Skip to content

ubuntu bionic v1.174
Compare
Choose a tag to compare
@cf-bosh-ci-bot cf-bosh-ci-bot released this 09 Feb 01:56
ubuntu-bionic/v1.174
70ec389

Metadata:

BOSH Agent Version: 2.504.0

USNs:

Title: USN-5828-1: Kerberos vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5828-1
Priorities: medium
Description:
It was discovered that Kerberos incorrectly handled certain S4U2Self
requests. An attacker could possibly use this issue to cause a denial of
service. This issue was only addressed in Ubuntu 16.04 ESM and Ubuntu
18.04 LTS. (CVE-2018-20217)

Greg Hudson discovered that Kerberos PAC implementation incorrectly
handled certain parsing operations. A remote attacker could use this
issue to cause a denial of service, or possibly execute arbitrary code.
(CVE-2022-42898)
CVEs:

Title: USN-5806-2: Ruby vulnerability
URL: https://ubuntu.com/security/notices/USN-5806-2
Priorities: medium
Description:
USN-5806-1 fixed vulnerabilities in Ruby. This update fixes the problem
for Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.10.

Original advisory details:

Hiroshi Tokumaru discovered that Ruby did not properly handle certain
user input for applications which generate HTTP responses using cgi gem.
An attacker could possibly use this issue to maliciously modify the
response a user would receive from a vulnerable application.
CVEs:

Title: USN-5826-1: Privoxy vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5826-1
Priorities: medium
Description:
Joshua Rogers discovered that Privoxy incorrectly handled memory allocation. An
attacker could possibly use this issue to cause a denial of service. (CVE-2021-44540)

Artem Ivanov discovered that Privoxy incorrectly handled input validations. An
attacker could possibly use this issue to perform cross-site scripting (XSS) attacks.
(CVE-2021-44543)
CVEs:

Title: USN-5810-2: Git regression
URL: https://ubuntu.com/security/notices/USN-5810-2
Priorities: medium
Description:
USN-5810-1 fixed vulnerabilities in Git. This update introduced a regression as it
was missing some commit lines. This update fixes the problem.

Original advisory details:

Markus Vervier and Eric Sesterhenn discovered that Git incorrectly handled certain
gitattributes. An attacker could possibly use this issue to cause a crash
or execute arbitrary code. (CVE-2022-23521)

Joern Schneeweisz discovered that Git incorrectly handled certain commands.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. (CVE-2022-41903)
CVEs:

Title: USN-5818-1: PHP vulnerability
URL: https://ubuntu.com/security/notices/USN-5818-1
Priorities: medium
Description:
It was discovered that PHP incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code.
CVEs:

Title: USN-5817-1: Setuptools vulnerability
URL: https://ubuntu.com/security/notices/USN-5817-1
Priorities: medium
Description:
Sebastian Chnelik discovered that setuptools incorrectly handled
certain regex inputs. An attacker could possibly use this issue
to cause a denial of service.
CVEs:

Title: USN-5821-1: wheel vulnerability
URL: https://ubuntu.com/security/notices/USN-5821-1
Priorities: medium
Description:
Sebastian Chnelik discovered that wheel incorrectly handled
certain file names when validated against a regex expression.
An attacker could possibly use this issue to cause a
denial of service.
CVEs:

Title: USN-5833-1: python-future vulnerability
URL: https://ubuntu.com/security/notices/USN-5833-1
Priorities: medium
Description:
Sebastian Chnelik discovered that python-future incorrectly handled
certain HTTP header field. An attacker could possibly use this issue
to cause a denial of service.
CVEs:

Title: USN-5829-1: Linux kernel (Raspberry Pi) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5829-1
Priorities: high,medium
Description:
It was discovered that the NFSD implementation in the Linux kernel did not
properly handle some RPC messages, leading to a buffer overflow. A remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2022-43945)

Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation
in the Linux kernel contained multiple use-after-free vulnerabilities. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-42896)

It was discovered that the Xen netback driver in the Linux kernel did not
properly handle packets structured in certain ways. An attacker in a guest
VM could possibly use this to cause a denial of service (host NIC
availability). (CVE-2022-3643)

It was discovered that an integer overflow vulnerability existed in the
Bluetooth subsystem in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (system crash).
(CVE-2022-45934)
CVEs:

Title: USN-5830-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5830-1
Priorities: high,medium
Description:
It was discovered that the NFSD implementation in the Linux kernel did not
properly handle some RPC messages, leading to a buffer overflow. A remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2022-43945)

Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation
in the Linux kernel contained multiple use-after-free vulnerabilities. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-42896)

It was discovered that the Xen netback driver in the Linux kernel did not
properly handle packets structured in certain ways. An attacker in a guest
VM could possibly use this to cause a denial of service (host NIC
availability). (CVE-2022-3643)

