issue was only fixed in
Ubuntu 16.04 ESM and Ubuntu 20.04 ESM. (CVE-2019-7331)

It was discovered that ZoneMinder was not properly sanitizing data related
to file paths in a system. An attacker could possibly use this issue to
execute arbitrary code. (CVE-2022-29806)
CVEs:

It was discovered that ZoneMinder was not properly defining and filterin...

Assets 2

07 Mar 02:07

cf-bosh-ci-bot

ubuntu-bionic/v1.181

052c1d1

ubuntu bionic v1.181

Metadata:

BOSH Agent Version: 2.514.0

USNs:

Title: USN-5866-1: Nova vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5866-1
Priorities: low,medium
Description:
It was discovered that Nova did not properly manage data logged into the
log file. An attacker with read access to the service's logs could exploit
this issue and may obtain sensitive information. This issue only affected
Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2015-9543)

It was discovered that Nova did not properly handle attaching and
reattaching the encrypted volume. An attacker could possibly use this issue
to perform a denial of service attack. This issue only affected Ubuntu
16.04 ESM. (CVE-2017-18191)

It was discovered that Nova did not properly handle the updation of domain
XML after live migration. An attacker could possibly use this issue to
corrupt the volume or perform a denial of service attack. This issue only
affected Ubuntu 18.04 LTS. (CVE-2020-17376)

It was discovered that Nova was not properly validating the URL passed to
noVNC. An attacker could possibly use this issue by providing malicious URL
to the noVNC proxy to redirect to any desired URL. This issue only affected
Ubuntu 16.04 ESM and Ubuntu 18.04 LTS. (CVE-2021-3654)

It was discovered that Nova did not properly handle changes in the neutron
port of vnic_type type. An authenticated user could possibly use this issue
to perform a denial of service attack. This issue only affected Ubuntu
20.04 LTS. (CVE-2022-37394)
CVEs:

Title: USN-5864-1: Fig2dev vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5864-1
Priorities: negligible,low,medium
Description:
Frederic Cambus discovered that Fig2dev incorrectly handled certain image
files. If a user or an automated system were tricked into opening a certain
specially crafted input file, a remote attacker could possibly use this issue
to cause a denial of service. This issue only affected Ubuntu 18.04 LTS.
(CVE-2019-14275)

It was discovered that Fig2dev incorrectly handled certain image files. If
a user or an automated system were tricked into opening a certain specially
crafted input file, a remote attacker could possibly use this issue to cause
a denial of service. (CVE-2019-19555, CVE-2019-19797, CVE-2020-21529,
CVE-2020-21530, CVE-2020-21531, CVE-2020-21532, CVE-2020-21533,
CVE-2020-21534, CVE-2020-21535, CVE-2020-21675, CVE-2020-21676,
CVE-2021-3561)

Title: USN-5873-1: Go Text vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5873-1
Priorities: low,medium
Description:
It was discovered that Go Text incorrectly handled certain encodings. An
attacker could possibly use this issue to cause a denial of service. This
issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 ...

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Metadata:

USNs:

Metadata:

USNs:

Metadata:

USNs:

Metadata:

USNs:

Metadata:

USNs:

Metadata:

USNs:

Metadata:

USNs:

Metadata:

USNs:

Metadata:

USNs:

Metadata:

USNs:

Releases: cloudfoundry/bosh-linux-stemcell-builder

ubuntu bionic v1.201

Metadata:

USNs:

ubuntu jammy v1.108

Metadata:

USNs:

ubuntu jammy v1.105

Metadata:

USNs:

ubuntu bionic v1.195

Metadata:

USNs:

ubuntu bionic v1.192

Metadata:

USNs:

ubuntu jammy v1.102

Metadata:

USNs:

ubuntu bionic v1.188

Metadata:

USNs:

ubuntu jammy v1.95

Metadata:

USNs:

ubuntu jammy v1.93

Metadata:

USNs:

ubuntu bionic v1.181

Metadata:

USNs: