Skip to content

Releases: cloudfoundry/bosh-linux-stemcell-builder

ubuntu jammy v1.555

11 Sep 18:52
@bosh-admin-bot bosh-admin-bot
ubuntu-jammy/v1.555
caf1083
Compare
Choose a tag to compare
ubuntu jammy v1.555 Latest
Latest

Metadata:

BOSH Agent Version: 2.685.0
Kernel Version: 5.15.0.119.119

USNs:

No high high or critical USN's in this release.

What's Changed

Full Changelog: ubuntu-jammy/v1.531...ubuntu-jammy/v1.555

Contributors

rthill91
Assets 2
Loading

ubuntu jammy v1.531

23 Aug 21:15
@cf-bosh-ci-bot cf-bosh-ci-bot
ubuntu-jammy/v1.531
c61e10a
Compare
Choose a tag to compare
ubuntu jammy v1.531

Metadata:

BOSH Agent Version: 2.679.0
Kernel Version: 5.15.0.119.119

USNs:

Title: USN-6974-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6974-1
Priorities: medium,high
Description:
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

What's Changed

  • Prevent early deletion of temp files in specs by @ystros in #377
  • Fix quoting on stemcell version by @ystros in #378

Full Changelog: ubuntu-jammy/v1.529...ubuntu-jammy/v1.531

Contributors

ystros
Assets 2
Loading

ubuntu jammy v1.529

21 Aug 18:43
@cf-bosh-ci-bot cf-bosh-ci-bot
ubuntu-jammy/v1.529
752c8c5
Compare
Choose a tag to compare
ubuntu jammy v1.529

Metadata:

BOSH Agent Version: 2.679.0
Kernel Version: 5.15.0.118.118

USNs:

Title: USN-6895-4: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6895-4
Priorities: medium,low,high
Description:
It was discovered that the ATA over Ethernet (AoE) driver in the Linux
kernel contained a race condition, leading to a use-after-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2023-6270)

It was discovered that the HugeTLB file system component of the Linux
Kernel contained a NULL pointer dereference vulnerability. A privileged
attacker could possibly use this to to cause a denial of service.
(CVE-2024-0841)

It was discovered that the Open vSwitch implementation in the Linux kernel
could overflow its stack during recursive action operations under certain
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-1151)

Gui-Dong Han discovered that the software RAID driver in the Linux kernel
contained a race condition, leading to an integer overflow vulnerability. A
privileged attacker could possibly use this to cause a denial of service
(system crash). (CVE-2024-23307)

Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in
the Linux kernel contained a race condition, leading to an integer overflow
vulnerability. An attacker could possibly use this to cause a denial of
service (system crash). (CVE-2024-24861)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

Title: USN-6922-2: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6922-2
Priorities: low,medium
Description:
It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel when modifying certain settings values through debugfs.
A privileged local attacker could use this to cause a denial of service.
(CVE-2024-24857, CVE-2024-24858, CVE-2024-24859)

Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device
volume management subsystem did not properly validate logical eraseblock
sizes in certain situations. An attacker could possibly use this to cause a
denial of service (system crash). (CVE-2024-25739)
CVEs:

Read more
Assets 2
Loading

ubuntu jammy v1.506

29 Jul 21:51
@cf-bosh-ci-bot cf-bosh-ci-bot
ubuntu-jammy/v1.506
83eed5b
Compare
Choose a tag to compare
ubuntu jammy v1.506

Metadata:

BOSH Agent Version: 2.672.0
Kernel Version: 5.15.0.117.117

USNs:

Title: USN-6910-1: Apache ActiveMQ vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6910-1
Priorities: medium
Description:
Chess Hazlett discovered that Apache ActiveMQ incorrectly handled certain
commands. A remote attacker could possibly use this issue to terminate
the program, resulting in a denial of service. This issue only affected
Ubuntu 16.04 LTS. (CVE-2015-7559)

Peter Stöckli discovered that Apache ActiveMQ incorrectly handled
hostname verification. A remote attacker could possibly use this issue
to perform a person-in-the-middle attack. This issue only affected Ubuntu
16.04 LTS. (CVE-2018-11775)

Jonathan Gallimore and Colm Ó hÉigeartaigh discovered that Apache
ActiveMQ incorrectly handled authentication in certain functions.
A remote attacker could possibly use this issue to perform a
person-in-the-middle attack. This issue only affected Ubuntu 16.04 LTS,
Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2020-13920)

Gregor Tudan discovered that Apache ActiveMQ incorrectly handled
LDAP authentication. A remote attacker could possibly use this issue
to acquire unauthenticated access. This issue only affected Ubuntu 16.04
LTS, Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2021-26117)

It was discovered that Apache ActiveMQ incorrectly handled
authentication. A remote attacker could possibly use this issue to run
arbitrary code. (CVE-2022-41678)

It was discovered that Apache ActiveMQ incorrectly handled
deserialization. A remote attacker could possibly use this issue to run
arbitrary shell commands. (CVE-2023-46604)
CVEs:

Title: USN-6919-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6919-1
Priorities: medium,high,low,unknown
Description:
Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not
properly handle certain error conditions, leading to a NULL pointer
dereference. A local attacker could possibly trigger this vulnerability to
cause a denial of service. (CVE-2022-38096)