It was discovered that an integer overflow vulnerability existed in the
Bluetooth subsystem in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (system crash).
(CVE-2022-45934)
CVEs:

Title: USN-5813-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5813-1
Priorities: high,medium
Description:
It was discovered that the NFSD implementation in the Linux kernel did not
properly handle some RPC messages, leading to a buffer overflow. A remote
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2022-43945)

Tamás Koczka discovered that the Bluetooth L2CAP handshake implementation
in the Linux kernel contained multiple use-after-free vulnerabilities. A
physically proximate attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2022-42896)

It was discovered that the Xen netback driver in the Linux kernel did not
properly handle packets structured in certain ways. An attacker in a guest
VM could possibly use this to cause a denial of service (host NIC
availability). (CVE-2022-3643)

It was discovered that an integer overflow vulnerability existed in the
Bluetooth subsystem in the Linux kernel. A physically proximate attacker
could use this to cause a denial of service (system crash).
(CVE-2022-45934)
CVEs:

Title: USN-5820-1: exuberant-ctags vulnerability
URL: https://ubuntu.com/security/notices/USN-5820-1
Priorities: medium
Description:
Lorenz Hipp discovered a flaw in exuberant-ctags handling of the tag
filename command-line argument. A crafted tag filename specified
in the command line or in the configuration file could result in
arbitrary command execution.
CVEs:

Title: USN-5824-1: Thunderbird vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5824-1
Priorities: medium,unknown
Description:
Multiple security issues were discovered in Thunderbird. If a user were
tricked into opening a specially crafted website in a browsing context, an
attacker could potentially exploit these to cause a denial of service,
obtain sensitive information, bypass security restrictions, cross-site
tracing, or execute arbitrary code. (CVE-2022-45403, CVE-2022-45404,
CVE-2022-45405, CVE-2022-45406, CVE-2022-45408, CVE-2022-45409,
CVE-2022-45410, CVE-2022-45411, CVE-2022-45418, CVE-2022-45420,
CVE-2022-45421, CVE-2022-46878, CVE-2022-46880, CVE-2022-46881,
CVE-2022-46882, CVE-2023-23605)

Armin Ebert discovered that Thunderbird did not properly manage memory
while resolving file symlink. If a user were tricked into opening a
specially crafted weblink, an attacker could potentially exploit these to
cause a denial of service. (CVE-2022-45412)

Sarah Jamie Lewis discovered that Thunderbird did not properly manage
network request while handling HTML emails with certain tags. If a user
were tricked into opening a specially HTML email, an attacker could
potentially exploit these issue and load remote content regardless of a
configuration to block remote content. (CVE-2022-45414)

Erik Kraft, Martin Schwarzl, and Andrew McCreight discovered that
Thunderbird incorrectly handled keyboard events. An attacker could possibly
use this issue to perform a timing side-channel attack and possibly figure
out which keys are being pressed. (CVE-2022-45416)

It was discovered that Thunderbird was using an out-of-date libusrsctp
library. An attacker could possibly use this library to perform a
reentrancy issue on Thunderbird. (CVE-2022-46871)

Nika Layzell discovered that Thunderbird was not performing a check on
paste received from cross-processes. An attacker could potentially
exploit this to obtain sensitive information. (CVE-2022-46872)

Matthias Zoellner discovered that Thunderbird was not keeping the filename
ending intact when using the drag-and-drop event. An attacker could
possibly use this issue to add a file with a malicious extension, leading
to execute arbitrary code. (CVE-2022-46874)

Hafiizh discovered that Thunderbird was not properly handling fullscreen
notifications when the window goes into fullscreen mode. An attacker could
possibly use this issue to spoof the user and obtain sensitive information.
(CVE-2022-46877)

Tom Schuster discovered that Thunderbird was not performing a validation
check on GTK drag data. An attacker could potentially exploits this to
obtain sensitive information. (CVE-2023-23598)

Vadim discovered that Thunderbird was not properly sanitizing a curl
command output when copying a network request from the developer tools
panel. An attacker could potentially exploits this to hide and execute
arbitrary commands. (CVE-2023-23599)

Luan Herrera discovered that Thunderbird was not stopping navigation when
dragging a URL from a cross-origin iframe into the same tab. An attacker
potentially exploits this to spoof the user. (CVE-2023-23601)

Dave Vandyke discovered that Thunderbird did not properly implement CSP
policy when creating a WebSocket in a WebWorker. An attacker who was able
to inject markup into a page otherwise protected by a Content Security
Policy may have been able to inject an executable script. (CVE-2023-23602)

Dan Veditz discovered that Thunderbird did not properly implement CSP
policy on regular expression when using console.log. An attacker
potentially exploits this to exfiltrate data. (CVE-2023-23603)

