UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
CVE CVE-2022-43249 Libde265 v1.0.8 was discovered to contain a heap-buffer-overflow vulnerability via put_epel_hv_fallback<unsigned short> in fallback-motion.cc. This v libde265 libde265 libde265 libde265
CVE CVE-2022-43245 Libde265 v1.0.8 was discovered to contain a segmentation violation via apply_sao_internal<unsigned short> in sao.cc. This vulnerability allows attack libde265 libde265 libde265 libde265
CVE CVE-2024-25062 An issue was discovered in libxml2 before 2.11.7 and 2.12.x before 2.12.5. When using the XML Reader interface with DTD validation and XInclude expan libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2 libxml2
CVE CVE-2024-0985 Late privilege drop in REFRESH MATERIALIZED VIEW CONCURRENTLY in PostgreSQL allows an object creator to execute arbitrary SQL functions as the comman postgresql-15 postgresql-15 postgresql-14 postgresql-14 postgresql-12 postgresql-12 postgresql-15 postgresql-15 postgresql-14 postgresql-14 postgresql-12 postgresql-12
Launchpad 2052850 New upstream microreleases 12.18, 14.11, 15.6 and 16.2 postgresql-15 postgresql-15 postgresql-14 postgresql-14 postgresql-12 postgresql-12 postgresql-15 postgresql-15 postgresql-14 postgresql-14 postgresql-12 postgresql-12
CVE CVE-2022-48065 GNU Binutils before 2.40 was discovered to contain a memory leak vulnerability var the function find_abstract_instance in dwarf2.c. binutils binutils binutils binutils binutils binutils binutils binutils
CVE CVE-2022-48063 GNU Binutils before 2.40 was discovered to contain an excessive memory consumption vulnerability via the function load_separate_debug_files at dwarf2 binutils binutils binutils binutils binutils binutils binutils binutils
CVE CVE-2022-47695 An issue was discovered Binutils objdump before 2.39.3 allows attackers to cause a denial of service or other unspecified impacts via function bfd_ma binutils binutils binutils binutils binutils binutils binutils binutils
CVE CVE-2023-0045 The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set  function updates the Thread linux-mtk
CVE CVE-2023-1829 A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege escalation. The linux-mtk
CVE CVE-2023-1872 A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The io_file_get_fixed fun linux-mtk
CVE CVE-2023-3090 A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation. The out-o linux-mtk
CVE CVE-2023-3390 A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with linux-mtk
CVE CVE-2023-3389 A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Racing a io_uring canc linux-mtk
CVE CVE-2023-3776 A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If tcf_chan linux-mtk
CVE CVE-2023-3610 A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Flaw in linux-mtk
CVE CVE-2023-3611 An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation. The linux-mtk
CVE CVE-2023-21400 In multiple functions of io_uring.c, there is a possible kernel memory corruption due to improper locking. This could lead to local escalation of pr linux-mtk
CVE CVE-2023-3609 A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation. If tcf_cha linux-mtk
CVE CVE-2023-20588 A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality. linux-mtk



About   -   Send Feedback to @ubuntu_updates