Releases · cloudfoundry/bosh-linux-stemcell-builder

08 Nov 19:59

cf-bosh-ci-bot

ubuntu-jammy/v1.289

44ce99d

ubuntu jammy v1.289

Metadata:

BOSH Agent Version: 2.600.0

USNs:

Title: USN-6452-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6452-1
Priorities:
Description:
It was discovered that Vim could be made to divide by zero. An attacker
could possibly use this issue to cause a denial of service. This issue
only affected Ubuntu 23.04. (CVE-2023-3896)

It was discovered that Vim did not properly manage memory. An attacker
could possibly use this issue to cause a denial of service or execute
arbitrary code. (CVE-2023-4733, CVE-2023-4750)

It was discovered that Vim contained an arithmetic overflow. An attacker
could possibly use this issue to cause a denial of service. This issue
only affected Ubuntu 22.04 LTS, Ubuntu 23.04, and Ubuntu 23.10.
(CVE-2023-4734)

It was discovered that Vim could be made to write out of bounds. An
attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. (CVE-2023-4735, CVE-2023-5344)

It was discovered that Vim could be made to write out of bounds. An
attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. This issue only affected Ubuntu 23.04 and Ubuntu
23.10. (CVE-2023-4738)

It was discovered that Vim did not properly manage memory. An attacker
could possibly use this issue to cause a denial of service or execute
arbitrary code. This issue only affected Ubuntu 20.04 LTS, Ubuntu 22.04
LTS, Ubuntu 23.04, and Ubuntu 23.10. (CVE-2023-4752, CVE-2023-5535)

It was discovered that Vim could be made to dereference invalid memory. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2023-5441)
CVEs:

Title: USN-6362-2: .Net regressions
URL: https://ubuntu.com/security/notices/USN-6362-2
Priorities: unknown,medium
Description:
USN-6362-1 fixed vulnerabilities in .Net. It was discovered that the fix
for CVE-2023-36799 was incomplete. This update fixes the problem.

Original advisory details:

Kevin Jones discovered that .NET did not properly process certain
X.509 certificates. An attacker could possibly use this issue to
cause a denial of service.
CVEs:

https://ubuntu.com/security/<a href="/security/CVE-2023-36799">CVE-2023-36799</a>"><a href="/security/CVE-2023-36799
https://ubuntu.com/security/CVE-2023-36799

Title: USN-6449-1: FFmpeg vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6449-1
Priorities: medium
Description:
It was discovered that FFmpeg incorrectly managed memory resulting
in a memory leak. An attacker could possibly use this issue to cause
a denial of service via application crash. This issue only
affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-22038)

It was discovered that FFmpeg incorrectly handled certain input files,
leading to an integer overflow. An attacker could possibly use this issue
to cause a denial of service via application crash. This issue only
affected Ubuntu 20.04 LTS. (CVE-2020-20898, CVE-2021-38090,
CVE-2021-38091, CVE-2021-38092, CVE-2021-38093, CVE-2021-38094)

It was discovered that FFmpeg incorrectly managed memory, resulting in
a memory leak. If a user or automated system were tricked into
processing a specially crafted input file, a remote attacker could
possibly use this issue to cause a denial of service, or execute
arbitrary code. (CVE-2022-48434)
CVEs:

Title: USN-6457-1: Node.js vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6457-1
Priorities: high,medium
Description:
Tavis Ormandy discovered that Node.js incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to cause a
denial of service. (CVE-2022-0778)

Elison Niven discovered that Node.js incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to execute
arbitrary code. (CVE-2022-1292)

Chancen and Daniel Fiala discovered that Node.js incorrectly handled certain
inputs. If a user or an automated system were tricked into opening a specially
crafted input file, a remote attacker could possibly use this issue to execute
arbitrary code. (CVE-2022-2068)

Alex Chernyakhovsky discovered that Node.js incorrectly handled certain
inputs. If a user or an automated system were tricked into opening a specially
crafted input file, a remote attacker could possibly use this issue to execute
arbitrary code. (CVE-2022-2097)
CVEs:

Title: USN-6458-1: Slurm vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6458-1
Priorities: high,medium
Description:
It was discovered that Slurm did not properly handle credential
management, which could allow an unprivileged user to impersonate the
SlurmUser account. An attacker could possibly use this issue to execute
arbitrary code as the root user. (CVE-2022-29500)

It was discovered that Slurm did not properly handle access control when
dealing with RPC traffic through PMI2 and PMIx, which could allow an
unprivileged user to send data to an arbitrary unix socket in the host.
An attacker could possibly use this issue to execute arbitrary code as
the root user. (CVE-2022-29501)

It was discovered that Slurm did not properly handle validation logic when
processing input and output data with the srun client, which could lead to
the interception of process I/O. An attacker could possibly use this issue
to expose sensitive information or execute arbitrary code. This issue only
affected Ubuntu 22.04 LTS. (CVE-2022-29502)
CVEs:

Title: USN-6466-1: Linux kernel (NVIDIA) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6466-1
Priorities: low,medium,high
Description:
Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel
contained a race condition during device removal, leading to a use-after-
free vulnerability. A physically proximate attacker could use this to cause
a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2022-45886, CVE-2022-45919)

Hyunwoo Kim discovered that the Technotrend/Hauppauge USB DEC driver in the
Linux kernel did not properly handle device removal events. A physically
proximate attacker could use this to cause a denial of service (system
crash). (CVE-2022-45887)

It was discovered that the NTFS file system implementation in the Linux
kernel did not properly validate MFT flags in certain situations. An
attacker could use this to construct a malicious NTFS image that, when
mounted and operated on, could cause a denial of service (system crash).
(CVE-2022-48425)

It was discovered that the IPv6 implementation in the Linux kernel
contained a high rate of hash collisions in connection lookup table. A
remote attacker could use this to cause a denial of service (excessive CPU
consumption). (CVE-2023-1206)

Daniel Trujillo, Johannes Wikner, and Kaveh Razavi discovered that some AMD
processors utilising speculative execution and branch prediction may allow
unauthorised memory reads via a speculative side-channel attack. A local
attacker could use this to expose sensitive information, including kernel
memory. (CVE-2023-20569)

Jana Hofmann, Emanuele Vannacci, Cedric Fournet, Boris Kopf, and Oleksii
Oleksenko discovered that some AMD processors could leak stale data from
division operations in certain situations. A local attacker could possibly
use this to expose sensitive information. (CVE-2023-20588)

It was discovered that the ARM64 KVM implementation in the Linux kernel did
not properly restrict hypervisor memory access. An attacker in a guest VM
could use this to execute arbitrary code in the ...