It was discovered that Thunderbird did not properly check the Certificate
OCSP revocation status when verifying S/Mime signatures. An attacker could
possibly use this issue to bypass signature validation check by sending
email signed with a revoked certificate. (CVE-2023-0430)
CVEs:

Title: USN-5844-1: OpenSSL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5844-1
Priorities: high,medium
Description:
David Benjamin discovered that OpenSSL incorrectly handled X.400 address
processing. A remote attacker could possibly use this issue to read
arbitrary memory contents or cause OpenSSL to crash, resulting in a denial
of service. (CVE-2023-0286)

Corey Bonnell discovered that OpenSSL incorrectly handled X.509 certificate
verification. A remote attacker could possibly use this issue to cause
OpenSSL to crash, resulting in a denial of service. This issue only
affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2022-4203)

Hubert Kario discovered that OpenSSL had a timing based side channel in the
OpenSSL RSA Decryption implementation. A remote attacker could possibly use
this issue to recover sensitive information. (CVE-2022-4304)

Dawei Wang discovered that OpenSSL incorrectly handled parsing certain PEM
data. A remote attacker could possibly use this issue to cause OpenSSL to
crash, resulting in a denial of service. (CVE-2022-4450)

Octavio Galland and Marcel Böhme discovered that OpenSSL incorrectly
handled streaming ASN.1 data. A remote attacker could use this issue to
cause OpenSSL to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2023-0215)

Marc Schönefeld discovered that OpenSSL incorrectly handled malformed PKCS7
data. A remote attacker could possibly use this issue to cause OpenSSL to
crash, resulting in a denial of service. This issue only affected Ubuntu
22.04 LTS and Ubuntu 22.10. (CVE-2023-0216)

Kurt Roeckx discovered that OpenSSL incorrectly handled validating certain
DSA public keys. A remote attacker could possibly use this issue to cause
OpenSSL to crash, resulting in a denial of service. This issue only
affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-0217)

Hubert Kario and Dmitry Belyavsky discovered that OpenSSL incorrectly
validated certain signatures. A remote attacker could possibly use this
issue to cause OpenSSL to crash, resulting in a denial of service. This
issue only affected Ubuntu 22.04 LTS and Ubuntu 22.10. (CVE-2023-0401)
CVEs:

Title: USN-5823-1: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5823-1
Priorities: medium
Description:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to 8.0.32 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and
Ubuntu 22.10. Ubuntu 18.04 LTS has been updated to MySQL 5.7.41.

In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.

Please see the following for more information:

https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-41.html
https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-32.html
https://www.oracle.com/security-alerts/cpujan2023.html
CVEs:

Title: USN-5816-1: Firefox vulnerabilities
URL: https://ubuntu.com/security/notices/USN-5816-1
Priorities: medium
Description:
Niklas Baumstark discovered that a compromised web child process of Firefox
could disable web security opening restrictions, leading to a new child
process being spawned within the file:// context. An attacker could
potentially exploits this to obtain sensitive information. (CVE-2023-23597)

Tom Schuster discovered that Firefox was not performing a validation check
on GTK drag data. An attacker could potentially exploits this to obtain
sensitive information. (CVE-2023-23598)

Vadim discovered that Firefox was not properly sanitizing a curl command
output when copying a network request from the developer tools panel. An
attacker could potentially exploits this to hide and execute arbitrary
commands. (CVE-2023-23599)

Luan Herrera discovered that Firefox was not stopping navigation when
dragging a URL from a cross-origin iframe into the same tab. An attacker
potentially exploits this to spoof the user. (CVE-2023-23601)

Dave Vandyke discovered that Firefox did not properly implement CSP policy
when creating a WebSocket in a WebWorker. An attacker who was able to
inject markup into a page otherwise protected by a Content Security Policy
may have been able to inject an executable script. (CVE-2023-23602)

Dan Veditz discovered that Firefox did not properly implement CSP policy
on regular expression when using console.log. An attacker potentially
exploits this to exfiltrate data from the browser. (CVE-2023-23603)

Nika Layzell discovered that Firefox was not performing a validation check
when parsing a non-system html document via DOMParser::ParseFromSafeString.
An attacker potentially exploits this to bypass web security checks.
(CVE-2023-23604)

Multiple security issues were discovered in Firefox. If a user were
tricked into opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, obtain sensitive
information across domains, or execute arbitrary code. (CVE-2023-23605,
CVE-2023-23606)
CVEs:

Title: USN-5837-1: Django vulnerability
URL: https://ubuntu.com/security/notices/USN-5837-1
Priorities: medium
Description:
Nick Pope discovered that Django incorrectly handled certain
Accept-Language headers. A remote attacker could possibly use this issue to
cause Django to consume memory, leading to a denial of service.
CVEs:

Assets 2
Loading