It was discovered that the ATA over Ethernet (AoE) driver in the Linux
kernel contained a race condition, leading to a use-after-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code. (CVE-2023-6270)

It was discovered that the Atheros 802.11ac wireless driver did not
properly validate certain data structures, leading to a NULL pointer
dereference. An attacker could possibly use this to cause a denial of
service. (CVE-2023-7042)

It was discovered that the HugeTLB file system component of the Linux
Kernel contained a NULL pointer dereference vulnerability. A privileged
attacker could possibly use this to to cause a denial of service.
(CVE-2024-0841)

It was discovered that the Intel Data Streaming and Intel Analytics
Accelerator drivers in the Linux kernel allowed direct access to the
devices for unprivileged users and virtual machines. A local attacker could
use this to cause a denial of service. (CVE-2024-21823)

Yuxuan Hu discovered that the Bluetooth RFCOMM protocol driver in the Linux
Kernel contained a race condition, leading to a NULL pointer dereference.
An attacker could possibly use this to cause a denial of service (system
crash). (CVE-2024-22099)

Gui-Dong Han discovered that the software RAID driver in the Linux kernel
contained a race condition, leading to an integer overflow vulnerability. A
privileged attacker could possibly use this to cause a denial of service
(system crash). (CVE-2024-23307)

It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel when modifying certain settings values through debugfs.
A privileged local attacker could use this to cause a denial of service.
(CVE-2024-24857, CVE-2024-24858, CVE-2024-24859)

Bai Jiaju discovered that the Xceive XC4000 silicon tuner device driver in
the Linux kernel contained a race condition, leading to an integer overflow
vulnerability. An attacker could possibly use this to cause a denial of
service (system crash). (CVE-2024-24861)

Chenyuan Yang discovered that the Unsorted Block Images (UBI) flash device
volume management subsystem did not properly validate logical eraseblock
sizes in certain situations. An attacker could possibly use this to cause a
denial of service (system crash). (CVE-2024-25739)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

Read more
Assets 2
Loading

ubuntu jammy v1.492

16 Jul 20:51
@cf-bosh-ci-bot cf-bosh-ci-bot
ubuntu-jammy/v1.492
3edb032
Compare
Choose a tag to compare
ubuntu jammy v1.492

Metadata:

BOSH Agent Version: 2.663.0
Kernel Version: 5.15.0.116.116

USNs:

Title: USN-6891-1: Python vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6891-1
Priorities: low,medium,negligible,high
Description:
It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2015-20107)

It was discovered that Python incorrectly used regular expressions
vulnerable to catastrophic backtracking. A remote attacker could possibly
use this issue to cause a denial of service. This issue only affected
Ubuntu 14.04 LTS. (CVE-2018-1060, CVE-2018-1061)

It was discovered that Python failed to initialize Expat’s hash salt. A
remote attacker could possibly use this issue to cause hash collisions,
leading to a denial of service. This issue only affected Ubuntu 14.04 LTS.
(CVE-2018-14647)

It was discovered that Python incorrectly handled certain pickle files. An
attacker could possibly use this issue to consume memory, leading to a
denial of service. This issue only affected Ubuntu 14.04 LTS.
(CVE-2018-20406)

It was discovered that Python incorrectly validated the domain when
handling cookies. An attacker could possibly trick Python into sending
cookies to the wrong domain. This issue only affected Ubuntu 14.04 LTS.
(CVE-2018-20852)

Jonathan Birch and Panayiotis Panayiotou discovered that Python incorrectly
handled Unicode encoding during NFKC normalization. An attacker could
possibly use this issue to obtain sensitive information. This issue only
affected Ubuntu 14.04 LTS. (CVE-2019-9636, CVE-2019-10160)

It was discovered that Python incorrectly parsed certain email addresses. A
remote attacker could possibly use this issue to trick Python applications
into accepting email addresses that should be denied. This issue only
affected Ubuntu 14.04 LTS. (CVE-2019-16056)

It was discovered that the Python documentation XML-RPC server incorrectly
handled certain fields. A remote attacker could use this issue to execute a
cross-site scripting (XSS) attack. This issue only affected Ubuntu 14.04
LTS. (CVE-2019-16935)

It was discovered that Python documentation had a misleading information.
A security issue could be possibly caused by wrong assumptions of this
information. This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04
LTS. (CVE-2019-17514)

It was discovered that Python incorrectly stripped certain characters from
requests. A remote attacker could use this issue to perform CRLF injection.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2019-18348)

It was discovered that Python incorrectly handled certain TAR archives.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2019-20907)

Colin Read and Nicolas Edet discovered that Python incorrectly handled
parsing certain X509 certificates. An attacker could possibly use this
issue to cause Python to crash, resulting in a denial of service. This
issue only affected Ubuntu 14.04 LTS. (CVE-2019-5010)

It was discovered that incorrectly handled certain ZIP files. An attacker
could possibly use this issue to cause a denial of service. This issue only
affected Ubuntu 14.04 LTS. (CVE-2019-9674)

It was discovered that Python incorrectly handled certain urls. A remote
attacker could possibly use this issue to perform CRLF injection attacks.
This issue only affected Ubuntu 14.04 LTS. (CVE-2019-9740, CVE-2019-9947)