Assets 2

11 Oct 18:53

cf-bosh-ci-bot

ubuntu-jammy/v1.260

2feb4e1

ubuntu jammy v1.260

Metadata:

BOSH Agent Version: 2.592.0

USNs:

Title: USN-6420-1: Vim vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6420-1
Priorities: medium,low
Description:
It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possibly execute arbitrary code. This
issue only affected Ubuntu 22.04 LTS. (CVE-2022-3235, CVE-2022-3278,
CVE-2022-3297, CVE-2022-3491)

It was discovered that Vim incorrectly handled memory when opening certain
files. If an attacker could trick a user into opening a specially crafted
file, it could cause Vim to crash, or possibly execute arbitrary code. This
issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04
LTS. (CVE-2022-3352, CVE-2022-4292)

It was discovered that Vim incorrectly handled memory when replacing in
virtualedit mode. An attacker could possibly use this issue to cause a
denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04
LTS, and Ubuntu 22.04 LTS. (CVE-2022-3234)

It was discovered that Vim incorrectly handled memory when autocmd changes
mark. An attacker could possibly use this issue to cause a denial of
service. (CVE-2022-3256)

It was discovered that Vim did not properly perform checks on array index
with negative width window. An attacker could possibly use this issue to
cause a denial of service, or execute arbitrary code. (CVE-2022-3324)

It was discovered that Vim did not properly perform checks on a put command
column with a visual block. An attacker could possibly use this issue to
cause a denial of service. This issue only affected Ubuntu 20.04 LTS, and
Ubuntu 22.04 LTS. (CVE-2022-3520)

It was discovered that Vim incorrectly handled memory when using autocommand
to open a window. An attacker could possibly use this issue to cause a
denial of service. (CVE-2022-3591)

It was discovered that Vim incorrectly handled memory when updating buffer
of the component autocmd handler. An attacker could possibly use this issue
to cause a denial of service. This issue only affected Ubuntu 20.04 LTS,
and Ubuntu 22.04 LTS. (CVE-2022-3705)

It was discovered that Vim incorrectly handled floating point comparison
with incorrect operator. An attacker could possibly use this issue to cause
a denial of service. This issue only affected Ubuntu 20.04 LTS. and Ubuntu
22.04 LTS. (CVE-2022-4293)
CVEs:

Title: USN-6412-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6412-1
Priorities: low,medium,high
Description:
Hyunwoo Kim discovered that the DVB Core driver in the Linux kernel
contained a race condition during device removal, leading to a use-after-
free vulnerability. A physically proximate attacker could use this to cause
a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2022-45886, CVE-2022-45919)

It was discovered that the IPv6 RPL protocol implementation in the Linux
kernel did not properly handle user-supplied data. A remote attacker could
use this to cause a denial of service (system crash). (CVE-2023-2156)

Yang Lan discovered that the GFS2 file system implementation in the Linux
kernel could attempt to dereference a null pointer in some situations. An
attacker could use this to construct a malicious GFS2 image that, when
mounted and operated on, could cause a denial of service (system crash).
(CVE-2023-3212)

It was discovered that the KSMBD implementation in the Linux kernel did not
properly validate buffer sizes in certain operations, leading to an integer
underflow and out-of-bounds read vulnerability. A remote attacker could use
this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2023-38427)

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel
did not properly validate packet header sizes in certain situations,
leading to an out-of-bounds read vulnerability. A remote attacker could use
this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2023-38431)

Andy Nguyen discovered that the KVM implementation for AMD processors in
the Linux kernel with Secure Encrypted Virtualization (SEV) contained a
race condition when accessing the GHCB page. A local attacker in a SEV
guest VM could possibly use this to cause a denial of service (host system
crash). (CVE-2023-4155)

It was discovered that the TUN/TAP driver in the Linux kernel did not
properly initialize socket data. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-4194)

Maxim Suhanov discovered that the exFAT file system implementation in the
Linux kernel did not properly check a file name length, leading to an out-
of-bounds write vulnerability. An attacker could use this to construct a
malicious exFAT image that, when mounted and operated on, could cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-4273)
CVEs:

Title: USN-6416-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6416-1
Priorities: medium,high,low
Description:
It was discovered that the IPv6 implementation in the Linux kernel
contained a high rate of hash collisions in connection lookup table. A
remote attacker could use this to cause a denial of service (excessive CPU
consumption). (CVE-2023-1206)

Davide Ornaghi discovered that the DECnet network protocol implementation
in the Linux kernel contained a null pointer dereference vulnerability. A
remote attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. Please note that kernel support for the
DECnet has been remove...

Assets 2

04 Oct 21:48

cf-bosh-ci-bot

ubuntu-jammy/v1.250

ca44cbd

ubuntu jammy v1.250

Metadata:

BOSH Agent Version: 2.588.0

USNs:

Title: USN-6398-1: ReadyMedia vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6398-1
Priorities: medium
Description:
It was discovered that ReadyMedia was vulnerable to DNS rebinding attacks.
A remote attacker could possibly use this issue to trick the local DLNA
server to leak information. This issue only affected Ubuntu 16.04 LTS,
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-26505)

It was discovered that ReadyMedia incorrectly handled certain HTTP requests
using chunked transport encoding. A remote attacker could possibly use this
issue to cause buffer overflows, resulting in out-of-bounds reads and writes.
(CVE-2023-33476)
CVEs:

Title: USN-6385-1: Linux kernel (OEM) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6385-1
Priorities: medium,high,low
Description:
It was discovered that some AMD x86-64 processors with SMT enabled could
speculatively execute instructions using a return address from a sibling
thread. A local attacker could possibly use this to expose sensitive
information. (CVE-2022-27672)

William Zhao discovered that the Traffic Control (TC) subsystem in the
Linux kernel did not properly handle network packet retransmission in
certain situations. A local attacker could use this to cause a denial of
service (kernel deadlock). (CVE-2022-4269)

Jordy Zomer and Alexandra Sandulescu discovered that syscalls invoking the
do_prlimit() function in the Linux kernel did not properly handle
speculative execution barriers. A local attacker could use this to expose
sensitive information (kernel memory). (CVE-2023-0458)

It was discovered that the TLS subsystem in the Linux kernel contained a
type confusion vulnerability in some situations. A local attacker could use
this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2023-1075)

It was discovered that the TUN/TAP driver in the Linux kernel did not
properly initialize socket data. A local attacker could use this to cause a
denial of service (system crash). (CVE-2023-1076, CVE-2023-4194)

It was discovered that the Broadcom FullMAC USB WiFi driver in the Linux
kernel did not properly perform data buffer size validation in some
situations. A physically proximate attacker could use this to craft a
malicious USB device that when inserted, could cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2023-1380)

It was discovered that a race condition existed in the btrfs file system
implementation in the Linux kernel, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2023-1611)

Ruihan Li discovered that the bluetooth subsystem in the Linux kernel did
not properly perform permissions checks when handling HCI sockets. A
physically proximate attacker could use this to cause a denial of service
(bluetooth communication). (CVE-2023-2002)

Tavis Ormandy discovered that some AMD processors did not properly handle
speculative execution of certain vector register instructions. A local
attacker could use this to expose sensitive information. (CVE-2023-20593)

It was discovered that a use-after-free vulnerability existed in the iSCSI
TCP implementation in the Linux kernel. A local attacker could possibly use
this to cause a denial of service (system crash). (CVE-2023-2162)

Juan Jose Lopez Jaimez, Meador Inge, Simon Scannell, and Nenad Stojanovski
discovered that the BPF verifier in the Linux kernel did not properly mark
registers for precision tracking in certain situations, leading to an out-
of-bounds access vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-2163)

It was discovered that the perf subsystem in the Linux kernel contained a
use-after-free vulnerability. A privileged local attacker could possibly
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-2235)

Zheng Zhang discovered that the device-mapper implementation in the Linux
kernel did not properly handle locking during table_clear() operations. A
local attacker could use this to cause a denial of service (kernel
deadlock). (CVE-2023-2269)

Wei Chen discovered that the DVB USB AZ6027 driver in the Linux kernel
contained a null pointer dereference when handling certain messages from
user space. A local attacker could use this to cause a denial of service
(system crash). (CVE-2023-28328)

It was discovered that a race condition existed in the TLS subsystem in the
Linux kernel, leading to a use-after-free or a null pointer dereference
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-28466)

It was discovered that a race condition existed in the f2fs file system in
the Linux kernel, leading to a null pointer dereference vulnerability. An
attacker could use this to construct a malicious f2fs image that, when
mounted and operated on, could cause a denial of service (system crash).
(CVE-2023-2898)

It was discovered that the IP-VLAN network driver for the Linux kernel did
not properly initialize memory in some situations, leading to an out-of-
bounds write vulnerability. An attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2023-3090)

It was discovered that the Ricoh R5C592 MemoryStick card reader driver in
the Linux kernel contained a race condition during module unload, leading
to a use-after-free vulnerability. A local attacker could use this to cause
a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-3141)

Gwangun Jung discovered that the Quick Fair Queueing scheduler
implementation in the Linux kernel contained an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-31436)

It was discovered that the Qualcomm MSM DPU driver in the Linux kernel did
not properly validate memory allocations in certain situations, leading to
a null pointer dereference vulnerability. A local attacker could use this
to cause a denial of service (system crash). (CVE-2023-3220)

It was discovered that the NET/ROM protocol implementation in the Linux
kernel contained a race condition in some situations, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2023-32269)

It was discovered that the netfilter subsystem in the Linux kernel did not
properly handle some error conditions, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-3390)

It was discovered that the universal 32bit network packet classifier
implementation in the Linux kernel did not properly perform reference
counting in some situations, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-3609)

It was discovered that the netfilter subsystem in the Linux kernel did not
properly handle certain error conditions, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-3610)

It was discovered that the Quick Fair Queueing network scheduler
implementation in the Linux kernel contained an out-of-bounds write
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-3611)

It was discovered that the network packet classifier with
netfilter/firewall marks implementation in the Linux kernel did not
properly handle reference counting, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-3776)

Kevin Rich discovered that the netfilter subsystem in the Linux kernel did
not properly handle table rules flush in certain circumstances. A local
attacker could possibly use this to cause a denial of service (system
crash) or execute arbitrary code. (CVE-2023-3777)

It was discovered that the NFC implementation in the Linux kernel contained
a use-after-free vulnerability when performing peer-to-peer communication
in certain conditions. A privileged attacker could use this to cause a
denial of service (system crash) or possibly expose sensitive information
(kernel memory). (CVE-2023-3863)

Kevin Rich discovered that the netfilter subsystem in the Linux kernel did
not properly handle rule additions to bound chains in certain
circumstances. A local attacker could possibly use this to cause a denial
of service (system crash) or execute arbitrary code. (CVE-2023-3995)

It was discovered that the netfilter subsystem in the Linux kernel did not
properly handle PIPAPO element removal, leading to a use-after-free
vulnerability. A local attacker could possibly use this to cause a denial
of service (system crash) or execute arbitr...

Assets 2

20 Sep 15:52

cf-bosh-ci-bot

ubuntu-jammy/v1.232

7e046be

ubuntu jammy v1.232

Metadata:

BOSH Agent Version: 2.581.0

USNs:

Title: USN-6360-1: FLAC vulnerability
URL: https://ubuntu.com/security/notices/USN-6360-1
Priorities: medium
Description:
It was discovered that FLAC incorrectly handled encoding certain files. A
remote attacker could use this issue to cause FLAC to crash, resulting in a
denial of service, or possibly execute arbitrary code.
CVEs:

https://ubuntu.com/security/CVE-2020-22219

Title: USN-6355-1: GRUB2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6355-1
Priorities: medium,low
Description:
Daniel Axtens discovered that specially crafted images could cause a
heap-based out-of-bonds write. A local attacker could possibly use
this to circumvent secure boot protections. (CVE-2021-3695)

Daniel Axtens discovered that specially crafted images could cause
out-of-bonds read and write. A local attacker could possibly use this
to circumvent secure boot protections. (CVE-2021-3696)

Daniel Axtens discovered that specially crafted images could cause
buffer underwrite which allows arbitrary data to be written to a heap.
A local attacker could possibly use this to circumvent secure
boot protections. (CVE-2021-3697)

It was discovered that GRUB2 configuration files were created with
the wrong permissions. An attacker could possibly use this to leak
encrypted passwords. (CVE-2021-3981)

Daniel Axtens discovered that specially crafted IP packets could cause
an integer underflow and write past the end of a bugger. An attacker
could possibly use this to circumvent secure boot protections.
(CVE-2022-28733)

Daniel Axtens discovered that specially crafted HTTP headers can cause
an out-of-bounds write of a NULL byte. An attacker could possibly use
this to corrupt GRUB2's internal data. (CVE-2022-28734)

Julian Andres Klode discovered that GRUB2 shim_lock allowed non-
kernel files to be loaded. A local attack could possibly use this to
circumvent secure boot protections. (CVE-2022-28735)

Chris Coulson discovered that executing chainloaders more than once
caused a use-after-free vulnerability. A local attack could possibly
use this to circumvent secure boot protections. (CVE-2022-28736)

Chris Coulson discovered that specially crafted executables could
cause shim to make out-of-bound writes. A local attack could possibly
use this to circumvent secure boot protections. (CVE-2022-28737)

Zhang Boyang discovered that specially crafted unicode sequences
could lead to an out-of-bounds write to a heap. A local attacker could
possibly use this to circumvent secure boot protections.
(CVE-2022-3775)
CVEs:

Title: USN-6370-1: ModSecurity vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6370-1
Priorities: medium
Description:
It was discovered that ModSecurity incorrectly handled certain nested JSON
objects. An attacker could possibly use this issue to cause a denial
of service. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS
and Ubuntu 20.04 LTS. (CVE-2021-42717)

It was discovered that ModSecurity incorrectly handled certain HTTP
multipart requests. A remote attacker could possibly use this issue
to bypass ModSecurity restrictions. (CVE-2022-48279)

It was discovered that ModSecurity incorrectly handled certain file
uploads. A remote attacker could possibly use this issue to cause a
buffer overflow and a firewall failure. This issue only affected
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
(CVE-2023-24021)
CVEs:

It was discovered that the Ricoh R5C592 M...

Assets 2

07 Sep 18:59

cf-bosh-ci-bot

ubuntu-jammy/v1.222

3244e87

ubuntu jammy v1.222

Metadata:

BOSH Agent Version: 2.578.0

USNs:

Title: USN-6336-1: Docker Registry vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6336-1
Priorities: low,medium
Description:
It was discovered that Docker Registry incorrectly handled certain crafted
input, which allowed remote attackers to cause a denial of service. This
issue only affected Ubuntu 16.04 LTS. (CVE-2017-11468)

It was discovered that Docker Registry incorrectly handled certain crafted
input. An attacker could possibly use this issue to cause a denial of
service. (CVE-2017-11468)
CVEs:

Title: USN-6306-1: Fast DDS vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6306-1
Priorities: medium
Description:
It was discovered that Fast DDS incorrectly handled certain inputs.
A remote attacker could possibly use this issue to cause a denial of
service and information exposure. This issue only affected Ubuntu
22.04 LTS. (CVE-2021-38425)

It was discovered that Fast DDS incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash.
(CVE-2023-39534, CVE-2023-39945, CVE-2023-39946, CVE-2023-39947,
CVE-2023-39948, CVE-2023-39949)
CVEs:

Title: USN-6332-1: Linux kernel (Azure) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6332-1
Priorities: medium,low,high
Description:
Daniel Moghimi discovered that some Intel(R) Processors did not properly
clear microarchitectural state after speculative execution of various
instructions. A local unprivileged user could use this to obtain to
sensitive information. (CVE-2022-40982)

It was discovered that the NTFS file system implementation in the Linux
kernel did not properly check buffer indexes in certain situations, leading
to an out-of-bounds read vulnerability. A local attacker could possibly use
this to expose sensitive information (kernel memory). (CVE-2022-48502)

Seth Jenkins discovered that the Linux kernel did not properly perform
address randomization for a per-cpu memory management structure. A local
attacker could use this to expose sensitive information (kernel memory) or
in conjunction with another kernel vulnerability. (CVE-2023-0597)

It was discovered that the APM X-Gene SoC hardware monitoring driver in the
Linux kernel contained a race condition, leading to a use-after-free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or expose sensitive information (kernel memory).
(CVE-2023-1855)

It was discovered that the ST NCI NFC driver did not properly handle device
removal events. A physically proximate attacker could use this to cause a
denial of service (system crash). (CVE-2023-1990)

