[USN-6548-1] Linux kernel vulnerabilities
== Ubuntu Security Notice USN-6548-1 December 11, 2023 linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-xilinx-zynqmp vulnerabilities == A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 20.04 LTS - Ubuntu 18.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-bluefield: Linux kernel for NVIDIA BlueField platforms - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-xilinx-zynqmp: Linux kernel for Xilinx ZynqMP processors - linux-aws-5.4: Linux kernel for Amazon Web Services (AWS) systems - linux-azure-5.4: Linux kernel for Microsoft Azure cloud systems - linux-gcp-5.4: Linux kernel for Google Cloud Platform (GCP) systems - linux-hwe-5.4: Linux hardware enablement (HWE) kernel - linux-ibm-5.4: Linux kernel for IBM cloud systems Details: It was discovered that Spectre-BHB mitigations were missing for Ampere processors. A local attacker could potentially use this to expose sensitive information. (CVE-2023-3006) It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) It was discovered that the TLS subsystem in the Linux kernel did not properly perform cryptographic operations in some situations, leading to a null pointer dereference vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-6176) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 20.04 LTS: linux-image-5.4.0-1035-xilinx-zynqmp 5.4.0-1035.39 linux-image-5.4.0-1063-ibm 5.4.0-1063.68 linux-image-5.4.0-1076-bluefield 5.4.0-1076.82 linux-image-5.4.0-1104-kvm 5.4.0-1104.111 linux-image-5.4.0-1116-aws 5.4.0-1116.126 linux-image-5.4.0-1120-gcp 5.4.0-1120.129 linux-image-5.4.0-1121-azure5.4.0-1121.128 linux-image-5.4.0-169-generic 5.4.0-169.187 linux-image-5.4.0-169-generic-lpae 5.4.0-169.187 linux-image-5.4.0-169-lowlatency 5.4.0-169.187 linux-image-aws-lts-20.04 5.4.0.1116.113 l
[USN-6549-1] Linux kernel vulnerabilities
== Ubuntu Security Notice USN-6549-1 December 11, 2023 linux, linux-aws, linux-aws-5.15, linux-azure, linux-azure-5.15, linux-azure-fde, linux-azure-fde-5.15, linux-gcp, linux-gke, linux-hwe-5.15, linux-ibm, linux-ibm-5.15, linux-kvm, linux-nvidia, linux-oracle, linux-oracle-5.15, linux-raspi vulnerabilities == A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in the Linux kernel. Software Description: - linux: Linux kernel - linux-aws: Linux kernel for Amazon Web Services (AWS) systems - linux-azure: Linux kernel for Microsoft Azure Cloud systems - linux-azure-fde: Linux kernel for Microsoft Azure CVM cloud systems - linux-gcp: Linux kernel for Google Cloud Platform (GCP) systems - linux-gke: Linux kernel for Google Container Engine (GKE) systems - linux-ibm: Linux kernel for IBM cloud systems - linux-kvm: Linux kernel for cloud environments - linux-nvidia: Linux kernel for NVIDIA systems - linux-oracle: Linux kernel for Oracle Cloud systems - linux-raspi: Linux kernel for Raspberry Pi systems - linux-aws-5.15: Linux kernel for Amazon Web Services (AWS) systems - linux-azure-5.15: Linux kernel for Microsoft Azure cloud systems - linux-azure-fde-5.15: Linux kernel for Microsoft Azure CVM cloud systems - linux-hwe-5.15: Linux hardware enablement (HWE) kernel - linux-ibm-5.15: Linux kernel for IBM cloud systems - linux-oracle-5.15: Linux kernel for Oracle Cloud systems Details: It was discovered that the USB subsystem in the Linux kernel contained a race condition while handling device descriptors in certain situations, leading to a out-of-bounds read vulnerability. A local attacker could possibly use this to cause a denial of service (system crash). (CVE-2023-37453) Lin Ma discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly initialize a policy data structure, leading to an out-of-bounds vulnerability. A local privileged attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-3773) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information (kernel memory). (CVE-2023-39189) Sunjoo Park discovered that the netfilter subsystem in the Linux kernel did not properly validate u32 packets content, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39192) Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate SCTP data, leading to an out-of-bounds read vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39193) Lucas Leong discovered that the Netlink Transformation (XFRM) subsystem in the Linux kernel did not properly handle state filters, leading to an out- of-bounds read vulnerability. A privileged local attacker could use this to cause a denial of service (system crash) or possibly expose sensitive information. (CVE-2023-39194) It was discovered that a race condition existed in QXL virtual GPU driver in the Linux kernel, leading to a use after free vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-39198) Kyle Zeng discovered that the IPv4 implementation in the Linux kernel did not properly handle socket buffers (skb) when performing IP routing in certain circumstances, leading to a null pointer dereference vulnerability. A privileged attacker could use this to cause a denial of service (system crash). (CVE-2023-42754) Jason Wang discovered that the virtio ring implementation in the Linux kernel did not properly handle iov buffers in some situations. A local attacker in a guest VM could use this to cause a denial of service (host system crash). (CVE-2023-5158) Alon Zahavi discovered that the NVMe-oF/TCP subsystem in the Linux kernel did not properly handle queue initialization failures in certain situations, leading to a use-after-free vulnerability. A remote attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5178) Budimir Markovic discovered that the perf subsystem in the Linux kernel did not properly handle event groups, leading to an out-of-bounds write vulnerability. A local attacker could use this to cause a denial of service (system crash) or possibly execute arbitrary code. (CVE-2023-5717) Update instructions: The problem can be co
[USN-6547-1] Python vulnerability
== Ubuntu Security Notice USN-6547-1 December 11, 2023 python3.11 vulnerability == A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.04 Summary: Python could be made to bypass security measures if it processed a malicious filename. Software Description: - python3.11: An interactive high-level object-oriented language Details: it was discovered that Python incorrectly handled null bytes when normalizing pathnames. An attacker could possibly use this issue to bypass certain filename checks. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.04: python3.11 3.11.4-1~23.04.2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6547-1 CVE-2023-41105 Package Information: https://launchpad.net/ubuntu/+source/python3.11/3.11.4-1~23.04.2 OpenPGP_signature.asc Description: OpenPGP digital signature
[USN-6546-1] LibreOffice vulnerabilities
== Ubuntu Security Notice USN-6546-1 December 11, 2023 libreoffice vulnerabilities == A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 - Ubuntu 23.04 Summary: Several security issues were fixed in LibreOffice. Software Description: - libreoffice: Office productivity suite Details: Reginaldo Silva discovered that LibreOffice incorrectly handled filenames when passing embedded videos to GStreamer. If a user were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary GStreamer plugins. (CVE-2023-6185) Reginaldo Silva discovered that LibreOffice incorrectly handled certain non-typical hyperlinks. If a user were tricked into opening a specially crafted file, a remote attacker could possibly use this issue to execute arbitrary scripts. (CVE-2023-6186) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10: libreoffice 4:7.6.4-0ubuntu0.23.10.1 Ubuntu 23.04: libreoffice 4:7.5.9-0ubuntu0.23.04.1 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6546-1 CVE-2023-6185, CVE-2023-6186 Package Information: https://launchpad.net/ubuntu/+source/libreoffice/4:7.6.4-0ubuntu0.23.10.1 https://launchpad.net/ubuntu/+source/libreoffice/4:7.5.9-0ubuntu0.23.04.1 OpenPGP_signature.asc Description: OpenPGP digital signature
[USN-6545-1] WebKitGTK vulnerabilities
== Ubuntu Security Notice USN-6545-1 December 11, 2023 webkit2gtk vulnerabilities == A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 23.10 - Ubuntu 23.04 - Ubuntu 22.04 LTS Summary: Several security issues were fixed in WebKitGTK. Software Description: - webkit2gtk: Web content engine library for GTK+ Details: Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser security, including cross-site scripting attacks, denial of service attacks, and arbitrary code execution. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 23.10: libjavascriptcoregtk-4.0-18 2.42.3-0ubuntu0.23.10.1 libjavascriptcoregtk-4.1-0 2.42.3-0ubuntu0.23.10.1 libjavascriptcoregtk-6.0-1 2.42.3-0ubuntu0.23.10.1 libwebkit2gtk-4.0-372.42.3-0ubuntu0.23.10.1 libwebkit2gtk-4.1-0 2.42.3-0ubuntu0.23.10.1 Ubuntu 23.04: libjavascriptcoregtk-4.0-18 2.42.3-0ubuntu0.23.04.1 libjavascriptcoregtk-4.1-0 2.42.3-0ubuntu0.23.04.1 libjavascriptcoregtk-6.0-1 2.42.3-0ubuntu0.23.04.1 libwebkit2gtk-4.0-372.42.3-0ubuntu0.23.04.1 libwebkit2gtk-4.1-0 2.42.3-0ubuntu0.23.04.1 Ubuntu 22.04 LTS: libjavascriptcoregtk-4.0-18 2.42.3-0ubuntu0.22.04.1 libjavascriptcoregtk-4.1-0 2.42.3-0ubuntu0.22.04.1 libjavascriptcoregtk-6.0-1 2.42.3-0ubuntu0.22.04.1 libwebkit2gtk-4.0-372.42.3-0ubuntu0.22.04.1 libwebkit2gtk-4.1-0 2.42.3-0ubuntu0.22.04.1 This update uses a new upstream release, which includes additional bug fixes. After a standard system update you need to restart any applications that use WebKitGTK, such as Epiphany, to make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6545-1 CVE-2023-42916, CVE-2023-42917 Package Information: https://launchpad.net/ubuntu/+source/webkit2gtk/2.42.3-0ubuntu0.23.10.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.42.3-0ubuntu0.23.04.1 https://launchpad.net/ubuntu/+source/webkit2gtk/2.42.3-0ubuntu0.22.04.1 OpenPGP_signature.asc Description: OpenPGP digital signature
[USN-6544-1] GNU binutils vulnerabilities
== Ubuntu Security Notice USN-6544-1 December 11, 2023 binutils vulnerabilities == A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS - Ubuntu 14.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in GNU binutils. Software Description: - binutils: GNU assembler, linker and binary utilities Details: It was discovered that GNU binutils incorrectly handled certain COFF files. An attacker could possibly use this issue to cause a crash or execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2022-38533) It was discovered that GNU binutils was not properly performing bounds checks in several functions, which could lead to a buffer overflow. An attacker could possibly use this issue to cause a denial of service, expose sensitive information or execute arbitrary code. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-4285, CVE-2020-19726, CVE-2021-46174) It was discovered that GNU binutils contained a reachable assertion, which could lead to an intentional assertion failure when processing certain crafted DWARF files. An attacker could possibly use this issue to cause a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-35205) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 22.04 LTS: binutils2.38-4ubuntu2.4 binutils-multiarch 2.38-4ubuntu2.4 Ubuntu 20.04 LTS: binutils2.34-6ubuntu1.7 binutils-multiarch 2.34-6ubuntu1.7 Ubuntu 14.04 LTS (Available with Ubuntu Pro): binutils2.24-5ubuntu14.2+esm6 binutils-multiarch 2.24-5ubuntu14.2+esm6 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6544-1 CVE-2020-19726, CVE-2021-46174, CVE-2022-35205, CVE-2022-38533, CVE-2022-4285 Package Information: https://launchpad.net/ubuntu/+source/binutils/2.38-4ubuntu2.4 https://launchpad.net/ubuntu/+source/binutils/2.34-6ubuntu1.7 OpenPGP_signature.asc Description: OpenPGP digital signature
[USN-6500-2] Squid vulnerabilities
== Ubuntu Security Notice USN-6500-2 December 11, 2023 squid3 vulnerabilities == A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS (Available with Ubuntu Pro) - Ubuntu 16.04 LTS (Available with Ubuntu Pro) Summary: Several security issues were fixed in Squid. Software Description: - squid3: Web proxy cache server Details: USN-6500-1 fixed several vulnerabilities in Squid. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: Joshua Rogers discovered that Squid incorrectly handled the Gopher protocol. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. Gopher support has been disabled in this update. (CVE-2023-46728) Joshua Rogers discovered that Squid incorrectly handled HTTP Digest Authentication. A remote attacker could possibly use this issue to cause Squid to crash, resulting in a denial of service. (CVE-2023-46847) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS (Available with Ubuntu Pro): squid 3.5.27-1ubuntu1.14+esm1 squid3 3.5.27-1ubuntu1.14+esm1 Ubuntu 16.04 LTS (Available with Ubuntu Pro): squid 3.5.12-1ubuntu7.16+esm2 squid3 3.5.12-1ubuntu7.16+esm2 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-6500-2 https://ubuntu.com/security/notices/USN-6500-1 CVE-2023-46728, CVE-2023-46847 signature.asc Description: PGP signature