Sihoon Lee discovered that Python incorrectly handled the local_file:
scheme. A remote attacker could possibly use this issue to bypass blocklist
meschanisms. This issue only affected Ubuntu 14.04 LTS. (CVE-2019-9948)

It was discovered that Python incorrectly handled certain IP values.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2020-14422)

It was discovered that Python incorrectly handled certain character
sequences. A remote attacker could possibly use this issue to perform
CRLF injection. This issue only affected Ubuntu 14.04 LTS and Ubuntu
18.04 LTS. (CVE-2020-26116)

It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code
or cause a denial of service. This issue only affected Ubuntu 14.04 LTS.
(CVE-2020-27619, CVE-2021-3177)

It was discovered that Python incorrectly handled certain HTTP requests.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS. (CVE-2020-8492)

It was discovered that the Python stdlib ipaddress API incorrectly handled
octal strings. A remote attacker could possibly use this issue to perform a
wide variety of attacks, including bypassing certain access restrictions.
This issue only affected Ubuntu 18.04 LTS. (CVE-2021-29921)

David Schwörer discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 18.04 LTS. (CVE-2021-3426)

It was discovered that Python incorrectly handled certain RFCs.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 14.04 LTS. (CVE-2021-3733)

It was discovered that Python incorrectly handled certain server
responses. An attacker could possibly use this issue to cause a denial of
service. This issue only affected Ubuntu 14.04 LTS. (CVE-2021-3737)

It was discovered that Python incorrectly handled certain FTP requests.
An attacker could possibly use this issue to expose sensitive information.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2021-4189)

It was discovered that Python incorrectly handled certain inputs.
An attacker could possibly use this issue to execute arbitrary code.
This issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2022-0391)

Devin Jeanpierre discovered that Python incorrectly handled sockets when
the multiprocessing module was being used. A local attacker could possibly
use this issue to execute arbitrary code and escalate privileges.
This issue only affected Ubuntu 22.04 LTS. (CVE-2022-42919)

It was discovered that Python incorrectly handled certain inputs. If a
user or an automated system were tricked into running a specially
crafted input, a remote attacker could possibly use this issue to cause a
denial of service. This issue only affected Ubuntu 14.04 LTS,
Ubuntu 18.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-45061, CVE-2023-24329)

It was discovered that Python incorrectly handled certain scripts.
An attacker could possibly use this issue to execute arbitrary code
or cause a crash. This issue only affected Ubuntu 14.04 LTS and
Ubuntu 18.04 LTS. (CVE-2022-48560)

It was discovered that Python incorrectly handled certain plist files.
If a user or an automated system were tricked into processing a specially
crafted plist file, an attacker could possibly use this issue to consume
resources, resulting in a denial of service. This issue only affected
Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2022-48564)

It was discovered that Python did not properly handle XML entity
declarations in plist files. An attacker could possibly use this
vulnerability to perform an XML External Entity (XXE) injection,
resulting in a denial of service or information disclosure. This issue
only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS. (CVE-2022-48565)

It was discovered that Python did not properly provide constant-time
processing for a crypto operation. An attacker could possibly use this
issue to perform a timing attack and recover sensitive information. This
issue only affected Ubuntu 14.04 LTS and Ubuntu 18.04 LTS.
(CVE-2022-48566)

It was discovered that Python instances of ssl.SSLSocket were vulnerable
to a bypass of the TLS handshake. An attacker could possibly use this
issue to cause applications to treat unauthenticated received data before
TLS handshake as authenticated data after TLS handshake. This issue only
affected Ubuntu 14.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu
22.04 LTS. (CVE-2023-40217)

It was discovered that Python incorrectly handled null bytes when
normalizing pathnames. An attacker could possibly use this issue to bypass
certain filename checks. This issue only affected Ubuntu 22.04 LTS.
(CVE-2023-41105)

It was discovered that Python incorrectly handled privilege with certain
parameters. An attacker could possibly use this issue to maintain the
original processes' groups before starting the new process. This issue
only affected Ubuntu 23.10. (CVE-2023-6507)

It was discovered that Python incorrectly handled symlinks in temp files.
An attacker could possibly use this issue to modify the permissions of
files. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS,
Ubuntu 22.04 LTS and Ubuntu 23.10. (CVE-2023-6597)

It was discovered that Python incorrectly handled certain crafted zip
files. An attacker could possibly use this issue to crash the program,
resulting in a denial of service. (CVE-2024-0450)
CVEs:

Read more

Contributors

selzoc
Assets 2
Loading

ubuntu jammy v1.486

02 Jul 01:45
@cf-bosh-ci-bot cf-bosh-ci-bot
ubuntu-jammy/v1.486
dc44e87
Compare
Choose a tag to compare
ubuntu jammy v1.486

Metadata:

BOSH Agent Version: 2.663.0
Kernel Version: 5.15.0.113.113

USNs:

Title: USN-6847-1: libheif vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6847-1
Priorities: medium
Description:
It was discovered that libheif incorrectly handled certain image data.
An attacker could possibly use this issue to crash the program, resulting
in a denial of service. This issue only affected Ubuntu 18.04 LTS.
(CVE-2019-11471)

Reza Mirzazade Farkhani discovered that libheif incorrectly handled
certain image data. An attacker could possibly use this issue to crash the
program, resulting in a denial of service. This issue only affected Ubuntu
20.04 LTS. (CVE-2020-23109)

Eugene Lim discovered that libheif incorrectly handled certain image data.
An attacker could possibly use this issue to crash the program, resulting
in a denial of service. This issue only affected Ubuntu 18.04 LTS, Ubuntu
20.04 LTS and Ubuntu 22.04 LTS. (CVE-2023-0996)

Min Jang discovered that libheif incorrectly handled certain image data.
An attacker could possibly use this issue to crash the program, resulting
in a denial of service. This issue only affected Ubuntu 20.04 LTS and
Ubuntu 22.04 LTS. (CVE-2023-29659)

Yuchuan Meng discovered that libheif incorrectly handled certain image data.
An attacker could possibly use this issue to crash the program, resulting
in a denial of service. This issue only affected Ubuntu 23.10.
(CVE-2023-49460, CVE-2023-49462, CVE-2023-49463, CVE-2023-49464)
CVEs:

Title: USN-6842-1: gdb vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6842-1
Priorities: low
Description:
It was discovered that gdb incorrectly handled certain memory operations
when parsing an ELF file. An attacker could possibly use this issue
to cause a denial of service. This issue is the result of an
incomplete fix for CVE-2020-16599. This issue only affected
Ubuntu 22.04 LTS. (CVE-2022-4285)

It was discovered that gdb incorrectly handled memory leading
to a heap based buffer overflow. An attacker could use this
issue to cause a denial of service, or possibly execute
arbitrary code. This issue only affected Ubuntu 22.04 LTS.
(CVE-2023-1972)

It was discovered that gdb incorrectly handled memory leading
to a stack overflow. An attacker could possibly use this issue
to cause a denial of service. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
(CVE-2023-39128)

It was discovered that gdb had a use after free vulnerability
under certain circumstances. An attacker could use this to cause
a denial of service or possibly execute arbitrary code. This issue
only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS
and Ubuntu 22.04 LTS. (CVE-2023-39129)

It was discovered that gdb incorrectly handled memory leading to a
heap based buffer overflow. An attacker could use this issue to cause
a denial of service, or possibly execute arbitrary code. This issue
only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.
(CVE-2023-39130)
CVEs:

Title: USN-6809-1: BlueZ vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6809-1
Priorities: low,medium
Description:
It was discovered that BlueZ could be made to dereference invalid memory.
An attacker could possibly use this issue to cause a denial of service.
This issue only affected Ubuntu 22.04 LTS. (CVE-2022-3563)

It was discovered that BlueZ could be made to write out of bounds. If a
user were tricked into connecting to a malicious device, an attacker could
possibly use this issue to cause a denial of service or execute arbitrary
code. (CVE-2023-27349)
CVEs:

Title: USN-6846-1: Ansible vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6846-1
Priorities: medium
Description:
It was discovered that Ansible incorrectly handled certain inputs when using
tower_callback parameter. If a user or an automated system were tricked into
opening a specially crafted input file, a remote attacker could possibly use
this issue to obtain sensitive information. This issue only affected Ubuntu
18.04 LTS, Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS. (CVE-2022-3697)

It was discovered that Ansible incorrectly handled certain inputs. If a user or
an automated system were tricked into opening a specially crafted input file, a
remote attacker could possibly use this issue to perform a Template Injection.
(CVE-2023-5764)
CVEs:

Title: USN-6854-1: OpenSSL vulnerability
URL: https://ubuntu.com/security/notices/USN-6854-1
Priorities: medium
Description:
It was discovered that OpenSSL failed to choose an appropriately short
private key size when computing shared-secrets in the Diffie-Hellman Key
Agreement Protocol. A remote attacker could possibly use this issue to cause
OpenSSL to consume resources, resulting in a denial of service.
CVEs:

Title: USN-6851-1: Netplan vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6851-1
Priorities: medium
Description:
Andreas Hasenack discovered that netplan incorrectly handled the permissions
for netdev files containing wireguard configuration. An attacker could use this to obtain
wireguard secret keys.

It was discovered that netplan configuration could be manipulated into injecting
arbitrary commands while setting up network interfaces. An attacker could
use this to execute arbitrary commands or escalate privileges.
CVEs:

Title: USN-6822-1: Node.js vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6822-1
Priorities: medium
Description:
It was discovered that Node.js incorrectly handled certain inputs when it is
using the policy mechanism. If a user or an automated system were tricked into
opening a specially crafted input file, a remote attacker could possibly use
this issue to bypass the policy mechanism. (CVE-2023-32002, CVE-2023-32006)

It was discovered that Node.js incorrectly handled certain inputs when it is
using the policy mechanism. If a user or an automated system were tricked into
opening a specially crafted input file, a remote attacker could possibly use
this issue to perform a privilege escalation. (CVE-2023-32559)
CVEs:

Title: USN-6800-1: browserify-sign vulnerability
URL: https://ubuntu.com/security/notices/USN-6800-1
Priorities: medium
Description:
It was discovered that browserify-sign incorrectly handled an upper bound check
in signature verification. If a user or an automated system were tricked into
opening a specially crafted input file, a remote attacker could possibly use
this issue to perform a signature forgery attack.
CVEs:

Title: LSN-0104-1: Kernel Live Patch Security Notice
URL: https://ubuntu.com/security/notices/LSN-0104-1
Priorities: high
Description:
It was discovered that the ATA over Ethernet (AoE) driver in the Linux
kernel contained a race condition, leading to a use-after-free
vulnerability. An attacker could use this to cause a denial of service or
possibly execute arbitrary code.(CVE-2023-6270)

It was discovered that a race condition existed in the AppleTalk networking
subsystem of the Linux kernel, leading to a use-after-free vulnerability. A
local attacker could use this to cause a denial of service (system crash)
or possibly execute arbitrary code.(CVE-2023-51781)

In the Linux kernel, the following vulnerability has been
resolved: netfilter: nft_set_rbtree: skip end interval element from gc
rbtree lazy gc on insert might collect an end interval element that has
been just added in this transactions, skip end interval elements that are
not yet active.(CVE-2024-26581)

In the Linux kernel, the following vulnerability has been
resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable
rmnet_link_ops assign a bigger maxtype which leads to a global out-of-
bounds read when parsing the netlink attributes.(CVE-2024-26597)
CVEs:

Read more

Contributors

selzoc
Assets 2
Loading

ubuntu jammy v1.465

04 Jun 18:42
@cf-bosh-ci-bot cf-bosh-ci-bot
ubuntu-jammy/v1.465
6f2bc72
Compare
Choose a tag to compare
ubuntu jammy v1.465

Full Changelog: ubuntu-jammy/v1.351...ubuntu-jammy/v1.465

[Bug] vSphere stemcell with IPv6 will be unresponsive; as a workaround, use stemcell 1.445. This is caused by the introduction of EFI partition which moved the location of the grub.cfg file whose modification is a requirement for IPv6.

Metadata:

BOSH Agent Version: 2.653.0
Kernel Version: 5.15.0.107.107

USNs:

Title: USN-6792-1: Flask-Security vulnerability
URL: https://ubuntu.com/security/notices/USN-6792-1
Priorities: medium
Description:
Naom Moshe discovered that Flask-Security incorrectly validated URLs. An attacker could use this issue to redirect users to arbitrary URLs.
CVEs:

Title: USN-6786-1: Netatalk vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6786-1
Priorities: medium
Description:
It was discovered that Netatalk did not properly protect an SMB and AFP
default configuration. A remote attacker could possibly use this issue to
execute arbitrary code.
CVEs:

Title: USN-6772-1: strongSwan vulnerability
URL: https://ubuntu.com/security/notices/USN-6772-1
Priorities: medium
Description:
Jan Schermer discovered that strongSwan incorrectly validated client
certificates in certain configurations. A remote attacker could possibly
use this issue to bypass access controls.
CVEs:

Title: USN-6797-1: Intel Microcode vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6797-1
Priorities: medium
Description:
It was discovered that some 3rd and 4th Generation Intel® Xeon® Processors
did not properly restrict access to certain hardware features when using
Intel® SGX or Intel® TDX. This may allow a privileged local user to
potentially further escalate their privileges on the system. This issue only
affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and
Ubuntu 16.04 LTS. (CVE-2023-22655)

It was discovered that some Intel® Atom® Processors did not properly clear
register state when performing various operations. A local attacker could
use this to obtain sensitive information via a transient execution attack.
This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS,
Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2023-28746)

It was discovered that some Intel® Processors did not properly clear the
state of various hardware structures when switching execution contexts. A
local attacker could use this to access privileged information. This issue only
affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and
Ubuntu 16.04 LTS. (CVE-2023-38575)

It was discovered that some Intel® Processors did not properly enforce bus
lock regulator protections. A remote attacker could use this to cause a
denial of service. This issue only affected Ubuntu 23.10, Ubuntu 22.04 LTS,
Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and Ubuntu 16.04 LTS. (CVE-2023-39368)

It was discovered that some Intel® Xeon® D Processors did not properly
calculate the SGX base key when using Intel® SGX. A privileged local
attacker could use this to obtain sensitive information. This issue only
affected Ubuntu 23.10, Ubuntu 22.04 LTS, Ubuntu 20.04 LTS, Ubuntu 18.04 LTS and
Ubuntu 16.04 LTS. (CVE-2023-43490)

It was discovered that some Intel® Processors did not properly protect against
concurrent accesses. A local attacker could use this to obtain sensitive
information. (CVE-2023-45733)

It was discovered that some Intel® Processors TDX module software did not
properly validate input. A privileged local attacker could use this information
to potentially further escalate their privileges on the system.
(CVE-2023-45745, CVE-2023-47855)

It was discovered that some Intel® Core™ Ultra processors did not properly
handle particular instruction sequences. A local attacker could use this
issue to cause a denial of service. (CVE-2023-46103)
CVEs:

Title: USN-6774-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6774-1
Priorities: low,high,medium
Description:
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux
kernel contained a race condition during device removal, leading to a use-
after-free vulnerability. A physically proximate attacker could possibly
use this to cause a denial of service (system crash). (CVE-2023-47233)

Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida
discovered that the Linux kernel mitigations for the initial Branch History
Injection vulnerability (CVE-2022-0001) were insufficient for Intel
processors. A local attacker could potentially use this to expose sensitive
information. (CVE-2024-2201)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

Title: USN-6795-1: Linux kernel (Intel IoTG) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6795-1
Priorities: low,medium,high,negligible
Description:
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux
kernel contained a race condition during device removal, leading to a use-
after-free vulnerability. A physically proximate attacker could possibly
use this to cause a denial of service (system crash). (CVE-2023-47233)

It was discovered that the Open vSwitch implementation in the Linux kernel
could overflow its stack during recursive action operations under certain
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-1151)

Sander Wiebing, Alvise de Faveri Tron, Herbert Bos, and Cristiano Giuffrida
discovered that the Linux kernel mitigations for the initial Branch History
Injection vulnerability (CVE-2022-0001) were insufficient for Intel
processors. A local attacker could potentially use this to expose sensitive
information. (CVE-2024-2201)

Chenyuan Yang discovered that the RDS Protocol implementation in the Linux
kernel contained an out-of-bounds read vulnerability. An attacker could use
this to possibly cause a denial of service (system crash). (CVE-2024-23849)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

  • PowerPC architecture;
  • S390 architecture;
  • Core kernel;
  • Block layer subsystem;
  • Android drivers;
  • Power management core;
  • Bus devices;
  • Hardware random number generator core;
  • Cryptographic API;
  • Device frequency;
  • DMA engine subsystem;
  • ARM SCMI message protocol;
  • GPU drivers;
  • HID subsystem;
  • Hardware monitoring drivers;
  • I2C subsystem;
  • IIO ADC drivers;
  • IIO subsystem;
  • IIO Magnetometer sensors drivers;
  • InfiniBand drivers;
  • Media drivers;
  • Network drivers;
  • PCI driver for MicroSemi Switchtec;
  • PHY drivers;
  • SCSI drivers;
  • DesignWare USB3 driver;
  • BTRFS file system;
  • Ceph distributed file system;
  • Ext4 file system;
  • F2FS file system;
  • JFS file system;
  • NILFS2 file system;
  • NTFS3 file system;
  • Pstore file system;
  • SMB network file system;
  • Memory management;
    ...
Read more
Assets 2
Loading

ubuntu jammy v1.445

14 May 02:58
@cf-bosh-ci-bot cf-bosh-ci-bot
ubuntu-jammy/v1.445
af1c99d
Compare
Choose a tag to compare
ubuntu jammy v1.445

Metadata:

BOSH Agent Version: 2.648.0
Kernel Version: 5.15.0.107.107

USNs:

Title: USN-6757-2: PHP vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6757-2
Priorities: low,medium
Description:
USN-6757-1 fixed vulnerabilities in PHP. Unfortunately these fixes were incomplete for
Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, and Ubuntu 23.10. This update fixes the problem.

Original advisory details:

It was discovered that PHP incorrectly handled PHP_CLI_SERVER_WORKERS variable.
An attacker could possibly use this issue to cause a crash or execute
arbitrary code. This issue only affected Ubuntu 20.04 LTS, and
Ubuntu 22.04 LTS. (CVE-2022-4900)

It was discovered that PHP incorrectly handled certain cookies.
An attacker could possibly use this issue to cookie by pass.
(CVE-2024-2756)

It was discovered that PHP incorrectly handled some passwords.
An attacker could possibly use this issue to cause an account takeover
attack. (CVE-2024-3096)
CVEs:

Title: USN-6764-1: libde265 vulnerability
URL: https://ubuntu.com/security/notices/USN-6764-1
Priorities: medium
Description:
It was discovered that libde265 could be made to allocate memory that
exceeds the maximum supported size. If a user or automated system were
tricked into opening a specially crafted file, an attacker could possibly
use this issue to cause a denial of service.
CVEs:

Assets 2
Loading

ubuntu jammy v1.439

07 May 23:14
@cf-bosh-ci-bot cf-bosh-ci-bot
ubuntu-jammy/v1.439
f016795
Compare
Choose a tag to compare
ubuntu jammy v1.439

Metadata:

BOSH Agent Version: 2.648.0
Kernel Version: 5.15.0.105.102

USNs:

Title: USN-6754-1: nghttp2 vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6754-1
Priorities: medium
Description:
It was discovered that nghttp2 incorrectly handled the HTTP/2
implementation. A remote attacker could possibly use this issue to cause
nghttp2 to consume resources, leading to a denial of service. This issue
only affected Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. (CVE-2019-9511,
CVE-2019-9513)

It was discovered that nghttp2 incorrectly handled request cancellation. A
remote attacker could possibly use this issue to cause nghttp2 to consume
resources, leading to a denial of service. This issue only affected Ubuntu
16.04 LTS and Ubuntu 18.04 LTS. (CVE-2023-44487)

It was discovered that nghttp2 could be made to process an unlimited number
of HTTP/2 CONTINUATION frames. A remote attacker could possibly use this
issue to cause nghttp2 to consume resources, leading to a denial of
service. (CVE-2024-28182)
CVEs:

Title: USN-6730-1: Apache Maven Shared Utils vulnerability
URL: https://ubuntu.com/security/notices/USN-6730-1
Priorities: medium
Description:
It was discovered that Apache Maven Shared Utils did not handle double-quoted
strings properly, allowing shell injection attacks. This could allow an
attacker to run arbitrary code.
CVEs:

Title: USN-6758-1: JSON5 vulnerability
URL: https://ubuntu.com/security/notices/USN-6758-1
Priorities: medium
Description:
It was discovered that the JSON5 parse method incorrectly handled the parsing
of keys named __proto__. An attacker could possibly use this issue to pollute
the prototype of the returned object, setting arbitrary or unexpected keys, and
cause a denial of service, allow unintended access to network services or have
other unspecified impact, depending on the application's use of the module.
CVEs:

Title: USN-6725-1: Linux kernel vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6725-1
Priorities: medium,low,high
Description:
Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel
did not properly validate certain data structure fields when parsing lease
contexts, leading to an out-of-bounds read vulnerability. A remote attacker
could use this to cause a denial of service (system crash) or possibly
expose sensitive information. (CVE-2023-1194)

Quentin Minster discovered that a race condition existed in the KSMBD
implementation in the Linux kernel, leading to a use-after-free
vulnerability. A remote attacker could use this to cause a denial of
service (system crash) or possibly execute arbitrary code. (CVE-2023-32254)

It was discovered that a race condition existed in the KSMBD implementation
in the Linux kernel when handling session connections, leading to a use-
after-free vulnerability. A remote attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-32258)

It was discovered that the KSMBD implementation in the Linux kernel did not
properly validate buffer sizes in certain operations, leading to an integer
underflow and out-of-bounds read vulnerability. A remote attacker could use
this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2023-38427)

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel
did not properly validate SMB request protocol IDs, leading to a out-of-
bounds read vulnerability. A remote attacker could possibly use this to
cause a denial of service (system crash). (CVE-2023-38430)

Chih-Yen Chang discovered that the KSMBD implementation in the Linux kernel
did not properly validate packet header sizes in certain situations,
leading to an out-of-bounds read vulnerability. A remote attacker could use
this to cause a denial of service (system crash) or possibly expose
sensitive information. (CVE-2023-38431)

It was discovered that the KSMBD implementation in the Linux kernel did not
properly handle session setup requests, leading to an out-of-bounds read
vulnerability. A remote attacker could use this to expose sensitive
information. (CVE-2023-3867)

Pratyush Yadav discovered that the Xen network backend implementation in
the Linux kernel did not properly handle zero length data request, leading
to a null pointer dereference vulnerability. An attacker in a guest VM
could possibly use this to cause a denial of service (host domain crash).
(CVE-2023-46838)

It was discovered that the IPv6 implementation of the Linux kernel did not
properly manage route cache memory usage. A remote attacker could use this
to cause a denial of service (memory exhaustion). (CVE-2023-52340)

It was discovered that the device mapper driver in the Linux kernel did not
properly validate target size during certain memory allocations. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-52429, CVE-2024-23851)

Yang Chaoming discovered that the KSMBD implementation in the Linux kernel
did not properly validate request buffer sizes, leading to an out-of-bounds
read vulnerability. An attacker could use this to cause a denial of service
(system crash) or possibly expose sensitive information. (CVE-2024-22705)

Chenyuan Yang discovered that the btrfs file system in the Linux kernel did
not properly handle read operations on newly created subvolumes in certain
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-23850)

It was discovered that a race condition existed in the Bluetooth subsystem
in the Linux kernel, leading to a null pointer dereference vulnerability. A
privileged local attacker could use this to possibly cause a denial of
service (system crash). (CVE-2024-24860)

Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:

Read more
Assets 2
Loading

ubuntu jammy v1.423

08 Apr 21:59
@cf-bosh-ci-bot cf-bosh-ci-bot
ubuntu-jammy/v1.423
599a687
Compare
Choose a tag to compare
ubuntu jammy v1.423

Metadata:

BOSH Agent Version: 2.646.0
Kernel Version: 5.15.0.101.98

USNs:

Title: USN-6695-1: TeX Live vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6695-1
Priorities: low,medium
Description:
It was discovered that TeX Live incorrectly handled certain memory
operations in the embedded axodraw2 tool. An attacker could possibly use
this issue to cause TeX Live to crash, resulting in a denial of service.
This issue only affected Ubuntu 20.04 LTS. (CVE-2019-18604)

It was discovered that TeX Live allowed documents to make arbitrary
network requests. If a user or automated system were tricked into opening a
specially crafted document, a remote attacker could possibly use this issue
to exfiltrate sensitive information, or perform other network-related
attacks. This issue only affected Ubuntu 20.04 LTS, and Ubuntu 22.04 LTS.
(CVE-2023-32668)

It was discovered that TeX Live incorrectly handled certain TrueType fonts.
If a user or automated system were tricked into opening a specially crafted
TrueType font, a remote attacker could use this issue to cause TeX Live to
crash, resulting in a denial of service, or possibly execute arbitrary
code. (CVE-2024-25262)
CVEs:

Title: USN-6705-1: Linux kernel (AWS) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6705-1
Priorities: low,medium,high
Description:
It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the
Linux kernel did not properly handle certain error conditions during device
registration. A local attacker could possibly use this to cause a denial of
service (system crash). (CVE-2023-22995)

It was discovered that the NVIDIA Tegra XUSB pad controller driver in the
Linux kernel did not properly handle return values in certain error
conditions. A local attacker could use this to cause a denial of service
(system crash). (CVE-2023-23000)

Quentin Minster discovered that the KSMBD implementation in the Linux
kernel did not properly handle session setup requests. A remote attacker
could possibly use this to cause a denial of service (memory exhaustion).
(CVE-2023-32247)

It was discovered that a race condition existed in the Cypress touchscreen
driver in the Linux kernel during device removal, leading to a use-after-
free vulnerability. A physically proximate attacker could use this to cause
a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-4134)

黄思聪 discovered that the NFC Controller Interface (NCI) implementation in
the Linux kernel did not properly handle certain memory allocation failure
conditions, leading to a null pointer dereference vulnerability. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-46343)

It was discovered that the io_uring subsystem in the Linux kernel contained
a race condition, leading to a null pointer dereference vulnerability. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-46862)

It was discovered that a race condition existed in the Bluetooth subsystem
of the Linux kernel, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-51779)

It was discovered that a race condition existed in the Rose X.25 protocol
implementation in the Linux kernel, leading to a use-after- free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-51782)

Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel
did not properly handle connect command payloads in certain situations,
leading to an out-of-bounds read vulnerability. A remote attacker could use
this to expose sensitive information (kernel memory). (CVE-2023-6121)

It was discovered that the VirtIO subsystem in the Linux kernel did not
properly initialize memory in some situations. A local attacker could use
this to possibly expose sensitive information (kernel memory).
(CVE-2024-0340)

Dan Carpenter discovered that the netfilter subsystem in the Linux kernel
did not store data in properly sized memory locations. A local user could
use this to cause a denial of service (system crash). (CVE-2024-0607)

Lonial Con discovered that the netfilter subsystem in the Linux kernel did
not properly handle element deactivation in certain cases, leading to a
use-after-free vulnerability. A local attacker could use this to cause a
denial of service (system crash) or possibly execute arbitrary code.
(CVE-2024-1085)

Notselwyn discovered that the netfilter subsystem in the Linux kernel did
not properly handle verdict parameters in certain cases, leading to a use-
after-free vulnerability. A local attacker could use this to cause a denial
of service (system crash) or possibly execute arbitrary code.
(CVE-2024-1086)

It was discovered that a race condition existed in the SCSI Emulex
LightPulse Fibre Channel driver in the Linux kernel when unregistering FCF
and re-scanning an HBA FCF table, leading to a null pointer dereference
vulnerability. A local attacker could use this to cause a denial of service
(system crash). (CVE-2024-24855)
CVEs:

Title: USN-6686-4: Linux kernel (KVM) vulnerabilities
URL: https://ubuntu.com/security/notices/USN-6686-4
Priorities: low,medium
Description:
It was discovered that the DesignWare USB3 for Qualcomm SoCs driver in the
Linux kernel did not properly handle certain error conditions during device
registration. A local attacker could possibly use this to cause a denial of
service (system crash). (CVE-2023-22995)

It was discovered that a race condition existed in the Cypress touchscreen
driver in the Linux kernel during device removal, leading to a use-after-
free vulnerability. A physically proximate attacker could use this to cause
a denial of service (system crash) or possibly execute arbitrary code.
(CVE-2023-4134)

黄思聪 discovered that the NFC Controller Interface (NCI) implementation in
the Linux kernel did not properly handle certain memory allocation failure
conditions, leading to a null pointer dereference vulnerability. A local
attacker could use this to cause a denial of service (system crash).
(CVE-2023-46343)

It was discovered that the io_uring subsystem in the Linux kernel contained
a race condition, leading to a null pointer dereference vulnerability. A
local attacker could use this to cause a denial of service (system crash).
(CVE-2023-46862)

It was discovered that a race condition existed in the Bluetooth subsystem
of the Linux kernel, leading to a use-after-free vulnerability. A local
attacker could use this to cause a denial of service (system crash) or
possibly execute arbitrary code. (CVE-2023-51779)

It was discovered that a race condition existed in the Rose X.25 protocol
implementation in the Linux kernel, leading to a use-after- free
vulnerability. A local attacker could use this to cause a denial of service
(system crash) or possibly execute arbitrary code. (CVE-2023-51782)

Alon Zahavi discovered that the NVMe-oF/TCP subsystem of the Linux kernel
did not properly handle connect command payloads in certain situations,
leading to an out-of-bounds read vulnerability. A remote attacker could use
this to expose sensitive information (kernel memory). (CVE-2023-6121)

It was discovered that the VirtIO subsystem in the Linux kernel did not
properly initialize memory in some situations. A local attacker could use
this to possibly expose sensitive information (kernel memory).
(CVE-2024-0340)

Dan Carpenter discovered that the netfilter subsystem in the Linux kernel
did not store data in properly sized memory locations. A local user could
use this to cause a denial of service (system crash). (CVE-2024-0607)
CVEs:

Read more
Assets 2
Loading