It was discovered that the XFS file system implementation in the Linux
kernel did not properly perform metadata validation when mounting certain
images. An attacker could use this to specially craft a file system image
that, when mounted, could cause a denial of service (system crash).
(CVE-2023-2124)

Ye Zhang and Nicolas Wu discovered that the io_uring subsystem in the Linux
kernel did not properly handle locking for rings with IOPOLL, leading to a
double-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-21400)

It was discovered that the SLIMpro I2C device driver in the Linux kernel
did not properly validate user-supplied data in some situations, leading to
an out-of-bounds write vulnerability. A privileged attacker could use this
to cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-2194)

It was discovered that the ARM Mali Display Processor driver implementation
in the Linux kernel did not properly handle certain error conditions. A
local attacker could possibly use this to cause a denial of service (system
crash). (CVE-2023-23004)

It was discovered that the DA9150 charger driver in the Linux kernel did
not properly handle device removal, leading to a user-after free
vulnerability. A physically proximate attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-30772)

Quentin Minster discovered that the KSMBD implementation in the Linux
kernel did not properly validate pointers in some situations, leading to a
null pointer dereference vulnerability. A remote attacker could use this to
cause a denial of service (system crash). (CVE-2023-32248)

It was discovered that the kernel->user space relay implementation in the
Linux kernel did not properly perform certain buffer calculations, leading
to an out-of-bounds read vulnerability. A local attacker could use this to
cause a denial of service (system crash) or expose sensitive information
(kernel memory). (CVE-2023-3268)

It was discovered that the Qualcomm EMAC ethernet driver in the Linux
kernel did not properly handle device removal, leading to a user-after free
vulnerability. A physically proximate attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-33203)

It was discovered that the BQ24190 charger driver in the Linux kernel did
not properly handle device removal, leading to a user-after free
vulnerability. A physically proximate attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-33288)

It was discovered that the video4linux driver for Philips based TV cards in
the Linux kernel contained a race condition during device removal, leading
to a use-after-free vulnerability. A physically proximate attacker could
use this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-35823)

It was discovered that the SDMC DM1105 PCI device driver in the Linux
kernel contained a race condition during device removal, leading to a use-
after-free vulnerability. A physically proximate attacker could use this to
cause a denial of service (system crash) or possibly execute arbitrary
code. (CVE-2023-35824)

It was discovered that the Renesas USB controller driver in the Linux
kernel contained a race condition during device removal, leading to a use-
after-free vulnerability. A privileged attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-35828)

It was discovered that the Rockchip Video Decoder IP driver in the Linux
kernel contained a...

Assets 2

29 Aug 09:01

cf-bosh-ci-bot

ubuntu-jammy/v1.207

8d222c6

ubuntu jammy v1.207

Metadata:

BOSH Agent Version: 2.572.0

Notice

update the azure blobstore

USNs:

Title: USN-6295-1: Podman vulnerability
URL: https://ubuntu.com/security/notices/USN-6295-1
Priorities: medium
Description:
It was discovered that Podman incorrectly handled certain supplementary groups.
An attacker could possibly use this issue to expose sensitive information
or execute binary code.
CVEs:

https://ubuntu.com/security/CVE-2022-2989

Title: USN-6286-1: Intel Microcode vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6286-1
Priorities: medium
Description:
Daniel Moghimi discovered that some Intel(R) Processors did not properly clear
microarchitectural state after speculative execution of various instructions. A
local unprivileged user could use this to obtain to sensitive
information. (CVE-2022-40982)

It was discovered that some Intel(R) Xeon(R) Processors did not properly
restrict error injection for Intel(R) SGX or Intel(R) TDX. A local privileged
user could use this to further escalate their privileges. (CVE-2022-41804)

It was discovered that some 3rd Generation Intel(R) Xeon(R) Scalable processors
did not properly restrict access in some situations. A local privileged attacker
could use this to obtain sensitive information. (CVE-2023-23908)
CVEs:

Title: USN-6290-1: LibTIFF vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6290-1
Priorities: medium,low
Description:
It was discovered that LibTIFF could be made to write out of bounds when
processing certain malformed image files with the tiffcrop utility. If a
user were tricked into opening a specially crafted image file, an attacker
could possibly use this issue to cause tiffcrop to crash, resulting in a
denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2022-48281)

It was discovered that LibTIFF incorrectly handled certain image files. If
a user were tricked into opening a specially crafted image file, an
attacker could possibly use this issue to cause a denial of service. This
issue only affected Ubuntu 23.04. (CVE-2023-2731)

It was discovered that LibTIFF incorrectly handled certain image files
with the tiffcp utility. If a user were tricked into opening a specially
crafted image file, an attacker could possibly use this issue to cause
tiffcp to crash, resulting in a denial of service. (CVE-2023-2908)

It was discovered that LibTIFF incorrectly handled certain file paths. If
a user were tricked into specifying certain output paths, an attacker
could possibly use this issue to cause a denial of service. This issue
only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-3316)

It was discovered that LibTIFF could be made to write out of bounds when
processing certain malformed image files. If a user were tricked into
opening a specially crafted image file, an attacker could possibly use
this issue to cause a denial of service, or possibly execute arbitrary
code. (CVE-2023-3618)

It was discovered that LibTIFF did not properly managed memory when
processing certain malformed image files with the tiffcrop utility. If a
user were tricked into opening a specially crafted image file, an attacker
could possibly use this issue to cause tiffcrop to crash, resulting in a
denial of service, or possibly execute arbitrary code. This issue only
affected Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.04.
(CVE-2023-26965)

It was discovered that LibTIFF contained an arithmetic overflow. If a user
were tricked into opening a specially crafted image file, an attacker
could possibly use this issue to cause a denial of service.
(CVE-2023-38288, CVE-2023-38289)
CVEs:

Title: USN-6293-1: OpenStack Heat vulnerability
URL: https://ubuntu.com/security/notices/USN-6293-1
Priorities: medium
Description:
It was discovered that OpenStack Heat incorrectly handled certain hidden
parameter values. A remote authenticated user could possibly use this issue
to obtain sensitive data.
CVEs:

https://ubuntu.com/security/CVE-2023-1625

Title: USN-6288-1: MySQL vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6288-1
Priorities: medium
Description:
Multiple security issues were discovered in MySQL and this update includes
new upstream MySQL versions to fix these issues.

