UbuntuUpdates.org

Bugs addressed in recent updates

All Launchpad Ubuntu Debian CVE

Origin Bug number Title Packages
CVE CVE-2023-45232 EDK2's Network Package is susceptible to an infinite loop vulnerability when parsing unknown options in the Destination Options header of IPv6. This edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2023-45231 EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing  Neighbor Discovery Redirect message. This vulnerabili edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2023-45229 EDK2's Network Package is susceptible to an out-of-bounds read vulnerability when processing the IA_NA or IA_TA option in a DHCPv6 Advertise message edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2023-45230 EDK2's Network Package is susceptible to a buffer overflow vulnerability via a long server ID option in DHCPv6 client. This vulnerability can be exp edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2022-36765 EDK2 is susceptible to a vulnerability in the CreateHob() function, allowing a user to trigger a integer overflow to buffer overflow via a local netw edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2022-36764 EDK2 is susceptible to a vulnerability in the Tcg2MeasurePeImage() function, allowing a user to trigger a heap buffer overflow via a local network. S edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
CVE CVE-2022-36763 EDK2 is susceptible to a vulnerability in the Tcg2MeasureGptTable() function, allowing a user to trigger a heap buffer overflow via a local network. edk2 edk2 edk2 edk2 edk2 edk2 edk2 edk2
Launchpad 2052576 GCP TDX Support linux-gcp-6.5 linux-gcp-6.5 linux-gcp-6.5 linux-gcp-6.5
Launchpad 2040059 [SRU] Sage crashes on start due to a missmatched dependency sagemath
CVE CVE-2024-20290 A vulnerability in the OLE2 file format parser of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition clamav clamav clamav clamav
Launchpad 2053072 [SRU] rebuild cd-boot-images-* packages with latest grub and shim-signed package cd-boot-images-riscv64 cd-boot-images-arm64 cd-boot-images-amd64 cd-boot-images-riscv64 cd-boot-images-arm64 cd-boot-images-amd64
Launchpad 2052362 cmake FTBFS due to test failure w/ git protocol.file.allow=user default cmake cmake cmake cmake
Launchpad 2052360 empty /proc/cpuinfo can cause segfault cmake cmake cmake cmake
Launchpad 2051270 [SRU] sysdig-dkms 0.27.1-0.3ubuntu0.2: sysdig kernel module failed to build sysdig sysdig
CVE CVE-2021-45958 UltraJSON (aka ujson) through 5.1.0 has a stack-based buffer overflow in Buffer_AppendIndentUnchecked (called from encode). Exploitation can, for exa ujson ujson
CVE CVE-2024-21404 .NET Denial of Service Vulnerability dotnet8 dotnet7 dotnet6 dotnet8 dotnet7 dotnet6 dotnet8 dotnet7 dotnet6 dotnet8 dotnet7 dotnet6
CVE CVE-2024-21386 .NET Denial of Service Vulnerability dotnet8 dotnet7 dotnet6 dotnet8 dotnet7 dotnet6 dotnet8 dotnet7 dotnet6 dotnet8 dotnet7 dotnet6
Launchpad 2052967 Provide all available pkcs11 userspace binaries for container consumption nvidia-graphics-drivers-535-server nvidia-graphics-drivers-535-server nvidia-graphics-drivers-535-server nvidia-graphics-drivers-535 nvidia-graphics-drivers-535-server nvidia-graphics-drivers-535 nvidia-graphics-drivers-535 nvidia-graphics-drivers-535-server nvidia-graphics-drivers-535 nvidia-graphics-drivers-535 nvidia-graphics-drivers-535 nvidia-graphics-drivers-535 nvidia-graphics-drivers-535 nvidia-graphics-drivers-535
CVE CVE-2024-1141 A vulnerability was found in python-glance-store. The issue occurs when the package logs the access_key for the glance-store when the DEBUG log level python-glance-store python-glance-store python-glance-store python-glance-store python-glance-store python-glance-store
CVE CVE-2024-23213 The issue was addressed with improved memory handling. This issue is fixed in watchOS 10.3, tvOS 17.3, iOS 17.3 and iPadOS 17.3, macOS Sonoma 14.3, i webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk webkit2gtk



About   -   Send Feedback to @ubuntu_updates