MySQL has been updated to 8.0.34 in Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and
Ubuntu 23.04.

In addition to security fixes, the updated packages contain bug fixes, new
features, and possibly incompatible changes.

Please see the following for more information:

https://dev.mysql.com/doc/relnotes/mysql/8.0/en/news-8-0-34.html
https://www.oracle.com/security-alerts/cpujul2023.html
CVEs:

Title: USN-6289-1: WebKitGTK vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6289-1
Priorities: medium
Description:
Several security issues were discovered in the WebKitGTK Web and JavaScript
engines. If a user were tricked into viewing a malicious website, a remote
attacker could exploit a variety of issues related to web browser security,
including cross-site scripting attacks, denial of service attacks, and
arbitrary code execution.
CVEs:

Title: USN-6294-1: HAProxy vulnerability
URL: https://ubuntu.com/security/notices/USN-6294-1
Priorities: medium
Description:
Ben Kallus discovered that HAProxy incorrectly handled empty Content-Length
headers. A remote attacker could possibly use this issue to manipulate the
payload and bypass certain restrictions.
CVEs:

https://ubuntu.com/security/CVE-2023-40225

Assets 2

14 Aug 09:05

cf-bosh-ci-bot

ubuntu-jammy/v1.199

37c01f0

ubuntu jammy v1.199

Metadata:

BOSH Agent Version: 2.568.0

Important Notice.

the kernel has been updated to 6.2 see #296
added support for the azure blob storage #295

USNs:

Title: USN-6277-2: Dompdf vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6277-2
Priorities: low,medium
Description:
USN-6277-1 fixed vulnerabilities in Dompdf. This update provides the
corresponding updates for Ubuntu 22.04 LTS.

Original advisory details:

It was discovered that Dompdf was not properly validating untrusted input when
processing HTML content under certain circumstances. An attacker could
possibly use this issue to expose sensitive information or execute arbitrary
code. This issue only affected Ubuntu 16.04 LTS.
(CVE-2014-5011, CVE-2014-5012, CVE-2014-5013)

It was discovered that Dompdf was not properly validating processed HTML
content that referenced PHAR files, which could result in the deserialization
of untrusted data. An attacker could possibly use this issue to execute
arbitrary code. (CVE-2021-3838)

It was discovered that Dompdf was not properly validating processed HTML
content that referenced both a remote base and a local file, which could
result in the bypass of a chroot check. An attacker could possibly use this
issue to expose sensitive information. (CVE-2022-2400)
CVEs:

Title: USN-6273-1: poppler vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6273-1
Priorities: low,medium
Description:
Jieyong Ma discovered that poppler incorrectly handled certain malformed
PDF files. A remote attacker could possibly use this issue to cause poppler
to crash, resulting in a denial of service. This issue only affected Ubuntu
20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-27337)

It was discovered that poppler incorrectly handled certain malformed PDF
files. A remote attacker could possibly use this issue to cause poppler to
crash, resulting in a denial of service. This issue only affected Ubuntu
22.04 LTS and Ubuntu 23.04. (CVE-2023-34872)
CVEs:

Title: USN-6285-1: Linux kernel (OEM) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6285-1
Priorities: medium,high,low
Description:
It was discovered that the NTFS file system implementation in the Linux
kernel did not properly check buffer indexes in certain situations, leading
to an out-of-bounds read vulnerability. A local attacker could possibly use
this to expose sensitive information (kernel memory). (CVE-2022-48502)

Stonejiajia, Shir Tamari and Sagi Tzadik discovered that the OverlayFS
implementation in the Ubuntu Linux kernel did not properly perform
permission checks in certain situations. A local attacker could possibly
use this to gain elevated privileges. (CVE-2023-2640)

Mingi Cho discovered that the netfilter subsystem in the Linux kernel did
not properly validate the status of a nft chain while performing a lookup
by id, leading to a use-after-free vulnerability. An attacker could use
this to cause a denial of service (system crash) or possibly execute
arbitrary code. (CVE-2023-31248)

Shir Tamari and Sagi Tzadik discovered that the OverlayFS implementation in
the Ubuntu Linux kernel did not properly perform permission checks in
certain situations. A local attacker could possibly use this to gain
elevated privileges. (CVE-2023-32629)

Tanguy Dubroca discovered that the netfilter subsystem in the Linux kernel
did not properly handle certain pointer data type, leading to an out-of-
bounds write vulnerability. A privileged attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-35001)

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel
did not properly validate SMB request protocol IDs, leading to a out-of-
bounds read vulnerability. A remote attacker could possibly use this to
cause a denial of service (system crash). (CVE-2023-38430)

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel
did not properly validate command payload size, leading to a out-of-bounds
read vulnerability. A remote attacker could possibly use this to cause a
denial of service (system crash). (CVE-2023-38432)

Title: USN-6260-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6260-1
Priorities: medium,high,low
Description:
It was discovered that the NTFS file system implementation in the Linux
kernel did not properly check buffer indexes in certain situations, leading
to an out-of-bounds read vulnerability. A local attacker could possibly use
this to expose sensitive information (kernel memory). (CVE-2022-48502)

Assets 2

26 Jul 14:48

cf-bosh-ci-bot

ubuntu-jammy/v1.181

46e4720

ubuntu jammy v1.181

Metadata:

BOSH Agent Version: 2.560.0

USNs:

Title: USN-6243-1: Graphite-Web vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6243-1
Priorities: medium
Description:
It was discovered that Graphite-Web incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to perform
server-side request forgery and obtain sensitive information. This issue
only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2017-18638)

It was discovered that Graphite-Web incorrectly handled certain inputs. If a
user or an automated system were tricked into opening a specially crafted
input file, a remote attacker could possibly use this issue to perform
cross site scripting and obtain sensitive information. (CVE-2022-4728,
CVE-2022-4729, CVE-2022-4730)
CVEs:

Title: USN-6244-1: AMD Microcode vulnerability
URL: https://ubuntu.com/security/notices/USN-6244-1
Priorities: high
Description:
Tavis Ormandy discovered that some AMD processors did not properly handle
speculative execution of certain vector register instructions. A local attacker
could use this to expose sensitive information.
CVEs:

https://ubuntu.com/security/CVE-2023-20593

Title: USN-6241-1: OpenStack vulnerability
URL: https://ubuntu.com/security/notices/USN-6241-1
Priorities: medium
Description:
Jan Wasilewski and Gorka Eguileor discovered that OpenStack incorrectly
handled deleted volume attachments. An authenticated user or attacker could
possibly use this issue to gain access to sensitive information.

This update may require configuration changes, please see the upstream
advisory and the other links below for more information:

https://security.openstack.org/ossa/OSSA-2023-003.html
https://discourse.ubuntu.com/t/cve-2023-2088-for-charmed-openstack/37051
https://lists.openstack.org/pipermail/openstack-discuss/2023-July/034439.html
CVEs:

https://ubuntu.com/security/CVE-2023-2088

Title: USN-6246-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6246-1
Priorities: high,medium
Description:
It was discovered that the IP-VLAN network driver for the Linux kernel did
not properly initialize memory in some situations, leading to an out-of-
bounds write vulnerability. An attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2023-3090)

Querijn Voet discovered that a race condition existed in the io_uring
subsystem in the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code. (CVE-2023-3389)

Lin Ma discovered that a race condition existed in the MCTP implementation
in the Linux kernel, leading to a use-after-free vulnerability. A
privileged attacker could use this to cause a denial of service (system
crash) or possibly execute arbitrary code. (CVE-2023-3439)

Assets 2

24 Jul 20:55

cf-bosh-ci-bot

ubuntu-jammy/v1.179

46e4720

ubuntu jammy v1.179

Metadata:

BOSH Agent Version: 2.560.0

USNs:

Title: USN-6200-1: ImageMagick vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6200-1
Priorities: negligible,medium,low
Description:
It was discovered that ImageMagick incorrectly handled the "-authenticate"
option for password-protected PDF files. An attacker could possibly use
this issue to inject additional shell commands and perform arbitrary code
execution. This issue only affected Ubuntu 20.04 LTS. (CVE-2020-29599)

It was discovered that ImageMagick incorrectly handled certain values
when processing PDF files. If a user or automated system using ImageMagick
were tricked into opening a specially crafted PDF file, an attacker could
exploit this to cause a denial of service. This issue only affected Ubuntu
20.04 LTS. (CVE-2021-20224)

Zhang Xiaohui discovered that ImageMagick incorrectly handled certain
values when processing image data. If a user or automated system using
ImageMagick were tricked into opening a specially crafted image, an
attacker could exploit this to cause a denial of service. This issue only
affected Ubuntu 20.04 LTS. (CVE-2021-20241, CVE-2021-20243)

It was discovered that ImageMagick incorrectly handled certain values
when processing visual effects based image files. By tricking a user into
opening a specially crafted image file, an attacker could crash the
application causing a denial of service. This issue only affected Ubuntu
20.04 LTS. (CVE-2021-20244, CVE-2021-20309)

It was discovered that ImageMagick incorrectly handled certain values
when performing resampling operations. By tricking a user into opening
a specially crafted image file, an attacker could crash the application
causing a denial of service. This issue only affected Ubuntu 20.04 LTS.
(CVE-2021-20246)

It was discovered that ImageMagick incorrectly handled certain values
when processing thumbnail image data. By tricking a user into opening
a specially crafted image file, an attacker could crash the application
causing a denial of service. This issue only affected Ubuntu 20.04 LTS.
(CVE-2021-20312)

It was discovered that ImageMagick incorrectly handled memory cleanup
when performing certain cryptographic operations. Under certain conditions
sensitive cryptographic information could be disclosed. This issue only
affected Ubuntu 20.04 LTS. (CVE-2021-20313)

It was discovered that ImageMagick did not use the correct rights when
specifically excluded by a module policy. An attacker could use this issue
to read and write certain restricted files. This issue only affected Ubuntu
20.04 LTS. (CVE-2021-39212)

It was discovered that ImageMagick incorrectly handled memory under certain
circumstances. If a user were tricked into opening a specially crafted
image file, an attacker could possibly exploit this issue to cause a denial
of service or other unspecified impact. This issue only affected Ubuntu
20.04 LTS. (CVE-2022-28463, CVE-2022-32545, CVE-2022-32546, CVE-2022-32547)

It was discovered that ImageMagick incorrectly handled memory under certain
circumstances. If a user were tricked into opening a specially crafted
image file, an attacker could possibly exploit this issue to cause a denial
of service or other unspecified impact. This issue only affected Ubuntu
22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2021-3610, CVE-2023-1906,
CVE-2023-3428)

It was discovered that ImageMagick incorrectly handled certain values
when processing specially crafted SVG files. By tricking a user into
opening a specially crafted SVG file, an attacker could crash the
application causing a denial of service. This issue only affected Ubuntu
20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-1289)

It was discovered that ImageMagick incorrectly handled memory under certain
circumstances. If a user were tricked into opening a specially crafted
tiff file, an attacker could possibly exploit this issue to cause a denial
of service or other unspecified impact. This issue only affected Ubuntu
22.04 LTS, Ubuntu 22.10, and Ubuntu 23.04. (CVE-2023-3195)

Title: USN-6236-1: ConnMan vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6236-1
Priorities: medium
Description:
It was discovered that ConnMan could be made to write out of bounds. A
remote attacker could possibly use this issue to cause ConnMan to crash,
resulting in a denial of service, or possibly execute arbitrary code. This
issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2021-26675, CVE-2021-33833)

It was discovered that ConnMan could be made to leak sensitive information
via the gdhcp component. A remote attacker could possibly use this issue
to obtain information for further exploitation. This issue only affected
Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. (CVE-2021-26676)

It was discovered that ConnMan could be made to read out of bounds. A
remote attacker could possibly use this issue to case ConnMan to crash,
resulting in a denial of service. This issue only affected Ubuntu 16.04
LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2022-23096, CVE-2022-23097)

It was discovered that ConnMan could be made to run into an infinite loop.
A remote attacker could possibly use this issue to cause ConnMan to
consume resources and to stop operating, resulting in a denial of service.
This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04
LTS, and Ubuntu 22.04 LTS. (CVE-2022-23098)

It was discovered that ConnMan could be made to write out of bounds via
the gweb component. A remote attacker could possibly use this issue to
cause ConnMan to crash, resulting in a denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu
18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32292)

It was discovered that ConnMan did not properly manage memory under
certain circumstances. A remote attacker could possibly use this issue to
cause ConnMan to crash, resulting in a denial of service, or possibly
execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu
18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-32293)

It was discovered that ConnMan could be made to write out of bounds via
the gdhcp component. A remote attacker could possibly use this issue to
cause ConnMan to crash, resulting in a denial of service, or possibly
execute arbitrary code. (CVE-2023-28488)
CVEs:

Title: USN-6189-1: etcd vulnerability
URL: https://ubuntu.com/security/notices/USN-6189-1
Priorities: medium
Description:
It was discovered that etcd leaked credentials when debugging
was enabled. This allowed remote attackers to discover etcd
authentication credentials and possibly escalate privileges on
systems using etcd.
CVEs:

https://ubuntu.com...

Assets 2

29 Jun 20:55

cf-bosh-ci-bot

ubuntu-jammy/v1.148

07f5718

ubuntu jammy v1.148

Metadata:

BOSH Agent Version: 2.548.0

USNs:

Title: USN-6161-2: .NET regression
URL: https://ubuntu.com/security/notices/USN-6161-2
Priorities: medium
Description:
USN-6161-1 fixed vulnerabilities in .NET. The update introduced
a regression with regards to how the runtime imported X.509
certificates. This update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

It was discovered that .NET did not properly enforce certain
restrictions when deserializing a DataSet or DataTable from
XML. An attacker could possibly use this issue to elevate their
privileges. (CVE-2023-24936)

Kevin Jones discovered that .NET did not properly handle the
AIA fetching process for X.509 client certificates. An attacker
could possibly use this issue to cause a denial of service.
(CVE-2023-29331)

Kalle Niemitalo discovered that the .NET package manager,
NuGet, was susceptible to a potential race condition. An
attacker could possibly use this issue to perform remote
code execution. (CVE-2023-29337)

Tom Deseyn discovered that .NET did not properly process certain
arguments when extracting the contents of a tar file. An attacker
could possibly use this issue to elevate their privileges. This
issue only affected the dotnet7 package. (CVE-2023-32032)

It was discovered that .NET did not properly handle memory in
certain circumstances. An attacker could possibly use this issue
to cause a denial of service or perform remote code execution.
(CVE-2023-33128)
CVEs:

Title: USN-6184-1: CUPS vulnerability
URL: https://ubuntu.com/security/notices/USN-6184-1
Priorities: medium
Description:
It was discovered that CUPS incorrectly handled certain memory operations.
An attacker could possibly use this issue to cause CUPS to crash, resulting
in a denial of service, or possibly obtain sensitive information.
CVEs:

https://ubuntu.com/security/CVE-2023-34241

Title: USN-6192-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6192-1
Priorities: high
Description:
Hangyu Hua discovered that the Flower classifier implementation in the
Linux kernel contained an out-of-bounds write vulnerability. An attacker
could use this to cause a denial of service (system crash) or possibly
execute arbitrary code. (CVE-2023-35788, LP: #2023577)

Xingyuan Mo and Gengjia Chen discovered that the io_uring subsystem in the
Linux kernel did not properly handle locking when IOPOLL mode is being
used. A local attacker could use this to cause a denial of service (system
crash). (CVE-2023-2430)

It was discovered that for some Intel processors the INVLPG instruction
implementation did not properly flush global TLB entries when PCIDs are
enabled. An attacker could use this to expose sensitive information
(kernel memory) or possibly cause undesired behaviors. (LP: #2023220)
CVEs:

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Metadata:

USNs:

Metadata:

USNs:

Metadata:

USNs:

Metadata:

USNs:

Metadata:

USNs:

Metadata:

Notice

USNs:

Metadata:

Important Notice.

USNs:

Metadata:

USNs:

Metadata:

USNs:

Metadata:

USNs:

Releases: cloudfoundry/bosh-linux-stemcell-builder

ubuntu jammy v1.289

Metadata:

USNs:

ubuntu jammy v1.260

Metadata:

USNs:

ubuntu jammy v1.250

Metadata:

USNs:

ubuntu jammy v1.232

Metadata:

USNs:

ubuntu jammy v1.222

Metadata:

USNs:

ubuntu jammy v1.207

Metadata:

Notice

USNs:

ubuntu jammy v1.199

Metadata:

Important Notice.

USNs:

ubuntu jammy v1.181

Metadata:

USNs:

ubuntu jammy v1.179

Metadata:

USNs:

ubuntu jammy v1.148

Metadata:

USNs: